www.bairdwealth.com
Open in
urlscan Pro
2606:4700:4400::6812:2bf7
Public Scan
Effective URL: https://www.bairdwealth.com/
Submission: On September 28 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global CA G2 on January 3rd 2022. Valid for: a year.
This is the only time www.bairdwealth.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com | |
ka-p.fontawesome.com |
ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-10.vie50.r.cloudfront.net
static.hotjar.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm |
ASN15169 (GOOGLE, US)
us-central1-adaptive-growth.cloudfunctions.net |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com | |
www.linkedin.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-82.vie50.r.cloudfront.net
vars.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-85-0.eu-west-1.compute.amazonaws.com
in.hotjar.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-90-21.eu-west-1.compute.amazonaws.com
ws38.hotjar.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
bairdwealth.com
1 redirects
bairdwealth.com — Cisco Umbrella Rank: 979642 www.bairdwealth.com |
7 MB |
11 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1515 ka-p.fontawesome.com — Cisco Umbrella Rank: 3765 |
22 KB |
8 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 448 p.typekit.net — Cisco Umbrella Rank: 588 |
146 KB |
5 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 595 script.hotjar.com — Cisco Umbrella Rank: 767 vars.hotjar.com — Cisco Umbrella Rank: 889 in.hotjar.com — Cisco Umbrella Rank: 1682 ws38.hotjar.com — Cisco Umbrella Rank: 61149 |
70 KB |
4 |
linkedin.com
3 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 365 www.linkedin.com — Cisco Umbrella Rank: 625 px4.ads.linkedin.com — Cisco Umbrella Rank: 6161 |
3 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28 |
20 KB |
2 |
visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 802 |
281 B |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 114 |
222 B |
2 |
cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2597 |
|
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151 |
111 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64 |
139 KB |
2 |
rwbaird.com
2 redirects
www.rwbaird.com — Cisco Umbrella Rank: 535951 |
688 B |
2 |
hilliard.com
2 redirects
www.hilliard.com |
402 B |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 6301 |
548 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
548 B |
1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 |
2 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 129 |
16 KB |
1 |
pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 2527 |
6 KB |
1 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 758 |
3 KB |
1 |
msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 1957 |
22 KB |
1 |
episerver.net
dl.episerver.net — Cisco Umbrella Rank: 13340 |
2 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 663 |
30 KB |
62 | 22 |
Domain | Requested by | |
---|---|---|
15 | www.bairdwealth.com |
www.bairdwealth.com
|
10 | ka-p.fontawesome.com |
kit.fontawesome.com
www.bairdwealth.com |
7 | use.typekit.net |
www.bairdwealth.com
use.typekit.net |
3 | www.google-analytics.com |
www.googletagmanager.com
az416426.vo.msecnd.net www.bairdwealth.com |
2 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
2 | www.facebook.com |
www.bairdwealth.com
|
2 | px.ads.linkedin.com | 2 redirects |
2 | us-central1-adaptive-growth.cloudfunctions.net |
cdn.pdst.fm
|
2 | connect.facebook.net |
www.bairdwealth.com
connect.facebook.net |
2 | www.googletagmanager.com |
www.bairdwealth.com
www.googletagmanager.com |
2 | www.rwbaird.com | 2 redirects |
2 | www.hilliard.com | 2 redirects |
1 | ws38.hotjar.com |
az416426.vo.msecnd.net
|
1 | www.google.de |
www.bairdwealth.com
|
1 | www.google.com |
www.bairdwealth.com
|
1 | in.hotjar.com |
az416426.vo.msecnd.net
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | px4.ads.linkedin.com |
www.bairdwealth.com
|
1 | www.linkedin.com | 1 redirects |
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | cdn.pdst.fm |
www.bairdwealth.com
|
1 | snap.licdn.com |
www.bairdwealth.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | az416426.vo.msecnd.net |
www.bairdwealth.com
|
1 | p.typekit.net |
use.typekit.net
|
1 | dl.episerver.net |
www.bairdwealth.com
|
1 | kit.fontawesome.com |
www.bairdwealth.com
|
1 | code.jquery.com |
www.bairdwealth.com
|
1 | bairdwealth.com | 1 redirects |
62 | 31 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bairdwealth.com DigiCert Global CA G2 |
2022-01-03 - 2023-01-04 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-01 - 2023-01-01 |
a year | crt.sh |
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-14 - 2023-10-15 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2022-07-11 - 2023-07-11 |
a year | crt.sh |
*.hotjar.com Amazon |
2021-11-25 - 2022-12-23 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-07-08 - 2022-10-06 |
3 months | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2022-03-01 - 2023-03-01 |
a year | crt.sh |
cdn.pdst.fm GTS CA 1D4 |
2022-08-08 - 2022-11-06 |
3 months | crt.sh |
misc.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-09-05 - 2022-11-28 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-09-05 - 2022-11-28 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-09-05 - 2022-11-28 |
3 months | crt.sh |
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 01 |
2022-09-07 - 2023-09-02 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.bairdwealth.com/
Frame ID: D07817DD540D5A0CDB1230AD66B19923
Requests: 59 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 3CA616E8B41F9A94E5CB50C39FB93399
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 7F7175A2296D723A89074B68FD154299
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Discover the Baird Difference | Baird Wealth | Private Wealth ManagementPage URL History Show full URLs
-
http://www.hilliard.com/
HTTP 302
https://www.hilliard.com/ HTTP 301
https://www.rwbaird.com/Hilliard-Lyons-to-Baird HTTP 302
https://www.rwbaird.com/404?aspxerrorpath=/Hilliard-Lyons-to-Baird HTTP 301
https://bairdwealth.com/ HTTP 301
https://www.bairdwealth.com/ Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
Linkedin Insight Tag (Analytics) Expand
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: Cookie Policy
Search URL Search Domain Scan URL
Title: Privacy Notice.
Search URL Search Domain Scan URL
Title: Baird Digest
Search URL Search Domain Scan URL
Title: Baird Careers
Search URL Search Domain Scan URL
Title: Find a Financial Advisor
Search URL Search Domain Scan URL
Title: Baird Online
Search URL Search Domain Scan URL
Title: rwbaird.com
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: Find your career
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Like Us on Facebook
Search URL Search Domain Scan URL
Title: Follow Us on Twitter
Search URL Search Domain Scan URL
Title: Join Us on LinkedIn
Search URL Search Domain Scan URL
Title: Watch Us on YouTube
Search URL Search Domain Scan URL
Title: Follow Us on Instagram
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Financial Information
Search URL Search Domain Scan URL
Title: Business Continuity
Search URL Search Domain Scan URL
Title: Safety of Client Assets
Search URL Search Domain Scan URL
Title: Member SIPC
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.hilliard.com/
HTTP 302
https://www.hilliard.com/ HTTP 301
https://www.rwbaird.com/Hilliard-Lyons-to-Baird HTTP 302
https://www.rwbaird.com/404?aspxerrorpath=/Hilliard-Lyons-to-Baird HTTP 301
https://bairdwealth.com/ HTTP 301
https://www.bairdwealth.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 50- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=894380&time=1664399916817&url=https%3A%2F%2Fwww.bairdwealth.com%2F HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D894380%26time%3D1664399916817%26url%3Dhttps%253A%252F%252Fwww.bairdwealth.com%252F%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=894380&time=1664399916817&url=https%3A%2F%2Fwww.bairdwealth.com%2F&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=894380&time=1664399916817&url=https%3A%2F%2Fwww.bairdwealth.com%2F&liSync=true&e_ipv6=AQKWoEz8FcHqAgAAAYOF90FiVYLfpuiqX_fAkTXyplxHxXb5xCnvxVDByGZF7PBoyJshnyPn_Ox-ig
62 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.bairdwealth.com/ Redirect Chain
|
43 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
177292d6d8.js
kit.fontawesome.com/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nht3dko.css
use.typekit.net/ |
15 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rwbairdcorporate.css
www.bairdwealth.com/Static/core/css/ |
3 MB 646 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
baird-logo-2022.svg
www.bairdwealth.com/globalassets/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hands-holding-cellphone-bairdonline-app-1280x640.jpg
www.bairdwealth.com/globalassets/abstract/hands/ |
761 KB 762 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
retireplng-protecting-assets-1920x768.jpg
www.bairdwealth.com/globalassets/pwm-images/images-1920x768/retirement-planning/ |
136 KB 136 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
taxplng-us-capitol-1920x768.jpg
www.bairdwealth.com/globalassets/pwm-images/images-1920x768/tax-planning/ |
4 MB 4 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
strategas-homepagecarousel-1280x640-final.jpg
www.bairdwealth.com/globalassets/logos/ |
19 KB 19 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
charity-donate-sticky-note-1920x768.jpg
www.bairdwealth.com/globalassets/pwm-images/images-1920x768/charity/ |
1 MB 1 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
773888-graphic-homepage-1920x768-final.jpg
www.bairdwealth.com/globalassets/shared-carousel-blocks/ |
148 KB 148 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
go-green-2021-campaign-960x480.jpg
www.bairdwealth.com/globalassets/pwm-images/images-960x480/ |
73 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
market-strategy-strategas-1280x640.jpg
www.bairdwealth.com/contentassets/f66a1fd9190f44caa1a5846a7db6d1b8/ |
26 KB 26 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
taxplng-couple-working-on-paperwork-960x480.jpg
www.bairdwealth.com/globalassets/pwm-images/images-960x480/tax-planning/ |
51 KB 51 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search-location-light.svg
www.bairdwealth.com/siteassets/images-misc/ |
1 KB 723 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fortune-color-block-logo-1280x640.jpg
www.bairdwealth.com/globalassets/logos/ |
37 KB 37 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rwb.shared.js
www.bairdwealth.com/static/shared/dist/ |
559 KB 181 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
find.js
dl.episerver.net/13.4.8/epi-util/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 195 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
241 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/cafa63/00000000000000000001709a/27/ |
24 KB 24 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/1b1b1e/00000000000000000001709e/27/ |
24 KB 24 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/80c5d0/00000000000000000001709c/27/ |
24 KB 24 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/d32e26/00000000000000000001709b/27/ |
24 KB 25 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/c630c3/000000000000000000017098/27/ |
24 KB 24 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/a78021/0000000000000000000170ae/27/ |
24 KB 24 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro.min.js
ka-p.fontawesome.com/releases/v5.15.4/js/ |
40 KB 14 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-3012430.js
static.hotjar.com/c/ |
4 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
101 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
155 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping.min.js
cdn.pdst.fm/ |
26 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
times.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ |
605 B 407 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bars.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ |
560 B 338 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angle-right.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/light/ |
403 B 352 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angle-left.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/light/ |
398 B 337 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ |
554 B 442 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/light/ |
544 B 435 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron-double-right.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/light/ |
584 B 406 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
158956204883226
connect.facebook.net/signals/config/ |
293 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
41 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pause.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ |
431 B 351 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
play.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ |
328 B 337 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 266 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.cf44a0a6b448df1b035e.js
script.hotjar.com/ |
254 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1019840774/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-69edcc3187336f9b0a3fbb4c73be9fe6.html
vars.hotjar.com/ Frame 3CA6 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/3012430/ |
147 B 322 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1019840774/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1019840774/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 204 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
content
ws38.hotjar.com/api/v2/sites/3012430/recordings/ |
66 B 257 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
www.facebook.com/tr/ Frame 7F71 |
0 18 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 281 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
73 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| dataLayer object| appInsights object| $jscomp object| $jscomp$this undefined| currentFocus object| mobileSlinky object| globalNavigation object| globalNav number| headerHeight number| stickyNav function| sticky object| sideNav object| sideNavClose object| navLinks object| sideNavTrigger object| searchTrigger object| pageHeaderSlider object| cookieModal function| autoplay object| cardSliderDefault number| windowWidth number| fixedHeader function| cash object| M object| Waves function| FindApi object| api object| FontAwesomeKitConfig object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| pdst function| onYouTubeIframeAPIReady object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome object| gaplugins object| gaGlobal object| gaData function| gtag function| lintrk boolean| _already_called_lintrk object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO32 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.rwbaird.com/ | Name: TiPMix Value: 15.23909265689709 |
|
.www.rwbaird.com/ | Name: x-ms-routing-name Value: self |
|
.www.rwbaird.com/ | Name: ARRAffinity Value: ac706bbdb0630d5d3a1addebc29acdf9060651d13dc85bf1607a7277dc9194d0 |
|
.www.rwbaird.com/ | Name: ARRAffinitySameSite Value: ac706bbdb0630d5d3a1addebc29acdf9060651d13dc85bf1607a7277dc9194d0 |
|
.www.bairdwealth.com/ | Name: TiPMix Value: 17.86134797236729 |
|
.www.bairdwealth.com/ | Name: x-ms-routing-name Value: self |
|
www.bairdwealth.com/ | Name: ASP.NET_SessionId Value: kuksg1ctm4t3jwesjr1ohkwd |
|
.www.bairdwealth.com/ | Name: ARRAffinity Value: f834483d2f576686f75014299dbf800d92947d21ab496bd2998d3be7fa9a737f |
|
.www.bairdwealth.com/ | Name: ARRAffinitySameSite Value: f834483d2f576686f75014299dbf800d92947d21ab496bd2998d3be7fa9a737f |
|
www.bairdwealth.com/ | Name: ai_user Value: xNqrX|2022-09-28T21:18:36.560Z |
|
.bairdwealth.com/ | Name: _gcl_au Value: 1.1.2039123201.1664399917 |
|
www.bairdwealth.com/ | Name: __pdst Value: 41fadd5ab73a4197917000bb277dc759 |
|
.bairdwealth.com/ | Name: _ga Value: GA1.2.122305942.1664399917 |
|
.bairdwealth.com/ | Name: _gid Value: GA1.2.1816932899.1664399917 |
|
.bairdwealth.com/ | Name: _gat_UA-49152022-1 Value: 1 |
|
www.bairdwealth.com/ | Name: ai_session Value: Ev7bb|1664399916808.2|1664399916808.2 |
|
.bairdwealth.com/ | Name: _hjSessionUser_3012430 Value: eyJpZCI6IjRhYzAxYzdhLWYyMjEtNWM1NS1iNTA1LTE4YzYxZTk5ZDY2ZiIsImNyZWF0ZWQiOjE2NjQzOTk5MTcwMzUsImV4aXN0aW5nIjpmYWxzZX0= |
|
.bairdwealth.com/ | Name: _hjFirstSeen Value: 1 |
|
www.bairdwealth.com/ | Name: _hjIncludedInSessionSample Value: 1 |
|
.bairdwealth.com/ | Name: _hjSession_3012430 Value: eyJpZCI6Ijc2OGVlM2MzLWE2YmYtNGQ1Yi04NzkwLTJmMGFiOWU5MjU5ZiIsImNyZWF0ZWQiOjE2NjQzOTk5MTcwNjcsImluU2FtcGxlIjp0cnVlfQ== |
|
www.bairdwealth.com/ | Name: _hjIncludedInPageviewSample Value: 1 |
|
.bairdwealth.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.linkedin.com/ | Name: UserMatchHistory Value: AQIxNISmIv4-eQAAAYOF9z-vxCN0G_dZ8dRQ6eu6KdVTzS1eQiVps9tCUaUnomMAL2RC7vC4M1WhcQ |
|
.linkedin.com/ | Name: AnalyticsSyncHistory Value: AQLyxaftmpEJEgAAAYOF9z-vvBcyR0kq_Vx1K45_RDJc3HcHaML_3CTsU01fS6_BfQsFNc-cwgVsLZ0FVpmqqg |
|
.ads.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
.linkedin.com/ | Name: bcookie Value: "v=2&52b83697-341c-4aa6-8d68-a93afc67ebe8" |
|
.linkedin.com/ | Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2722:u=1:x=1:i=1664399916:t=1664486316:v=2:sig=AQGCyWzh7yiEGlVfyDA-8Ky41BtrFRML" |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.bairdwealth.com/ | Name: _fbp Value: fb.1.1664399917130.1367318736 |
|
.linkedin.com/ | Name: lang Value: v=2&lang=de-de |
|
.www.linkedin.com/ | Name: bscookie Value: "v=1&2022092821183734011ac0-3760-4162-8da3-a6274d1df7a4AQHfQuaDmpiWrXcygtFOIPWzENaYHnBb" |
|
.linkedin.com/ | Name: li_gc Value: MTswOzE2NjQzOTk5MTc7MjswMjHHJEIY3WmI8P4ZxZYUwsaxcwIsCIYU+8BdDe9wbLnxRA== |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
az416426.vo.msecnd.net
bairdwealth.com
cdn.pdst.fm
code.jquery.com
connect.facebook.net
dc.services.visualstudio.com
dl.episerver.net
googleads.g.doubleclick.net
in.hotjar.com
ka-p.fontawesome.com
kit.fontawesome.com
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
us-central1-adaptive-growth.cloudfunctions.net
use.typekit.net
vars.hotjar.com
ws38.hotjar.com
www.bairdwealth.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.hilliard.com
www.linkedin.com
www.rwbaird.com
13.107.42.14
13.69.106.212
142.250.186.162
18.66.15.82
2001:4860:4802:36::36
2001:4860:4802:38::178
2001:4de0:ac18::1:a:1b
217.114.85.70
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:4400::6812:273d
2606:4700:4400::6812:2bf7
2606:4700:4400::ac40:9912
2606:4700::6812:1634
2620:1ec:21::14
2a00:1450:4001:830::2004
2a00:1450:400d:806::2008
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2003
2a02:26f0:11a::6867:4848
2a02:26f0:11a::6867:4851
2a02:26f0:11a::6867:4868
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.244.142.80
50.59.62.180
52.222.236.63
54.154.85.0
54.72.90.21
99.86.240.10
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
204f9715c5160102ee1963b4e87592d839d884a8e074c2ae19c527ec51575b70
3ebf0558c366a45d9c4689cbf4c91e756d467f002b72ad64b17b9f8ccb42add8
408129ff0013be34d68a5d6590b26bada5ae9237909ff3bc786b0b9384089837
43d9c63e9c654ce1c604cb60e7620110fa280286224c666cdbfe548d2ee7a985
455683c175a3d6cb50b9c2e284cf98a1032cee65c495dfcacccec4d9f45be2f3
47fc3ea3d19457499969b27f6edfc9633f8a6b190f6828b5e548e843b93adbb2
48a5484e2279bbc87ddd8d9e2791395fec327ab43a6ddc3cdc4a63683bf483fe
4e2ba7ab4e22372cc5b0a1095e0eecd6b473f7f55d596663f308d9e3bf7024d2
5026e1ba7664bf0565c79e9571b26d716803248b851f89ab1212b424e347681c
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5461e0722bbe365dfa0df4652c60a6ced5f83c840d03021c4abd04ae9f9c6980
55e98ab27ac1389c2b2f4f9c74fe4f5923ae27837be3f812904a5c4edd7cbca1
576680d1921f9ed988cc36e539a9895db1a0764755985a3108a22e0a9039fb0a
6069bebbfc9a535fa8bf81fa81ce8741f6cef9e5fefd807aa1710a365cfed798
6267ba33e95f6defb5f1bf4d67470cb65f88127054df43a498c5426c437252a0
63ffc18edc14bd9ab2148825851b3420adde3d718c976440a083b3732c71a57c
65fc4437b1fb4d02b2da9f8de4bd177252e7828a56e622264d866e334006035d
664eb6e1474a545470efd375a64564abca2fde79a0c3e68b8cba5e529c8d92ac
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ef5f50958910db21194520fc6ce3add2f7c7f9a5bb6a1e025d5c2447348bf1f
727b4302c81467f78fcaebbb74d21d7f67f781771573ec71f0c2ca73245686ad
753f8821c256a003b14f78cb95df7844d3bcd303311a70a811a78f6ee16a7d9c
78d8ab2b9baadd2598db1f3035673d66f361b5111238ce78b80deedc0508efb3
7dac576c975c0b651254b3d8b73bdd7db7f599f376ad3c47a9d2e86bf9c1b0f8
7e07594c7c9cf8b2fd905c7508214170e0ee3e3bd084fca699d8b3758cafba11
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8774bb3958e8fe3dc33bb867a0289749eb90fd2056f46d596d484990fe931d93
8d2a38ff59658f9e13bba2d9940719fe65f4b449df68e519b644df92c49d6ed0
977930fc96f7aeda8c849fe1022320d3c8ceb631dea2f1e0db36a6ad16ecf9cc
9bacad71ca24f6147c4b72a6c0f351b07ba93b70f992082b812681fb3b46d9b6
9dda870ce9790b6e6ada010b20724a82e194650bf2812ac062c0129a7148b1da
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a174df99cc9dce09b6eb006e65b01e83cbd0ebad6b90cb60fd4d77a9cad29018
a4ffd1b704018c9f7d710aff2c8e9382c4e598e7362a943c2099824322caf7d6
a71b27cad7b57c4cafdd15e93d629d1aee6de5ab9c5d5555d8e7f1b12b7ce352
acd1f8beead90bb1e8c81adb3d1757e4d685821de64a68e0b538f5090220eff8
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b882632c50e1e7165ce5aa20c6e3f870e18e96101c9af9f59174aa88bbd5d580
bd8954da6391e26fd1f1a32aaf24bc58e94c74d09a5454465190c171784e7713
c33ba1562488ae609a15d95e627f05a5cdf36b26bdd5f583d0e118445eb0cbb4
c456ef9b8c08e8954d279df699d8972d35ba9dabc585f7483aeef914e6dc1a31
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cc62200b7ffb4acffa5ced44e916789729b903e9a39bf86bb6175577500c9fc7
d3d531fe560344555c893658ea47d30d849911a39bec786b41d09ed6dadadbe0
dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dffbd1953c9ae21cc8ae0f8ec00b6584d8f6fd9f8d66fbe8799985d65427912c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d9c6de2eed1405b891fa2b0314f622ecfaf707d3dcdb7cae4c8dc45b8441eb
ed6d5c15b027e038f27d79a47dfc89c5c3e2979c7f374e64caa097af90c29d83
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f917adf4c83e4fa84c78840ae50f35a5acdb533f1be59ad297bbef3fee472556