bankfirst.com
Open in
urlscan Pro
192.124.249.117
Public Scan
Submitted URL: https://www.htbwi.com/
Effective URL: https://bankfirst.com/
Submission: On November 18 via api from US — Scanned from US
Effective URL: https://bankfirst.com/
Submission: On November 18 via api from US — Scanned from US
Summary
This website contacted 16 IPs
in 1 countries
across 12 domains to perform 78 HTTP transactions.
The main IP is 192.124.249.117, located in
Menifee, United States and
belongs to SUCURI-SEC, US.
The main domain is bankfirst.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on February 1st 2023. Valid for: a year.
This is the only time bankfirst.com was scanned on urlscan.io!
TLS certificate: Issued by Starfield Secure Certificate Authorit... on February 1st 2023. Valid for: a year.
This is the only time bankfirst.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
192.124.249.118
(Menifee, United States)
ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10118.sucuri.net
ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10118.sucuri.net
| www.htbwi.com |
46
192.124.249.117
(Menifee, United States)
ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10117.sucuri.net
ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10117.sucuri.net
| bankfirst.com |
3
23.223.209.47
(Secaucus, United States)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-209-47.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-209-47.deploy.static.akamaitechnologies.com
| use.typekit.net |
7
172.217.13.104
(United States)
ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f8.1e100.net
ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f8.1e100.net
| www.googletagmanager.com |
6
156.146.36.24
(New York, United States)
ASN60068 (CDN77 ^_^, GB)
PTR: 137173278.nyc.cdn77.com
ASN60068 (CDN77 ^_^, GB)
PTR: 137173278.nyc.cdn77.com
| cdn.userway.org |
2
66.84.146.17
(Oswego, United States)
ASN7029 (WINDSTREAM, US)
PTR: ufs-17.norlight.net
ASN7029 (WINDSTREAM, US)
PTR: ufs-17.norlight.net
| secure1.ufsdata.com |
2
66.84.146.40
(Oswego, United States)
ASN35997 (UNITED-FINANCIAL-SERVICES, US)
PTR: ufs-40.norlight.net
ASN35997 (UNITED-FINANCIAL-SERVICES, US)
PTR: ufs-40.norlight.net
| securecorp.ufsdata.com |
1
23.105.12.3
(Manassas, United States)
ASN30633 (LEASEWEB-USA-WDC, US)
PTR: vps.brownboots.com
ASN30633 (LEASEWEB-USA-WDC, US)
PTR: vps.brownboots.com
| cms.brownboots.com |
1
23.223.209.51
(Secaucus, United States)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-209-51.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-209-51.deploy.static.akamaitechnologies.com
| p.typekit.net |
2
142.250.31.156
(United States)
ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net
ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net
| stats.g.doubleclick.net |
3
172.217.13.206
(United States)
ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f14.1e100.net
ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f14.1e100.net
| www.google-analytics.com |
1
172.217.13.130
(United States)
ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net
| googleads.g.doubleclick.net |
3
23.21.145.8
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-145-8.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-145-8.compute-1.amazonaws.com
| mpsnare.iesnare.com |
1
142.251.40.227
(United States)
ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f3.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f3.1e100.net
| www.gstatic.com |
1
52.33.48.191
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-48-191.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-48-191.us-west-2.compute.amazonaws.com
| api.userway.org |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 46 |
bankfirst.com
5 redirects
bankfirst.com |
6 MB |
| 7 |
userway.org
cdn.userway.org — Cisco Umbrella Rank: 4291 api.userway.org — Cisco Umbrella Rank: 4209 |
57 KB |
| 7 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35 |
463 KB |
| 4 |
google.com
www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 157 |
2 KB |
| 4 |
ufsdata.com
secure1.ufsdata.com — Cisco Umbrella Rank: 350524 securecorp.ufsdata.com — Cisco Umbrella Rank: 436205 |
66 KB |
| 4 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 506 p.typekit.net — Cisco Umbrella Rank: 621 |
31 KB |
| 3 |
iesnare.com
mpsnare.iesnare.com — Cisco Umbrella Rank: 6259 |
21 KB |
| 3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 |
21 KB |
| 3 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 |
2 KB |
| 1 |
gstatic.com
www.gstatic.com |
187 KB |
| 1 |
brownboots.com
cms.brownboots.com — Cisco Umbrella Rank: 575134 |
20 KB |
| 1 |
htbwi.com
1 redirects
www.htbwi.com |
236 B |
| 78 | 12 |
| Domain | Requested by | |
|---|---|---|
| 46 | bankfirst.com |
5 redirects
bankfirst.com
|
| 7 | www.googletagmanager.com |
bankfirst.com
www.googletagmanager.com |
| 6 | cdn.userway.org |
bankfirst.com
cdn.userway.org |
| 3 | mpsnare.iesnare.com |
secure1.ufsdata.com
mpsnare.iesnare.com bankfirst.com |
| 3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 3 | use.typekit.net |
bankfirst.com
use.typekit.net |
| 2 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
| 2 | analytics.google.com |
www.googletagmanager.com
|
| 2 | www.google.com |
bankfirst.com
|
| 2 | securecorp.ufsdata.com |
bankfirst.com
securecorp.ufsdata.com |
| 2 | secure1.ufsdata.com |
bankfirst.com
secure1.ufsdata.com |
| 1 | api.userway.org |
cdn.userway.org
|
| 1 | www.gstatic.com |
www.google.com
|
| 1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
| 1 | p.typekit.net |
use.typekit.net
|
| 1 | cms.brownboots.com |
bankfirst.com
|
| 1 | www.htbwi.com | 1 redirects |
| 78 | 17 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| bankfirst.com Starfield Secure Certificate Authority - G2 |
2023-02-01 - 2024-02-01 |
a year | crt.sh |
| use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-21 - 2024-10-21 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
| 1667503734.rsc.cdn77.org R3 |
2023-10-10 - 2024-01-08 |
3 months | crt.sh |
| *.ufsdata.com Network Solutions RSA OV SSL CA 3 |
2023-10-12 - 2024-11-11 |
a year | crt.sh |
| *.brownboots.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-16 - 2024-02-16 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
| mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA |
2023-05-01 - 2024-05-29 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
| api.userway.org Amazon RSA 2048 M03 |
2023-09-02 - 2024-09-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://bankfirst.com/
Frame ID: 47F31F63F6EC7C575F5EEC633131782C
Requests: 78 HTTP requests in this frame
Screenshot
Page Title
Bank FirstMain Navigation Menu Toggle Button IconPlus sign iconMinus sign iconx (close) iconMagnifying glass iconEqual Housing Lender logoMember FDIC logoRight arrow iconLeft arrow iconPage URL History Show full URLs
-
https://www.htbwi.com/
HTTP 301
https://bankfirst.com/ Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Typekit
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
UserWay
(Accessibility)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.userway\.org/widget.*\.js
reCAPTCHA
(Captchas)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /recaptcha/api\.js
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
URL: https://secure1.ufsdata.com/PBI_PBI1151/Login/075901134
Title: Go to Personal Online Banking
Title: Go to Personal Online Banking
Search URL Search Domain Scan URL
URL: https://securecorp.ufsdata.com/EBC_EBC1151/Login/075901134
Title: Go to Business Online Banking
Title: Go to Business Online Banking
Search URL Search Domain Scan URL
URL: https://secure1.ufsdata.com/pbi_pbi1151/Enroll/075901134/45
Title: New User
Title: New User
Search URL Search Domain Scan URL
URL: https://secure1.ufsdata.com/PBI_PBI1151/ForgotPassword/075901134/45
Title: Forgot Password
Title: Forgot Password
Search URL Search Domain Scan URL
URL: https://securecorp.ufsdata.com/EBC_EBC1151/ForgotPassword/075901134/1
Title: Forgot Password or PINPassword/PIN
Title: Forgot Password or PINPassword/PIN
Search URL Search Domain Scan URL
URL: https://securecorp.ufsdata.com/EBC_EBC1151/PhysicalToken/LostOrDamaged/075901134/1
Title: Lost or DamagedLost/Damaged Token
Title: Lost or DamagedLost/Damaged Token
Search URL Search Domain Scan URL
URL: https://ir.bankfirst.com/corporate-profile/corporate-profile/default.aspx
Title: Shareholder Services
Title: Shareholder Services
Search URL Search Domain Scan URL
URL: https://bankfirst.mymortgage-online.com/
Title: Apply Online
Title: Apply Online
Search URL Search Domain Scan URL
URL: https://quickquote-consumer.optimalblue.com/?mobile=true&clientId=383736373031&userId=34373438303131&formId=35323531
Title: View Rates
Title: View Rates
Search URL Search Domain Scan URL
URL: https://get.adobe.com/reader/
Title: Some content requires Adobe Acrobat Reader to view.
Title: Some content requires Adobe Acrobat Reader to view.
Search URL Search Domain Scan URL
URL: https://www.facebook.com/bankfirstwi/
Search URL Search Domain Scan URL
URL: https://www.youtube.com/channel/UCFnsYzoTnzy5_sx-4OVBd1w
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/bank-first-wi/
Search URL Search Domain Scan URL
URL: https://www.instagram.com/bankfirstwi/
Search URL Search Domain Scan URL
URL: https://brownboots.com/
Title: Bank Websites
Title: Bank Websites
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.htbwi.com/
HTTP 301
https://bankfirst.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://bankfirst.com/image_resize.php?cache=1&w=210&h=140&img=https://bankfirst.com/sft1125/blogdontfallpreytothesescams.jpg HTTP 302
- https://bankfirst.com/sft1125/CACHE-210x140_blogdontfallpreytothesescams.jpg
- https://bankfirst.com/image_resize.php?cache=1&w=210&h=140&img=https://bankfirst.com/sft1125/cardmanager.jpg HTTP 302
- https://bankfirst.com/sft1125/CACHE-210x140_cardmanager.jpg
- https://bankfirst.com/image_resize.php?cache=1&w=210&h=140&img=https://bankfirst.com/sft1125/papershredevents.jpg HTTP 302
- https://bankfirst.com/sft1125/CACHE-210x140_papershredevents.jpg
- https://bankfirst.com/image_resize.php?cache=1&w=210&h=140&img=https://bankfirst.com/sft1125/savingspiggybankwithtreesgrowing.jpg HTTP 302
- https://bankfirst.com/sft1125/CACHE-210x140_savingspiggybankwithtreesgrowing.jpg
- https://bankfirst.com/image_resize.php?cache=1&w=210&h=140&img=https://bankfirst.com/sft1125/bloghowdofederalholidaysimpactmyaccounts.jpg HTTP 302
- https://bankfirst.com/sft1125/CACHE-210x140_bloghowdofederalholidaysimpactmyaccounts.jpg
78 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
bankfirst.com/ Redirect Chain
|
48 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
uhg3vmn.css
use.typekit.net/ |
3 KB 972 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bank-first-wi-2022-10-11-10-03-28-CDT.min.css
bankfirst.com/css/ |
219 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
273 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
186 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
201 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
widget.js
cdn.userway.org/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
notification.svg
bankfirst.com/images/icons/alerts/ |
506 B 742 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lock.svg
bankfirst.com/images/icons/ |
577 B 766 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bankfirst-H.svg
bankfirst.com/images/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mail.svg
bankfirst.com/images/icons/ |
441 B 714 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pin-red.svg
bankfirst.com/images/icons/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
user.svg
bankfirst.com/images/icons/ |
613 B 801 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
remoteLoginLoad
secure1.ufsdata.com/PBI_PBI1151/js/ |
535 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Remoteloginload
securecorp.ufsdata.com/EBC_EBC1151/js/ |
897 B 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CACHE-210x140_blogdontfallpreytothesescams.jpg
bankfirst.com/sft1125/ Redirect Chain
|
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CACHE-210x140_cardmanager.jpg
bankfirst.com/sft1125/ Redirect Chain
|
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CACHE-210x140_papershredevents.jpg
bankfirst.com/sft1125/ Redirect Chain
|
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CACHE-210x140_savingspiggybankwithtreesgrowing.jpg
bankfirst.com/sft1125/ Redirect Chain
|
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CACHE-210x140_bloghowdofederalholidaysimpactmyaccounts.jpg
bankfirst.com/sft1125/ Redirect Chain
|
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pin.svg
bankfirst.com/images/icons/ |
575 B 728 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
search.svg
bankfirst.com/images/icons/ |
665 B 795 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bank-first-wi-bottom-2022-10-11-10-03-28-CDT.min.js
bankfirst.com/js/ |
217 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cmsforms-v2.3.1.js
cms.brownboots.com/admin/js/ |
20 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wizard-icon-04.svg
bankfirst.com/images/icons/wizard/ |
485 B 710 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wizard-icon-05.svg
bankfirst.com/images/icons/wizard/ |
749 B 752 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bankfirstWHITE.svg
bankfirst.com/images/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
contact.svg
bankfirst.com/images/icons/ |
809 B 853 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bank.svg
bankfirst.com/images/icons/ |
504 B 717 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
newsletter.svg
bankfirst.com/images/icons/ |
769 B 843 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
facebook.svg
bankfirst.com/images/icons/social-media/ |
341 B 647 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
youtube.svg
bankfirst.com/images/icons/social-media/ |
632 B 761 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
linkedin.svg
bankfirst.com/images/icons/social-media/ |
509 B 713 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
instagram.svg
bankfirst.com/images/icons/social-media/ |
819 B 823 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-member-fdic-white.svg
bankfirst.com/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-equal-housing-lender-stacked-white.svg
bankfirst.com/images/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p.css
p.typekit.net/ |
5 B 172 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
analytics.google.com/g/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
186 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
201 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lock.svg
bankfirst.com/images/icons/ |
577 B 766 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
remoteLoginPost
secure1.ufsdata.com/PBI_PBI1151/js/ |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
remoteLoginPost
securecorp.ufsdata.com/EBC_EBC1151/js/ |
56 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/78c6b9/00000000000000007735ba1f/30/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/40bdad/00000000000000007735ba11/30/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mail.svg
bankfirst.com/images/icons/ |
441 B 714 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pin-red.svg
bankfirst.com/images/icons/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
user.svg
bankfirst.com/images/icons/ |
613 B 801 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
281 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
glyphicons-halflings-regular.woff2
bankfirst.com/fonts/bootstrap/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038027267/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wdp.js
mpsnare.iesnare.com/general5/ |
42 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/g/ |
0 169 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.js
mpsnare.iesnare.com/5.7.0/ |
505 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
time.mp3
mpsnare.iesnare.com/ |
504 B 881 B |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ |
465 KB 187 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
widget_app_base_1700141961991.js
cdn.userway.org/widgetapp/2023-11-16-13-39-21/ |
135 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ajax-loader.gif
bankfirst.com/images/slick-carousel/slick/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mortgage-loans.jpg
bankfirst.com/sft1125/ |
508 KB 509 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
relationship-managers.jpg
bankfirst.com/sft1125/ |
369 KB 369 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
homebuying-seminar.jpg
bankfirst.com/sft1125/ |
2 MB 2 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gobank.jpg
bankfirst.com/sft1125/ |
149 KB 149 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
onlinedemos-3.jpg
bankfirst.com/sft1125/ |
1 MB 1 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nofeegiftcards.jpg
bankfirst.com/sft1125/ |
592 KB 593 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
savingspiggybankwithtreesgrowing.jpg
bankfirst.com/sft1125/ |
1 MB 1 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 92 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 148 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/1038027267/ |
42 B 327 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
9F0BB9sRnl
api.userway.org/api/tunings/ |
529 B 915 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en-US.json
cdn.userway.org/widgetapp/2023-11-16-13-39-21/locales/ |
500 B 961 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
remediation-tool-free.js
cdn.userway.org/remediation/free/ |
27 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
body_wh.svg
cdn.userway.org/widgetapp/images/ |
931 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spin_wh.svg
cdn.userway.org/widgetapp/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
analytics.google.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
152 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| gaGlobal object| _userway_config object| UserWayWidgetApp object| PBI object| args object| EBC function| submitCallback function| errorCallback function| isDesktop function| inCMS function| inCMSStaging function| setDropDownMode function| checkAlertCookies function| subpageHeaderImageBg function| calloutImageBg function| slideImageBg function| wrapThumbnails function| wrapTimeline function| wrapFlexibleColumns function| recalculateFlexibleColumnWidthsInCMS function| wrapFlexibleColumnsInCMS function| automagicAccordions function| customAccordions function| parseMarkdownLinkSyntax function| generate_galleries function| displayBackToTop function| $ function| jQuery function| EvEmitter function| imagesLoaded function| Cookies function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry string| GoogleAnalyticsObject function| ga string| apikey function| validateAndView function| previous function| topOfPage function| viewPage function| reviewAnswers function| setPageNoClasses function| addNextPrevious function| buildPageMenu function| initialize function| setValidation function| otherOption function| implement function| validateCheckbox function| renderGoogleInvisibleRecaptchaShort object| GooglebQhCsO string| io_global_object_name object| IGLOO function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| TimestampCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gaplugins object| gaData function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream boolean| _userway object| recaptcha object| UserWay function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .bankfirst.com/ | Name: _ga_XXG64BT4WR Value: GS1.1.1700349871.1.0.1700349872.59.0.0 |
|
| .bankfirst.com/ | Name: _gcl_au Value: 1.1.1274498220.1700349872 |
|
| mpsnare.iesnare.com/ | Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: aSnbH7UlFjkYfcEqB6R9qAg20b7Jkc5u1rvkZyMSmAQ= |
|
| .bankfirst.com/ | Name: _ga_ZL2QH3ZKZT Value: GS1.1.1700349872.1.0.1700349872.0.0.0 |
|
| .bankfirst.com/ | Name: _ga Value: GA1.2.660706504.1700349872 |
|
| .bankfirst.com/ | Name: _gid Value: GA1.2.654635775.1700349873 |
|
| .bankfirst.com/ | Name: _gat_gtag_UA_75526218_1 Value: 1 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | upgrade-insecure-requests; |
| Strict-Transport-Security | max-age=31536000 |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
api.userway.org
bankfirst.com
cdn.userway.org
cms.brownboots.com
googleads.g.doubleclick.net
mpsnare.iesnare.com
p.typekit.net
secure1.ufsdata.com
securecorp.ufsdata.com
stats.g.doubleclick.net
use.typekit.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.htbwi.com
142.250.31.156
142.251.40.227
156.146.36.24
172.217.13.104
172.217.13.130
172.217.13.132
172.217.13.206
192.124.249.117
192.124.249.118
216.239.34.181
23.105.12.3
23.21.145.8
23.223.209.47
23.223.209.51
52.33.48.191
66.84.146.17
66.84.146.40
0117e0b72be64563454b89406b1fbd25a2b314d4eb680c73ea9207e146267139
0450ac3b06650bbf9edf6f140752292cc14569d224e70a6060dfed5a4b72f730
06309617833953d3ad57827d88a7f594681e15a28fc450969ab539698851a767
0ba0e80c0b144fd052be46d8314d995b5c9bdf3369527dd1d6c6ae8fa2cb987c
0f9db73b07a49d10b59446432930374729524d2bc7951c3d844e4e928f0ca7fb
11c42f8bd0fd29758b83338a43a7f7810cbf9bc4ad3ced14501f09ad1f98dd07
1bdce6de49f9aa0d63520a1129c63d878ff636f5b0963fbcaa0462f3036e11d5
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f094b706a57b8a9ac6a19bc67932cfb9edcac00f12f4722e4b70451368d7ca4
1f296e86bcfba3babd50caea8f041062a41de3615f94b91f7e732d6253320053
23c7ff5a31266f6b165c7afceaabe4c0fba59fddca387ef20632db173c37fe26
2a14de6b74af66eab0e5fdca3b90ac4e3cf37795e4e09f78283c84e023a7730b
2d8835bced796b5aeaacf7c8c9db998e120a80ab4e370b7eda8bdde81c98569b
332db3622b823b214577545022fa4abe57081e5976f25309440632a44b78fe26
47be614db11f044472196d86ebbdbae0e92d4ef3593c573858b0b71decb5ef29
481d1676a7f10545b8a36faeb263acd09e4181b8a5ff93e140fae5398f7b213c
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
4b1c0a6b0b8e02ef7130759bbef3f2892a99534d76a2da38c54ecfc9c8deb770
4b4f551c699a40216c8dd2d1e829d82de7ec76427bfb418b364bb1fb24fc392c
506dd003c664172a759321a4279d9cd85e9c1cf0993bc41fcefaf6a02c12b50f
528cdffd40e518bf329facf451aa87b8248674257e021840d4b25010daa84dc7
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
603244336c5806cb495c4291e959b4051a2ee482f82aba01b2808136db82a14d
6b13a0c82f9a2244adf1776c46621e9002826b976c370c2968c128e571234451
6b7ffe6af4ceb04ef3e1a403bbbd9b0fc7ae278143fae73f4f4d26dc629e7251
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d3e57efda8fa52d9d387f61bcde0082caa7cbab042295be83d3dda32238f1c6
71d22aca8b732b4a87ad15d974911f6911d5e65bba2415107b533530fe320ac5
720c3cc2a693b9a7eb522358d6e5feee316d3af69a7ef8a4f56bea6deb836158
7a441e3ff7c60807aa087a717dc9e394e6c0a602db288ee8ef947b6a41daaa83
7bdfa714cfdc51a3b5b46cbe877c0dfe9f255f3874f38728592ce8157dffd195
7eca9ddeb4447dc109f67931551c6a4c04092c055db42d12761cfd111d35490e
7f2e2714579a69e34bcba270bda00fdd56792c49f14e59dd5941d4ba957af180
810a00b86d39562c3a10e9d1d24adcf21fc0c016245fc139312adeddcf8ed837
8198164e7954ba920b039bfa58214b95a3c540b716a50e2223948498e979122f
82fc6fdca0f608870cf813d5e87b63efa492e50bc34b83a782b18c3f29ea6485
9176c9cde121b874ecb2c2f785ee3b69dc4d36f7f5fc9f6148bc6817ab34982a
9488e59a65766c0ea24d5bb1ae5f52d9c0c2ed5983eef0275e3c7fb2f514f981
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
9dfce5b1bc17817db79b15b49af343ee4dc27fac776741a95f66eb03d5e2f3e7
9e58bb34c7ab0f3668b74ce53a33f7ff288500dea521622e4e58a5089f4662a5
a08be9ca498e72e77071c6a3e9e1140314c747b594ed5798be94c428884725a2
a25e268fe2641b4a517b9b61ea20da10a80e75f1c3f5c10a10756dd1569916e8
a4acbd7533442a388a2d5882b496eebc6d09f2ff752a2ad2e7c4cd03d5033a2e
a592c1ca5cbcbd1c2a9e5c67707b9bf849cb8331546cb7db2da9b4f1963982cc
a6b9562ddd8c1513c3a8383670a7c1b4ec7185b53c156c74ee17c483dfb77237
a71f51da5ba2b19ff2b4227a83b5b0074c2e88fee95ed92759265ff066ddbdc8
afe12a62f45dc60600e054171fc7a7356af84ea1072b10d42a3fa2f7510de3ff
b33b6574cc52a918647342943d953291dd2eaa7d8fda8bf58f49511e2190b4bb
ba5781166e4e381ebb3bc31c651806170352bdce0933e1ea8a3715f7c6870a41
bab824d761f413cead829bb91421a36884b3f908a5d86438b7df65e8336dcd2d
bd9eb97025924fc91921a5d51a7834ee22e1a603d6b8206591ca0b9901381849
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c7f5cbce91645186d42731997c7b97b741e0c8df16fb7bbb271d349288be70e7
c83821f5db30372d0527147f4329ae87971a60492c1c131c8ba69e2cf397d9d1
dabac3e003cad5dbbb00359833162d77ff012a04b4e4ec32f7105dc6b641a0a7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e7f1cdc3fd6e1625f805083057d021271073747a7d720f76f534a8d559f87111
e943bfeeebd03ac4ef3ce2db96d5f312cc5aa6d401490c8c79c1222b1ee738d2
ef0ad941c581f34ac52a217b89c2c26b90b2a18574dafd1a889e3ec27e84e310
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09d3a3eba8574d66c45cda2111e9916360f93ff3b062f9b9d91977a2d97bce4
f8e1f1304459dcadae53ed4cfeaa1d5d5084df5beeb1ad37f8ec3dd7858ca4a0
fd8ebe55f7236f92e28874a96b10035874dd77db86cb4d2e547d1efcb8e6946d
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
feb0f92a9bbd1b2a099d1c0e4c5a6dc3b74eadd15f74afe77f4100c40b045803
ff51d2e46b01dda459e7b3c83e23dc4727ae6a8dc8f60bd6860806a3a0daab9d