www.bairdwealth.com
Open in
urlscan Pro
2606:4700:4400::ac40:9009
Public Scan
Effective URL: https://www.bairdwealth.com/
Submission: On October 01 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global CA G2 on January 3rd 2022. Valid for: a year.
This is the only time www.bairdwealth.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com | |
ka-p.fontawesome.com |
ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-96.fra56.r.cloudfront.net
static.hotjar.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
us-central1-adaptive-growth.cloudfunctions.net |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net
script.hotjar.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-29.fra60.r.cloudfront.net
vars.hotjar.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com | |
www.linkedin.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-157-40.eu-west-1.compute.amazonaws.com
in.hotjar.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-93-54.eu-west-1.compute.amazonaws.com
ws16.hotjar.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
bairdwealth.com
1 redirects
bairdwealth.com — Cisco Umbrella Rank: 979642 www.bairdwealth.com |
16 MB |
11 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1515 ka-p.fontawesome.com — Cisco Umbrella Rank: 3765 |
22 KB |
8 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 448 p.typekit.net — Cisco Umbrella Rank: 588 |
146 KB |
5 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 595 script.hotjar.com — Cisco Umbrella Rank: 767 vars.hotjar.com — Cisco Umbrella Rank: 889 in.hotjar.com — Cisco Umbrella Rank: 1682 ws16.hotjar.com — Cisco Umbrella Rank: 59266 |
70 KB |
4 |
linkedin.com
3 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 365 www.linkedin.com — Cisco Umbrella Rank: 625 px4.ads.linkedin.com — Cisco Umbrella Rank: 6161 |
3 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28 |
20 KB |
2 |
visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 802 |
281 B |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 114 |
222 B |
2 |
cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2597 |
|
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151 |
111 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64 |
139 KB |
2 |
rwbaird.com
2 redirects
www.rwbaird.com — Cisco Umbrella Rank: 535951 |
534 B |
2 |
hilliard.com
2 redirects
www.hilliard.com |
402 B |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 6301 |
548 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
548 B |
1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 |
2 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 129 |
15 KB |
1 |
pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 2527 |
6 KB |
1 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 758 |
3 KB |
1 |
msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 1957 |
22 KB |
1 |
episerver.net
dl.episerver.net — Cisco Umbrella Rank: 13340 |
2 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 663 |
30 KB |
62 | 22 |
Domain | Requested by | |
---|---|---|
15 | www.bairdwealth.com |
www.bairdwealth.com
|
10 | ka-p.fontawesome.com |
kit.fontawesome.com
www.bairdwealth.com |
7 | use.typekit.net |
www.bairdwealth.com
use.typekit.net |
3 | www.google-analytics.com |
www.googletagmanager.com
az416426.vo.msecnd.net www.bairdwealth.com |
2 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
2 | www.facebook.com |
www.bairdwealth.com
|
2 | px.ads.linkedin.com | 2 redirects |
2 | us-central1-adaptive-growth.cloudfunctions.net |
cdn.pdst.fm
|
2 | connect.facebook.net |
www.bairdwealth.com
connect.facebook.net |
2 | www.googletagmanager.com |
www.bairdwealth.com
www.googletagmanager.com |
2 | www.rwbaird.com | 2 redirects |
2 | www.hilliard.com | 2 redirects |
1 | ws16.hotjar.com |
az416426.vo.msecnd.net
|
1 | in.hotjar.com |
az416426.vo.msecnd.net
|
1 | px4.ads.linkedin.com |
www.bairdwealth.com
|
1 | www.linkedin.com | 1 redirects |
1 | www.google.de |
www.bairdwealth.com
|
1 | www.google.com |
www.bairdwealth.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | cdn.pdst.fm |
www.bairdwealth.com
|
1 | snap.licdn.com |
www.bairdwealth.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | az416426.vo.msecnd.net |
www.bairdwealth.com
|
1 | p.typekit.net |
use.typekit.net
|
1 | dl.episerver.net |
www.bairdwealth.com
|
1 | kit.fontawesome.com |
www.bairdwealth.com
|
1 | code.jquery.com |
www.bairdwealth.com
|
1 | bairdwealth.com | 1 redirects |
62 | 31 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bairdwealth.com DigiCert Global CA G2 |
2022-01-03 - 2023-01-04 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-01 - 2023-01-01 |
a year | crt.sh |
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-14 - 2023-10-15 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2022-07-11 - 2023-07-11 |
a year | crt.sh |
*.hotjar.com Amazon |
2021-11-25 - 2022-12-23 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-07-10 - 2022-10-08 |
3 months | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2022-03-01 - 2023-03-01 |
a year | crt.sh |
cdn.pdst.fm GTS CA 1D4 |
2022-08-08 - 2022-11-06 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
misc.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 05 |
2022-09-07 - 2023-09-02 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.bairdwealth.com/
Frame ID: 301C4E55445B7898DCF0779B4878DF66
Requests: 59 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: C65886ECF4246DFB796380EC891EB718
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 61640E0A64847D2D9B53268C385F0E07
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Discover the Baird Difference | Baird Wealth | Private Wealth ManagementPage URL History Show full URLs
-
http://www.hilliard.com/
HTTP 302
https://www.hilliard.com/ HTTP 301
https://www.rwbaird.com/Hilliard-Lyons-to-Baird HTTP 302
https://www.rwbaird.com/404?aspxerrorpath=/Hilliard-Lyons-to-Baird HTTP 301
https://bairdwealth.com/ HTTP 301
https://www.bairdwealth.com/ Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
Linkedin Insight Tag (Analytics) Expand
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: Cookie Policy
Search URL Search Domain Scan URL
Title: Privacy Notice.
Search URL Search Domain Scan URL
Title: Baird Digest
Search URL Search Domain Scan URL
Title: Baird Careers
Search URL Search Domain Scan URL
Title: Find a Financial Advisor
Search URL Search Domain Scan URL
Title: Baird Online
Search URL Search Domain Scan URL
Title: rwbaird.com
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: Find your career
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Like Us on Facebook
Search URL Search Domain Scan URL
Title: Follow Us on Twitter
Search URL Search Domain Scan URL
Title: Join Us on LinkedIn
Search URL Search Domain Scan URL
Title: Watch Us on YouTube
Search URL Search Domain Scan URL
Title: Follow Us on Instagram
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Financial Information
Search URL Search Domain Scan URL
Title: Business Continuity
Search URL Search Domain Scan URL
Title: Safety of Client Assets
Search URL Search Domain Scan URL
Title: Member SIPC
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.hilliard.com/
HTTP 302
https://www.hilliard.com/ HTTP 301
https://www.rwbaird.com/Hilliard-Lyons-to-Baird HTTP 302
https://www.rwbaird.com/404?aspxerrorpath=/Hilliard-Lyons-to-Baird HTTP 301
https://bairdwealth.com/ HTTP 301
https://www.bairdwealth.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 55- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=894380&time=1664619768069&url=https%3A%2F%2Fwww.bairdwealth.com%2F HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D894380%26time%3D1664619768069%26url%3Dhttps%253A%252F%252Fwww.bairdwealth.com%252F%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=894380&time=1664619768069&url=https%3A%2F%2Fwww.bairdwealth.com%2F&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=894380&time=1664619768069&url=https%3A%2F%2Fwww.bairdwealth.com%2F&liSync=true&e_ipv6=AQK0UQA6Tb73UAAAAYOTEesChKMGKgYJ8xKxFGmYZuBhI74qr8McwZIp81rTOL5cGkPBWplRMI5wmw4-ONH6b5wuic-f
62 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.bairdwealth.com/ Redirect Chain
|
43 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
177292d6d8.js
kit.fontawesome.com/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nht3dko.css
use.typekit.net/ |
15 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rwbairdcorporate.css
www.bairdwealth.com/Static/core/css/ |
3 MB 645 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
baird-logo-2022.svg
www.bairdwealth.com/globalassets/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hands-holding-cellphone-bairdonline-app-1280x640.jpg
www.bairdwealth.com/globalassets/abstract/hands/ |
761 KB 762 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
retireplng-protecting-assets-1920x768.jpg
www.bairdwealth.com/globalassets/pwm-images/images-1920x768/retirement-planning/ |
738 KB 739 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
taxplng-us-capitol-1920x768.jpg
www.bairdwealth.com/globalassets/pwm-images/images-1920x768/tax-planning/ |
11 MB 11 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
strategas-homepagecarousel-1280x640-final.jpg
www.bairdwealth.com/globalassets/logos/ |
134 KB 134 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
charity-donate-sticky-note-1920x768.jpg
www.bairdwealth.com/globalassets/pwm-images/images-1920x768/charity/ |
2 MB 2 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
773888-graphic-homepage-1920x768-final.jpg
www.bairdwealth.com/globalassets/shared-carousel-blocks/ |
148 KB 148 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
go-green-2021-campaign-960x480.jpg
www.bairdwealth.com/globalassets/pwm-images/images-960x480/ |
73 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
market-strategy-strategas-1280x640.jpg
www.bairdwealth.com/contentassets/f66a1fd9190f44caa1a5846a7db6d1b8/ |
214 KB 214 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
taxplng-couple-working-on-paperwork-960x480.jpg
www.bairdwealth.com/globalassets/pwm-images/images-960x480/tax-planning/ |
276 KB 276 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search-location-light.svg
www.bairdwealth.com/siteassets/images-misc/ |
1 KB 711 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fortune-color-block-logo-1280x640.jpg
www.bairdwealth.com/globalassets/logos/ |
37 KB 37 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rwb.shared.js
www.bairdwealth.com/static/shared/dist/ |
560 KB 182 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
find.js
dl.episerver.net/13.4.8/epi-util/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 195 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
241 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/cafa63/00000000000000000001709a/27/ |
24 KB 24 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/80c5d0/00000000000000000001709c/27/ |
24 KB 24 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/c630c3/000000000000000000017098/27/ |
24 KB 24 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/a78021/0000000000000000000170ae/27/ |
24 KB 24 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/1b1b1e/00000000000000000001709e/27/ |
24 KB 24 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/d32e26/00000000000000000001709b/27/ |
24 KB 25 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro.min.js
ka-p.fontawesome.com/releases/v5.15.4/js/ |
40 KB 14 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-3012430.js
static.hotjar.com/c/ |
4 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
101 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
155 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping.min.js
cdn.pdst.fm/ |
26 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
times.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ |
605 B 407 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bars.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ |
560 B 337 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angle-right.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/light/ |
403 B 357 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angle-left.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/light/ |
398 B 331 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ |
554 B 441 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/light/ |
544 B 435 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron-double-right.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/light/ |
584 B 407 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
41 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
158956204883226
connect.facebook.net/signals/config/ |
293 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.61e17720cf639c3e96a7.js
script.hotjar.com/ |
254 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1019840774/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pause.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ |
431 B 351 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
play.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ |
328 B 343 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-69edcc3187336f9b0a3fbb4c73be9fe6.html
vars.hotjar.com/ Frame C658 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1019840774/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1019840774/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 263 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/3012430/ |
147 B 322 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 204 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
content
ws16.hotjar.com/api/v2/sites/3012430/recordings/ |
66 B 257 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
www.facebook.com/tr/ Frame 6164 |
0 18 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 281 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
73 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| dataLayer object| appInsights object| $jscomp object| $jscomp$this undefined| currentFocus object| mobileSlinky object| globalNavigation object| globalNav number| headerHeight number| stickyNav function| sticky object| sideNav object| sideNavClose object| navLinks object| sideNavTrigger object| searchTrigger object| pageHeaderSlider object| cookieModal function| autoplay object| cardSliderDefault number| windowWidth number| fixedHeader function| cash object| M object| Waves function| FindApi object| api object| FontAwesomeKitConfig object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| pdst function| onYouTubeIframeAPIReady object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome function| gtag object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| lintrk boolean| _already_called_lintrk28 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.rwbaird.com/ | Name: ARRAffinity Value: 9378064607169fe46944089b14d229f433b6a2be3178fe73767490d9e9341e5c |
|
.www.rwbaird.com/ | Name: ARRAffinitySameSite Value: 9378064607169fe46944089b14d229f433b6a2be3178fe73767490d9e9341e5c |
|
www.bairdwealth.com/ | Name: ASP.NET_SessionId Value: tnvqugfdyteovpy3ntrxn5vv |
|
.www.bairdwealth.com/ | Name: ARRAffinity Value: 136ead941a19baf9a74bd41f746b55cb14e4cf321e040e50f7bd8162d430922d |
|
.www.bairdwealth.com/ | Name: ARRAffinitySameSite Value: 136ead941a19baf9a74bd41f746b55cb14e4cf321e040e50f7bd8162d430922d |
|
www.bairdwealth.com/ | Name: ai_user Value: Xboh8|2022-10-01T10:22:47.631Z |
|
.bairdwealth.com/ | Name: _gcl_au Value: 1.1.412363571.1664619768 |
|
.bairdwealth.com/ | Name: _ga Value: GA1.2.847377382.1664619768 |
|
.bairdwealth.com/ | Name: _gid Value: GA1.2.649540474.1664619768 |
|
.bairdwealth.com/ | Name: _gat_UA-49152022-1 Value: 1 |
|
www.bairdwealth.com/ | Name: __pdst Value: 6cef9f58dd644c1ba65fc52d5d5185db |
|
www.bairdwealth.com/ | Name: ai_session Value: DQ+KV|1664619767873.1|1664619767873.1 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.bairdwealth.com/ | Name: _hjSessionUser_3012430 Value: eyJpZCI6Ijg2MzMwYWZlLTg0YzgtNWNhNy05MDYzLWFiMGZiMGMwMTQxZCIsImNyZWF0ZWQiOjE2NjQ2MTk3NjgwNDUsImV4aXN0aW5nIjpmYWxzZX0= |
|
.bairdwealth.com/ | Name: _hjFirstSeen Value: 1 |
|
www.bairdwealth.com/ | Name: _hjIncludedInSessionSample Value: 1 |
|
.bairdwealth.com/ | Name: _hjSession_3012430 Value: eyJpZCI6Ijk3ZWZiMzIzLTEwZjUtNGQ0NS1iMTM4LWNmMDUxYmI4MDg2YiIsImNyZWF0ZWQiOjE2NjQ2MTk3NjgwNzMsImluU2FtcGxlIjp0cnVlfQ== |
|
www.bairdwealth.com/ | Name: _hjIncludedInPageviewSample Value: 1 |
|
.bairdwealth.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.bairdwealth.com/ | Name: _fbp Value: fb.1.1664619768149.1966839448 |
|
.linkedin.com/ | Name: UserMatchHistory Value: AQI6NWYHseNE0gAAAYOTEemT87UAG2VnBA_7RgOn8JgL7WEwvrbvajnqO5M12ndliiP70jwLncGVrg |
|
.linkedin.com/ | Name: AnalyticsSyncHistory Value: AQLjNZWO_ne3YwAAAYOTEemTVooJF6HTi599ZEcwbyvnAWGv9mC1sh_eciS5rmW8ZgvEoD8I-tzm492QXiqrfA |
|
.ads.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
.linkedin.com/ | Name: bcookie Value: "v=2&9caa960f-c2b0-4ead-832f-68f79c03f379" |
|
.linkedin.com/ | Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2396:u=1:x=1:i=1664619768:t=1664706168:v=2:sig=AQE2zHQs_l3lOFAqYMTQ_fjlnApp-hWb" |
|
.linkedin.com/ | Name: lang Value: v=2&lang=de-de |
|
.www.linkedin.com/ | Name: bscookie Value: "v=1&20221001102248c9b32f3c-6d1f-41c4-8cee-cc3325406aa4AQEPHL-N9j6Cp1rU6gBq3Sf6gWYJvTqd" |
|
.linkedin.com/ | Name: li_gc Value: MTswOzE2NjQ2MTk3Njg7MjswMjECkkNZyde4sMtrgEbVPn4phHGKuGXJRtJZGCyQeTW0+w== |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
az416426.vo.msecnd.net
bairdwealth.com
cdn.pdst.fm
code.jquery.com
connect.facebook.net
dc.services.visualstudio.com
dl.episerver.net
googleads.g.doubleclick.net
in.hotjar.com
ka-p.fontawesome.com
kit.fontawesome.com
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
us-central1-adaptive-growth.cloudfunctions.net
use.typekit.net
vars.hotjar.com
ws16.hotjar.com
www.bairdwealth.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.hilliard.com
www.linkedin.com
www.rwbaird.com
108.138.17.96
13.107.42.14
13.69.106.88
142.250.184.194
18.66.147.29
2001:4860:4802:36::36
2001:4de0:ac18::1:a:1a
217.114.85.70
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:4400::6812:22ee
2606:4700:4400::ac40:9009
2606:4700:4400::ac40:94c3
2606:4700::6812:1634
2620:1ec:21::14
2a00:1450:4001:80b::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:830::2008
2a02:26f0:11a::6867:4868
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:14a0
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
35.244.142.80
50.59.62.180
52.210.93.54
52.222.236.74
52.30.157.40
00484fe7c5bd39aa915ecd359322c3d975ed4e636af368096118b264293e65bb
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
0beb6490d08446ceb9cb66bfe5dd622f2e22ae4edccc4d42ec11170f2719fd73
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
204f9715c5160102ee1963b4e87592d839d884a8e074c2ae19c527ec51575b70
2f9fa369f952b60a494bf9d060e626b2cb61724ebdb4f22e654a4c467575238e
3ebf0558c366a45d9c4689cbf4c91e756d467f002b72ad64b17b9f8ccb42add8
408129ff0013be34d68a5d6590b26bada5ae9237909ff3bc786b0b9384089837
47fc3ea3d19457499969b27f6edfc9633f8a6b190f6828b5e548e843b93adbb2
5026e1ba7664bf0565c79e9571b26d716803248b851f89ab1212b424e347681c
51d2afe1f67cfe06085d2979501ee653b337cda5048cfabf02ec2b31622dbc46
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5461e0722bbe365dfa0df4652c60a6ced5f83c840d03021c4abd04ae9f9c6980
55e98ab27ac1389c2b2f4f9c74fe4f5923ae27837be3f812904a5c4edd7cbca1
576680d1921f9ed988cc36e539a9895db1a0764755985a3108a22e0a9039fb0a
6069bebbfc9a535fa8bf81fa81ce8741f6cef9e5fefd807aa1710a365cfed798
614ff7ef1b5f727a528b6f98d2dc8921e6a64dd357977ad855df5e66ecbd00be
6267ba33e95f6defb5f1bf4d67470cb65f88127054df43a498c5426c437252a0
63ffc18edc14bd9ab2148825851b3420adde3d718c976440a083b3732c71a57c
65fc4437b1fb4d02b2da9f8de4bd177252e7828a56e622264d866e334006035d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb9e4f5d2fe9acd3e63e4eebeca64bc02789cf832e45db08c5a82a80ff8ee20
727b4302c81467f78fcaebbb74d21d7f67f781771573ec71f0c2ca73245686ad
7363677c67eeb03acb42dd83bbc96d7f5166b20bca8f06cc212d3b19be57deed
753f8821c256a003b14f78cb95df7844d3bcd303311a70a811a78f6ee16a7d9c
7dac576c975c0b651254b3d8b73bdd7db7f599f376ad3c47a9d2e86bf9c1b0f8
80f4df92f513bfb71f1ec09f8734791ef56160bf691980d5f1a7a6015f1c9e22
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8f75d02443f6c340b9a28ad3a0cb222bbea12a00f2971dc44361f805bfb73dce
96e2deae1b4eed71c7e8d1617605d9f56d6e02ed19a549ca92c492cbcb501038
977930fc96f7aeda8c849fe1022320d3c8ceb631dea2f1e0db36a6ad16ecf9cc
9bacad71ca24f6147c4b72a6c0f351b07ba93b70f992082b812681fb3b46d9b6
9dda870ce9790b6e6ada010b20724a82e194650bf2812ac062c0129a7148b1da
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a174df99cc9dce09b6eb006e65b01e83cbd0ebad6b90cb60fd4d77a9cad29018
a4ffd1b704018c9f7d710aff2c8e9382c4e598e7362a943c2099824322caf7d6
acd1f8beead90bb1e8c81adb3d1757e4d685821de64a68e0b538f5090220eff8
b53b7627770ce950842f5d32cc36a08de6d663db1cb86bd8fbe51265c4cfc683
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b882632c50e1e7165ce5aa20c6e3f870e18e96101c9af9f59174aa88bbd5d580
c33ba1562488ae609a15d95e627f05a5cdf36b26bdd5f583d0e118445eb0cbb4
c456ef9b8c08e8954d279df699d8972d35ba9dabc585f7483aeef914e6dc1a31
c62214431e1d66c654d5c7b66d64b54e00ea8b5f05b133a1bf958241398ad844
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cc62200b7ffb4acffa5ced44e916789729b903e9a39bf86bb6175577500c9fc7
d20f6a64ae916298e5adb195df3f968d6120daa42d39b6430650d23c4f23b549
d3d531fe560344555c893658ea47d30d849911a39bec786b41d09ed6dadadbe0
d7ccbf07fd5ef39304ab6f1bdfd7a6170665b477f35511a46ef253c795b98ba2
dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f41ab021059023a057bb7a9bc574bb28027d2e5dcaea6b8babcda651b9c871ec
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f917adf4c83e4fa84c78840ae50f35a5acdb533f1be59ad297bbef3fee472556