urlscan.io logo urlscan.io
SecurityTrails logo

usbank.crump.com Open in urlscan Pro
2606:4700:4400::6812:2342  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://usbank.crump.com/
Effective URL: https://usbank.crump.com/public/login?redirectUrl=%2f
Submission: On December 04 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 8 domains to perform 21 HTTP transactions. The main IP is 2606:4700:4400::6812:2342, located in United States and belongs to CLOUDFLARENET, US. The main domain is usbank.crump.com.
TLS certificate: Issued by E1 on December 4th 2023. Valid for: 3 months.
This is the only time usbank.crump.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    2606:4700:4400::6812:2342 (United States)

ASN13335 (CLOUDFLARENET, US)
usbank.crump.com
2    2607:f8b0:4004:c06::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2607:f8b0:4004:c08::64 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:2800:11f:17a5:191a:18d5:537:22f9 (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    20.42.73.139 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
10 crump.com
usbank.crump.com
4 MB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 786
282 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
163 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
347 B
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2370
22 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
21 8
Domain Requested by
10 usbank.crump.com 1 redirects usbank.crump.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 www.googletagmanager.com usbank.crump.com
www.googletagmanager.com
1 stats.g.doubleclick.net az416426.vo.msecnd.net
1 az416426.vo.msecnd.net usbank.crump.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com usbank.crump.com
21 8

This site contains links to these domains. Also see Links.

Domain
docs.crumplifeinsurance.com
Subject Issuer Validity Valid
usbank.crump.com
E1		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 07		 2023-09-03 -
2024-08-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://usbank.crump.com/public/login?redirectUrl=%2f
Frame ID: 7D06E462E39B28D8EA229EEBA8D87715
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://usbank.crump.com/ HTTP 302
    https://usbank.crump.com/public/login?redirectUrl=%2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

1
Countries

4587 kB
Transfer

9301 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://usbank.crump.com/ HTTP 302
    https://usbank.crump.com/public/login?redirectUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
usbank.crump.com/public/
Redirect Chain
  • https://usbank.crump.com/
  • https://usbank.crump.com/public/login?redirectUrl=%2f
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://usbank.crump.com/public/login?redirectUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2342 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e912e7bd55dab61a221045804581021a87f5859cf86f5905fb0f5d56b18f3aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-expose-headers
Request-Context
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
83041eec9e664bd2-BUF
content-encoding
gzip
content-length
6547
content-type
text/html; charset=utf-8
date
Mon, 04 Dec 2023 12:40:57 GMT
request-context
appId=cid-v1:fad85191-fca6-4369-90a2-28b3ec1f7891
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-expose-headers
Request-Context
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
83041eeb8e5d4bd2-BUF
content-length
0
date
Mon, 04 Dec 2023 12:40:57 GMT
location
/public/login?redirectUrl=%2f
request-context
appId=cid-v1:fad85191-fca6-4369-90a2-28b3ec1f7891
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
styles.css
usbank.crump.com/Content/ 		3 MB
439 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://usbank.crump.com/Content/styles.css?v=1.0.8721.29570
Requested by
Host: usbank.crump.com
URL: https://usbank.crump.com/public/login?redirectUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2342 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bb441b6c3106e2736a56838fb54f95fa8b582624025f60e594a991fc1934840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/public/login?redirectUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
request-context
appId=cid-v1:fad85191-fca6-4369-90a2-28b3ec1f7891
last-modified
Fri, 17 Nov 2023 16:24:32 GMT
server
cloudflare
etag
"0e09a8b7219da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-expose-headers
Request-Context
cache-control
public, max-age=86400
cf-ray
83041eed4e6b4bd2-BUF
expires
Tue, 05 Dec 2023 12:40:57 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2411326-18
Requested by
Host: usbank.crump.com
URL: https://usbank.crump.com/public/login?redirectUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2de02b424322a39fa2ac1290002e28649fe983bfa29661562c7f1d19101a1147
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:40:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68870
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Dec 2023 12:40:57 GMT
crump-blue.png
usbank.crump.com/globalassets/global-sites/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usbank.crump.com/globalassets/global-sites/crump-blue.png
Requested by
Host: usbank.crump.com
URL: https://usbank.crump.com/public/login?redirectUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2342 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70149fb0bed9922991e0e9c719988baacef95cd9c0d571de5c9cd25f0823c96d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/public/login?redirectUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:40:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
23173
x-xss-protection
1; mode=block
request-context
appId=cid-v1:fad85191-fca6-4369-90a2-28b3ec1f7891
last-modified
Thu, 23 Feb 2023 01:06:57 GMT
server
cloudflare
etag
"1D947231FF94E80"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-expose-headers
Request-Context
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
83041eed4e6c4bd2-BUF
expires
Tue, 05 Dec 2023 00:40:57 GMT
novemberloginimage1.jpg
usbank.crump.com/globalassets/photos/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usbank.crump.com/globalassets/photos/novemberloginimage1.jpg
Requested by
Host: usbank.crump.com
URL: https://usbank.crump.com/public/login?redirectUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2342 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da73644adc0ddab66b0c7d0bd5c021bf84e0efe3b860cb5d1c943fa7309fe4c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/public/login?redirectUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:40:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
3215766
x-xss-protection
1; mode=block
request-context
appId=cid-v1:fad85191-fca6-4369-90a2-28b3ec1f7891
last-modified
Sun, 05 Nov 2023 18:28:51 GMT
server
cloudflare
etag
"1DA1015EC8EF380"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-expose-headers
Request-Context
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
83041eed4e6d4bd2-BUF
expires
Tue, 05 Dec 2023 00:40:57 GMT
logo-crump-white.png
usbank.crump.com/globalassets/global-sites/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usbank.crump.com/globalassets/global-sites/logo-crump-white.png
Requested by
Host: usbank.crump.com
URL: https://usbank.crump.com/public/login?redirectUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2342 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
277172cecce1dd5c51dbce4f853a2aba342320ca5bb131c2137d9ea929ff4e10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/public/login?redirectUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:40:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
3019
x-xss-protection
1; mode=block
request-context
appId=cid-v1:fad85191-fca6-4369-90a2-28b3ec1f7891
last-modified
Thu, 27 Jan 2022 16:46:23 GMT
server
cloudflare
etag
"1D8139D6ACC5980"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-expose-headers
Request-Context
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
83041eeeae774bd2-BUF
expires
Tue, 05 Dec 2023 00:40:57 GMT
vendors~main.bundle.js
usbank.crump.com/Scripts/ 		2 MB
707 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usbank.crump.com/Scripts/vendors~main.bundle.js?v=1.0.8721.29570
Requested by
Host: usbank.crump.com
URL: https://usbank.crump.com/public/login?redirectUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2342 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
676e9e39a514de37017b8d09d440c4f9a55a81d93e83401f9b062481987bb495
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/public/login?redirectUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
request-context
appId=cid-v1:fad85191-fca6-4369-90a2-28b3ec1f7891
last-modified
Fri, 17 Nov 2023 16:24:32 GMT
server
cloudflare
etag
"0e09a8b7219da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=86400
cf-ray
83041eef5e7e4bd2-BUF
expires
Tue, 05 Dec 2023 12:40:57 GMT
main.bundle.js
usbank.crump.com/Scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usbank.crump.com/Scripts/main.bundle.js?v=1.0.8721.29570
Requested by
Host: usbank.crump.com
URL: https://usbank.crump.com/public/login?redirectUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2342 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e068caaeca3e04b16b1898e77935db772246e250442b75c75b7af6348e14d862
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/public/login?redirectUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-length
5155
request-context
appId=cid-v1:fad85191-fca6-4369-90a2-28b3ec1f7891
last-modified
Fri, 17 Nov 2023 16:24:32 GMT
server
cloudflare
etag
"0e09a8b7219da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
83041eef6e7f4bd2-BUF
expires
Tue, 05 Dec 2023 12:40:57 GMT
css2
fonts.googleapis.com/ 		34 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
Requested by
Host: usbank.crump.com
URL: https://usbank.crump.com/Content/styles.css?v=1.0.8721.29570
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fad08488ab9bdf68897a3a6eeb699584c94d259cf814b1f81a330964852f0274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Dec 2023 12:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 10:57:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Dec 2023 12:40:57 GMT
js
www.googletagmanager.com/gtag/ 		293 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0CZ7Q25Z3K&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2411326-18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b972370846f06c44968e249f8f519f3a28caf15c79db850918ebcafe1781275e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:40:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97101
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Dec 2023 12:40:57 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2411326-18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Dec 2023 12:26:44 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
853
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 04 Dec 2023 14:26:44 GMT
svgsheet.svg
usbank.crump.com/images/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://usbank.crump.com/images/svgsheet.svg
Requested by
Host: usbank.crump.com
URL: https://usbank.crump.com/public/login?redirectUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2342 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6003b6438869929fa2f2def8578b43741654e44c3023ac3cd28ad026ce1eb27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/public/login?redirectUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:40:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
request-context
appId=cid-v1:fad85191-fca6-4369-90a2-28b3ec1f7891
last-modified
Fri, 17 Nov 2023 16:24:32 GMT
server
cloudflare
etag
W/"0e09a8b7219da1:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-expose-headers
Request-Context
cache-control
public, max-age=86400
cf-ray
83041ef08e884bd2-BUF
expires
Tue, 05 Dec 2023 12:40:57 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://usbank.crump.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 04:26:32 GMT
x-content-type-options
nosniff
age
116065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Dec 2024 04:26:32 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: usbank.crump.com
URL: https://usbank.crump.com/public/login?redirectUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79DC) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Dec 2023 12:40:57 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1646
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (nya/79DC)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2707d5de-401e-0036-38ab-264396000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Mon, 04 Dec 2023 13:10:57 GMT
collect
www.google-analytics.com/g/ 		0
163 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0CZ7Q25Z3K&gtm=45je3bt0v9102936615&_p=1701693657669&gcd=11l1l1l1l1&dma=0&cid=2044538531.1701693658&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701693657&sct=1&seg=0&dl=https%3A%2F%2Fusbank.crump.com%2Fpublic%2Flogin%3FredirectUrl%3D%252f&dt=Login&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1045
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CZ7Q25Z3K&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 12:40:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://usbank.crump.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=594135365&t=pageview&_s=1&dl=https%3A%2F%2Fusbank.crump.com%2Fpublic%2Flogin%3FredirectUrl%3D%252f&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1486604550&gjid=2081432847&cid=2044538531.1701693658&tid=UA-2411326-18&_gid=2027622733.1701693658&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1469811860
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://usbank.crump.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 12:40:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://usbank.crump.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
95.bundle.js
usbank.crump.com/Scripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usbank.crump.com/Scripts/95.bundle.js?v=dcf1417aa1bfa2fc1ba0
Requested by
Host: usbank.crump.com
URL: https://usbank.crump.com/Scripts/main.bundle.js?v=1.0.8721.29570
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2342 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25af68ec21429bc75a5ef4ac6d177396b47291bae15b1b776dc8658befb28854
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/public/login?redirectUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-length
2614
request-context
appId=cid-v1:fad85191-fca6-4369-90a2-28b3ec1f7891
last-modified
Fri, 17 Nov 2023 16:24:32 GMT
server
cloudflare
etag
"0e09a8b7219da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
83041ef1be914bd2-BUF
expires
Tue, 05 Dec 2023 12:40:57 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2411326-18&cid=2044538531.1701693658&jid=1486604550&gjid=2081432847&_gid=2027622733.1701693658&_u=YADAAUAAAAAAACAAI~&z=178910044
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://usbank.crump.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 04 Dec 2023 12:40:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://usbank.crump.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.139 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://usbank.crump.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Mon, 04 Dec 2023 12:40:57 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.139 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7ff5a1430fd8ca0aa340731d6c40266ec3af7284d67020c869f3143049e247e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://usbank.crump.com/
accept-language
en-US,en;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
50B59B5C-706E-4DDD-AE7D-D957DB94D385
strict-transport-security
max-age=31536000
date
Mon, 04 Dec 2023 12:40:57 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0CZ7Q25Z3K&gtm=45je3bt0v9102936615&_p=1701693657669&gcd=11l1l1l1l1&dma=0&cid=2044538531.1701693658&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAI&_s=2&sid=1701693657&sct=1&seg=0&dl=https%3A%2F%2Fusbank.crump.com%2Fpublic%2Flogin%3FredirectUrl%3D%252f&dt=Login&en=scroll&epn.percent_scrolled=90&_et=5&tfd=6053
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CZ7Q25Z3K&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usbank.crump.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 12:41:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://usbank.crump.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| google_tag_manager object| google_tag_data object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga object| appInsights object| var_ns object| ajax function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime object| AI object| Microsoft function| __extends function| _endsWith

10 Cookies

Domain/Path Name / Value
usbank.crump.com/ Name: .ASPXANONYMOUS
Value: rnO-wFGz9V0SiDIZ4Au-onPnkNxpNDHhlr0xQrvCSfTZKg7qp58YKY2zx2-CvJQPXgqBoSSEoCMoZdgVWC4oJBqakYEFMT2M-8auCY3DxBRyrIeUR4AODiOUlASvKocZvpmKeOYVK_9awDJtOP7izA2
usbank.crump.com/ Name: ASP.NET_SessionId
Value: ffp245aaspvl1yk355r3oulx
.usbank.crump.com/ Name: ARRAffinity
Value: 251919b2606474bf9895de9aaf2d6e7118c57cba2b23aae0e7ddc6e8415b4a13
.usbank.crump.com/ Name: ARRAffinitySameSite
Value: 251919b2606474bf9895de9aaf2d6e7118c57cba2b23aae0e7ddc6e8415b4a13
.crump.com/ Name: _ga_0CZ7Q25Z3K
Value: GS1.1.1701693657.1.0.1701693657.0.0.0
.crump.com/ Name: _ga
Value: GA1.2.2044538531.1701693658
.crump.com/ Name: _gid
Value: GA1.2.2027622733.1701693658
.crump.com/ Name: _gat_gtag_UA_2411326_18
Value: 1
usbank.crump.com/ Name: ai_user
Value: yU5g+|2023-12-04T12:40:57.878Z
usbank.crump.com/ Name: ai_session
Value: blVS+|1701693658000.7|1701693658000.7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
usbank.crump.com
www.google-analytics.com
www.googletagmanager.com
20.42.73.139
2606:2800:11f:17a5:191a:18d5:537:22f9
2606:4700:4400::6812:2342
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::61
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::64
2607:f8b0:4004:c1b::9c
25af68ec21429bc75a5ef4ac6d177396b47291bae15b1b776dc8658befb28854
277172cecce1dd5c51dbce4f853a2aba342320ca5bb131c2137d9ea929ff4e10
2de02b424322a39fa2ac1290002e28649fe983bfa29661562c7f1d19101a1147
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5bb441b6c3106e2736a56838fb54f95fa8b582624025f60e594a991fc1934840
676e9e39a514de37017b8d09d440c4f9a55a81d93e83401f9b062481987bb495
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70149fb0bed9922991e0e9c719988baacef95cd9c0d571de5c9cd25f0823c96d
7ff5a1430fd8ca0aa340731d6c40266ec3af7284d67020c869f3143049e247e9
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
b972370846f06c44968e249f8f519f3a28caf15c79db850918ebcafe1781275e
c6003b6438869929fa2f2def8578b43741654e44c3023ac3cd28ad026ce1eb27
da73644adc0ddab66b0c7d0bd5c021bf84e0efe3b860cb5d1c943fa7309fe4c8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e068caaeca3e04b16b1898e77935db772246e250442b75c75b7af6348e14d862
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e912e7bd55dab61a221045804581021a87f5859cf86f5905fb0f5d56b18f3aad
fad08488ab9bdf68897a3a6eeb699584c94d259cf814b1f81a330964852f0274