urlscan.io logo urlscan.io
SecurityTrails logo

firstmidwestadvisors.com Open in urlscan Pro
192.124.249.169  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://r20.rs6.net/tn.jsp?f=001uvZ6-rXNr4h9_C6Ghxq4sFRs2KPIGMicbDGEho2v9b71tPhTHhNJKk5535ImRHN0OXQ291XyKjR2NN6FeoLV...
Effective URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Submission: On June 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 48 HTTP transactions. The main IP is 192.124.249.169, located in Homewood, United States and belongs to SUCURI-SEC, US. The main domain is firstmidwestadvisors.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 5th 2022. Valid for: a year.
This is the only time firstmidwestadvisors.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    208.75.122.11 (United States)

ASN40444 (ASN-CC, US)
PTR: rs6.net
r20.rs6.net
1    192.124.249.169 (Homewood, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10169.sucuri.net
firstmidwestadvisors.com
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
22    162.159.135.45 (None, )

ASN13335 (CLOUDFLARENET, US)
1vs7f1.p3cdn1.secureserver.net
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2600:9000:237d:4e00:4:c961:9640:93a1 (United States)

ASN16509 (AMAZON-02, US)
a.mailmunch.co
5    23.53.42.211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-211.deploy.static.akamaitechnologies.com
img1.wsimg.com
img6.wsimg.com
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    54.157.58.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-58-70.compute-1.amazonaws.com
forms.mailmunch.co
2    2a02:26f0:3500:18::1724:a292 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net
1    3.232.242.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-242-170.compute-1.amazonaws.com
analytics.mailmunch.co
Apex Domain
Subdomains		 Transfer
24 secureserver.net
1vs7f1.p3cdn1.secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 13887
197 KB
8 mailmunch.co
a.mailmunch.co — Cisco Umbrella Rank: 19241
forms.mailmunch.co — Cisco Umbrella Rank: 20730
analytics.mailmunch.co — Cisco Umbrella Rank: 45935
59 KB
5 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 9670
img6.wsimg.com — Cisco Umbrella Rank: 11979
20 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
22 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80
ajax.googleapis.com — Cisco Umbrella Rank: 422
35 KB
2 gstatic.com
fonts.gstatic.com
78 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
133 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 4835
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 124
260 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2890
260 B
1 firstmidwestadvisors.com
firstmidwestadvisors.com
21 KB
1 rs6.net
r20.rs6.net — Cisco Umbrella Rank: 7926
376 B
48 12
Domain Requested by
22 1vs7f1.p3cdn1.secureserver.net firstmidwestadvisors.com
6 a.mailmunch.co firstmidwestadvisors.com
a.mailmunch.co
img1.wsimg.com
ajax.googleapis.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
img1.wsimg.com
3 img1.wsimg.com 3 redirects
2 events.api.secureserver.net img1.wsimg.com
2 fonts.gstatic.com fonts.googleapis.com
2 img6.wsimg.com firstmidwestadvisors.com
2 fonts.googleapis.com firstmidwestadvisors.com
a.mailmunch.co
2 www.googletagmanager.com firstmidwestadvisors.com
www.googletagmanager.com
1 analytics.mailmunch.co
1 forms.mailmunch.co img1.wsimg.com
1 ajax.googleapis.com a.mailmunch.co
1 www.google.de firstmidwestadvisors.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 firstmidwestadvisors.com
1 r20.rs6.net 1 redirects
48 17

This site contains no links.

Subject Issuer Validity Valid
firstmidwestadvisors.com
Go Daddy Secure Certificate Authority - G2		 2022-10-05 -
2023-10-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.p3cdn1.secureserver.net
Starfield Secure Certificate Authority - G2		 2022-09-13 -
2023-10-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.mailmunch.co
Amazon RSA 2048 M01		 2023-03-01 -
2024-01-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
forms.mailmunch.co
R3		 2023-05-16 -
2023-08-14		 3 months crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2022-08-05 -
2023-09-06		 a year crt.sh
analytics.mailmunch.co
R3		 2023-05-19 -
2023-08-17		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Frame ID: A753E169FB60E6C2436B3A1A0CCF11E0
Requests: 45 HTTP requests in this frame

Frame: https://a.mailmunch.co/v2/themes/mailmunch/simple/popover/index.css
Frame ID: 7330B435B4429379BE22DA3897568B5C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mergers & Acquisitions - First Midwest Advisors

Page URL History Show full URLs

  1. https://r20.rs6.net/tn.jsp?f=001uvZ6-rXNr4h9_C6Ghxq4sFRs2KPIGMicbDGEho2v9b71tPhTHhNJKk5535ImRHN0... HTTP 302
    https://firstmidwestadvisors.com/mergers-and-acquisitions/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

48
Requests

96 %
HTTPS

63 %
IPv6

12
Domains

17
Subdomains

16
IPs

4
Countries

566 kB
Transfer

1752 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://r20.rs6.net/tn.jsp?f=001uvZ6-rXNr4h9_C6Ghxq4sFRs2KPIGMicbDGEho2v9b71tPhTHhNJKk5535ImRHN0OXQ291XyKjR2NN6FeoLVR_nzuPEuc_omLIVN7-QNKJkTJ6ZO6llBuekdq6wpy8aoju6Q5pNeRXKupnB2QZeyggVBITUrGcjzTRa4tpAAyDJAb5NlFXe08HtsZG-fJJPs&c=urltkWMZ5y4q99VZMzkIheo23fjv-V2HcQgc3Q2xCQal6zgb7L8JdA==&ch=8bQWrtsn43o9DCZ7K3XmScW7m9k58oImBwqp0sm0z7claKPXCwSEaw== HTTP 302
    https://firstmidwestadvisors.com/mergers-and-acquisitions/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 302
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Request Chain 24
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
firstmidwestadvisors.com/mergers-and-acquisitions/
Redirect Chain
  • https://r20.rs6.net/tn.jsp?f=001uvZ6-rXNr4h9_C6Ghxq4sFRs2KPIGMicbDGEho2v9b71tPhTHhNJKk5535ImRHN0OXQ291XyKjR2NN6FeoLVR_nzuPEuc_omLIVN7-QNKJkTJ6ZO6llBuekdq6wpy8aoju6Q5pNeRXKupnB2QZeyggVBITUrGcjzTRa4t...
  • https://firstmidwestadvisors.com/mergers-and-acquisitions/
117 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.169 Homewood, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
6ccbd8ecbdd75a19e0c7cb77a0de420d0f9c7b6766815259361db4c65a73f6ab
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
26263
content-encoding
gzip
content-length
20944
content-security-policy
upgrade-insecure-requests; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 20 Jun 2023 14:13:32 GMT
server
nginx
strict-transport-security
max-age=300
vary
Accept-Encoding, User-Agent
x-backend
local
x-cache
cached
x-cache-hit
HIT
x-cacheable
YES:Forced
x-cacheproxy-retries
0/2
x-content-type-options
nosniff nosniff
x-fawn-proc-count
1,0,24
x-frame-options
SAMEORIGIN
x-php-version
7.4
x-sucuri-cache
MISS
x-sucuri-id
15019
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection
close
Content-Length
0
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 20 Jun 2023 14:13:31 GMT
Location
https://firstmidwestadvisors.com/mergers-and-acquisitions/
P3P
CP="CAO DSP TAIa OUR NOR UNI"
Pragma
no-cache
Server
Apache
js
www.googletagmanager.com/gtag/ 		123 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-167933633-1
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
567762125a6f755df1fd3880a2c9dcdf7743787c58f69475f711b833cbad3c5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
48654
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Jun 2023 14:13:32 GMT
style.min.css
1vs7f1.p3cdn1.secureserver.net/wp-content/themes/astra/assets/css/minified/ 		70 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/themes/astra/assets/css/minified/style.min.css?ver=4.1.5&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99bfaa4701c1302d3cb52051c04aceda00f347ae1f979578329db056ee20e376
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 03:32:03 GMT
x-php-version
7.4
server
cloudflare
etag
W/"11741-5fbef72ae990a-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49ceb5efa18c3-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
css
fonts.googleapis.com/ 		3 KB
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli%3A400%2C%2C600%2C700&display=fallback&ver=4.1.5
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af90387eacaa6317d6b7c4bba76c2ab18b44542f70339d74df9b19a697f776f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Jun 2023 14:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 20 Jun 2023 14:13:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Jun 2023 14:13:32 GMT
style.min.css
1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/astra-addon/addons/advanced-headers/assets/css/minified/ 		1 KB
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/astra-addon/addons/advanced-headers/assets/css/minified/style.min.css?ver=3.6.3&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f169489cea45d4acbc800270fb5aba448801314411acfaf2539161d11974014
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 06 Nov 2021 18:30:33 GMT
x-php-version
7.4
server
cloudflare
etag
W/"55b-5d022f4807dea-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
7da49ceb5eff18c3-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
advanced-headers-layout-2.min.css
1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/astra-addon/addons/advanced-headers/assets/css/minified/ 		277 B
232 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/astra-addon/addons/advanced-headers/assets/css/minified/advanced-headers-layout-2.min.css?ver=3.6.3&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3598ea7efef4d45e55111b704560e9b5e3557cf25b5efe3f9208cf26cfff7db8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 06 Nov 2021 18:30:33 GMT
x-php-version
7.4
server
cloudflare
etag
W/"115-5d022f480b282-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
7da49ceb5f0118c3-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
style.min.css
1vs7f1.p3cdn1.secureserver.net/wp-includes/css/dist/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 13 Jun 2023 08:52:51 GMT
x-php-version
7.4
server
cloudflare
etag
W/"17ced-5fdfef5d16570-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49ceb5f0218c3-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
style-coblocks-1.css
1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/ 		265 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/style-coblocks-1.css?ver=3.0.3&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bc0966f793217465b16db209de07f945210caa979834ecafd0d42bccba60a4d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 21 Apr 2023 04:43:08 GMT
x-php-version
7.4
server
cloudflare
etag
W/"423fb-5f9d14b2eb817-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49ceb5f0418c3-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
style-coblocks-extensions.css
1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/ 		2 KB
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/style-coblocks-extensions.css?ver=3.0.3&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c197c685d1cfde9e68e198bd0c023f58202efd10e5991a58aeacb01db67f844
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 21 Apr 2023 04:43:08 GMT
x-php-version
7.4
server
cloudflare
etag
W/"695-5f9d14b2e6ddf-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49ceb5f0518c3-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
style.min.css
1vs7f1.p3cdn1.secureserver.net/wp-includes/css/dist/components/ 		81 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-includes/css/dist/components/style.min.css?ver=6.2.2&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
072799c158a63f494abfbb8c4a0a7f1322029d531192c34092b88ddfdf693b2d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 13 Jun 2023 08:52:51 GMT
x-php-version
7.4
server
cloudflare
etag
W/"14573-5fdfef5d180c8-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49ceb5f0818c3-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
latest.css
1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/coblocks/includes/Dependencies/GoDaddy/Styles/build/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/coblocks/includes/Dependencies/GoDaddy/Styles/build/latest.css?ver=2.0.2&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 21 Apr 2023 04:43:08 GMT
x-php-version
7.4
server
cloudflare
etag
W/"3256-5f9d14b3017a7-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49ceb7f3118c3-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
astra-addon-6465c54e61e6d9-63980410.css
1vs7f1.p3cdn1.secureserver.net/wp-content/uploads/astra-addon/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/uploads/astra-addon/astra-addon-6465c54e61e6d9-63980410.css?ver=3.6.3&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cde5c586ae4068dfc13aec750cd2179991fdeb948106c146629480390b3b471e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 06:27:26 GMT
x-php-version
7.4
server
cloudflare
etag
W/"51f7-5fbf1e5e7e857-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49ceb5f0718c3-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
jquery.min.js
1vs7f1.p3cdn1.secureserver.net/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.4&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
7591
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 13 Jun 2023 08:52:51 GMT
x-php-version
7.4
server
cloudflare
etag
W/"15ed7-5fdfef5d6ef73;5a240e678439e
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49ceb7f3218c3-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
jquery-migrate.min.js
1vs7f1.p3cdn1.secureserver.net/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 13 Jun 2023 08:52:51 GMT
x-php-version
7.4
server
cloudflare
etag
W/"3470-5fdfef5d6dfd2-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49ceb7f3718c3-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
advanced-headers.min.js
1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/astra-addon/addons/advanced-headers/assets/js/minified/ 		2 KB
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/astra-addon/addons/advanced-headers/assets/js/minified/advanced-headers.min.js?ver=3.6.3&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773dfc6730b3a2bcb68f1829835956f1a733608a5662782d1cf12304443c80ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 06 Nov 2021 18:30:32 GMT
x-php-version
7.4
server
cloudflare
etag
W/"655-5d022f47f321d-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
7da49ceb7f3418c3-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
frontend-gtag.min.js
1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.16&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53d4114fbd4b94de008401dc1381e75046f8273032b270dc1879dfd2d3ff8ce4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 20 Jun 2023 02:39:06 GMT
x-php-version
7.4
server
cloudflare
etag
W/"2eeb-5fe868e1123a7-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49ceb7f3318c3-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
site.js
a.mailmunch.co/app/v1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/site.js
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:4e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
159043fcb16dd5c9a4b6a80581f7a91dc5987665ea5f7851da6c29fba0615a64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 02:42:33 GMT
content-encoding
gzip
via
1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
41461
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8416
last-modified
Thu, 15 Jun 2023 05:35:52 GMT
server
AmazonS3
etag
"a73cc36360c25de910ff7ddf02a31bc3"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
x-zG1m_0IZgKw3WofSHMLijD5rvUozFlbpaMc5Chno6uTSyXs5OIWQ==
FMA_Logo_Vert-151x57.png
1vs7f1.p3cdn1.secureserver.net/wp-content/uploads/2020/04/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/uploads/2020/04/FMA_Logo_Vert-151x57.png
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6703f70a36d19c4598cbac6090f2fed7863e4800e06bd8c0c1e25df0e88d2d8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:33 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
cf-cache-status
HIT
cf-polished
origSize=4110
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
content-length
3740
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Tue, 12 May 2020 14:23:07 GMT
server
cloudflare
x-php-version
7.4
etag
"100e-5a57433cf8335"
vary
Accept-Encoding
content-type
image/png
x-cache-hit
HIT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
7da49cf11db992a2-FRA
expires
Fri, 21 Jul 2023 14:13:33 GMT
crop-0-0-66-75-0-FMA_icon_mergers-01.png
1vs7f1.p3cdn1.secureserver.net/wp-content/uploads/2020/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/uploads/2020/04/crop-0-0-66-75-0-FMA_icon_mergers-01.png
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c2994680115796fdc121c352837ed6b5c4fa6df426d2d88925c7f2244eb6bdc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:33 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
cf-cache-status
HIT
cf-polished
origSize=2498
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
content-length
1988
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Tue, 21 Apr 2020 19:07:39 GMT
server
cloudflare
x-php-version
7.4
etag
"9c2-5a3d1bab0dbed"
vary
Accept-Encoding
content-type
image/png
x-cache-hit
HIT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
7da49cf14de492a2-FRA
expires
Fri, 21 Jul 2023 14:13:33 GMT
style.min.js
1vs7f1.p3cdn1.secureserver.net/wp-content/themes/astra/assets/js/minified/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/themes/astra/assets/js/minified/style.min.js?ver=4.1.5&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f860bbb071d2de91d3b6cbd420c787f4b09c8d9d0cb2be2a772a3b3ff6047936
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 03:32:03 GMT
x-php-version
7.4
server
cloudflare
etag
W/"2d48-5fbef72aed78a-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49ced8a9518c3-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
coblocks-animation.js
1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/ 		407 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=3.0.3&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f167ae1780938fa19464993733924d0d078d5f5ce7955a596a55c210cb36cc8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
7635
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 21 Apr 2023 04:43:08 GMT
x-php-version
7.4
server
cloudflare
etag
W/"197-5f9d14b2e660f-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49ceebb7692a2-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
coblocks-tinyswiper-initializer.js
1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/coblocks-tinyswiper-initializer.js?ver=3.0.3&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f7af01f4d8414f9dfe9e2dc0f693ad62b3081e7a345aee612114e4c4aebcd2e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
7635
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 21 Apr 2023 04:43:08 GMT
x-php-version
7.4
server
cloudflare
etag
W/"3858-5f9d14b2e5e3f-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49ceefbaa92a2-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
coblocks-lightbox.js
1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/coblocks-lightbox.js?ver=3.0.3&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
073755b43f55a99987aa9f8d6b99239e8cdc9952fe4f1ef0275850610702a80b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
7635
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 21 Apr 2023 04:43:08 GMT
x-php-version
7.4
server
cloudflare
etag
W/"de5-5f9d14b2e4e9f-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49cef2bd992a2-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
astra-addon-6465c54e683f49-54194168.js
1vs7f1.p3cdn1.secureserver.net/wp-content/uploads/astra-addon/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/uploads/astra-addon/astra-addon-6465c54e683f49-54194168.js?ver=3.6.3&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8584a1e36abe27ea5b15fd037ab9fb25270d44705ee29f8cc38d213c128c5d3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:32 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
7635
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 06:27:26 GMT
x-php-version
7.4
server
cloudflare
etag
W/"53f5-5fbf1e5e822f0-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7da49cef6c1092a2-FRA
expires
Fri, 21 Jul 2023 14:13:32 GMT
tccl.min.js
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/
Redirect Chain
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Server
23.53.42.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
sTnOEJpl_Bn63xNm3Yru0HbQaHbS55CR
content-encoding
br
date
Tue, 20 Jun 2023 14:13:32 GMT
x-amz-request-id
SW42RCTKTQJH3SB5
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468686_389360335_317240797_17_1183_18_0_-";dur=1
content-length
11347
x-amz-id-2
SOgzPYjoNVqHmzSUdDQxjVjpOcgl04n3arSWjBq/s2doz6LRg79tFfSvSDtud9Y0icsa8uPNWH0=
last-modified
Tue, 29 Nov 2022 21:30:05 GMT
etag
"5c3e20ad749ddb088afc84b1b7ff009e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
access-control-allow-origin
*
date
Tue, 20 Jun 2023 14:13:32 GMT
cache-control
max-age=1800
timing-allow-origin
*
content-length
0
expires
Tue, 20 Jun 2023 14:43:32 GMT
tti.min.js
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Server
23.53.42.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-encoding
br
date
Tue, 20 Jun 2023 14:13:32 GMT
x-amz-request-id
FPNVPC26ASG1ZC2P
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468686_389360335_317240900_22_1572_19_0_-";dur=1
content-length
7498
x-amz-id-2
HjyiTp21LgkXvw27WiDuzmPNN/xKNty/C9ZP3N6HH/vy36X5D6/xBUhsopBjkftblO2vuK54SD0=
last-modified
Thu, 09 Feb 2023 05:38:30 GMT
etag
"ce554d2333f3801abafb32da18213ff7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
access-control-allow-origin
*
date
Tue, 20 Jun 2023 14:13:32 GMT
cache-control
max-age=1800
timing-allow-origin
*
content-length
0
expires
Tue, 20 Jun 2023 14:43:32 GMT
wp-emoji-release.min.js
1vs7f1.p3cdn1.secureserver.net/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2&time=1687228762
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:33 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
7644
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 13 Jun 2023 08:52:51 GMT
x-php-version
7.4
server
cloudflare
etag
W/"4904-5fdfef5d7c64c-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
7da49cf14de792a2-FRA
expires
Fri, 21 Jul 2023 14:13:33 GMT
js
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-71C859NF43&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-167933633-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b2e89b72178662b63552cfaeb94919b30de5050dd2302e3b951333b86af6b99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86894
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Jun 2023 14:13:33 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-167933633-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Jun 2023 13:04:42 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4131
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 20 Jun 2023 15:04:42 GMT
FMA_primary_header.jpg
1vs7f1.p3cdn1.secureserver.net/wp-content/uploads/2020/04/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1vs7f1.p3cdn1.secureserver.net/wp-content/uploads/2020/04/FMA_primary_header.jpg
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b7cfb675f372a8b72b320a64230e9dab189b958c8bad0661c38ab8578566d2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:33 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
cf-cache-status
HIT
cf-polished
origSize=70903
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
content-length
52270
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Mon, 20 Apr 2020 18:28:55 GMT
server
cloudflare
x-php-version
7.4
etag
"114f7-5a3bd12547e89"
vary
Accept-Encoding
content-type
image/jpeg
x-cache-hit
HIT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
7da49cf15df492a2-FRA
expires
Fri, 21 Jul 2023 14:13:33 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli%3A400%2C%2C600%2C700&display=fallback&ver=4.1.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://firstmidwestadvisors.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 06:31:36 GMT
x-content-type-options
nosniff
age
27717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31196
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:43:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jun 2024 06:31:36 GMT
collect
region1.analytics.google.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-71C859NF43&gtm=45je36e0&_p=1618686275&_gaz=1&cid=1336046225.1687270413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687270413&sct=1&seg=0&dl=https%3A%2F%2Ffirstmidwestadvisors.com%2Fmergers-and-acquisitions%2F&dt=Mergers%20%26%20Acquisitions%20-%20First%20Midwest%20Advisors&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-71C859NF43&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jun 2023 14:13:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://firstmidwestadvisors.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-71C859NF43&cid=1336046225.1687270413&gtm=45je36e0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-71C859NF43&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jun 2023 14:13:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://firstmidwestadvisors.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-71C859NF43&cid=1336046225.1687270413&gtm=45je36e0&aip=1&z=959413293
Requested by
Host: firstmidwestadvisors.com
URL: https://firstmidwestadvisors.com/mergers-and-acquisitions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jun 2023 14:13:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 10:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jun 2024 10:16:59 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 13:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
2131
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Wed, 14 Jun 2023 09:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 20 Jun 2023 14:38:02 GMT
collect
www.google-analytics.com/j/ 		1 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1618686275&t=pageview&_s=1&dl=https%3A%2F%2Ffirstmidwestadvisors.com%2Fmergers-and-acquisitions%2F&ul=en-us&de=UTF-8&dt=Mergers%20%26%20Acquisitions%20-%20First%20Midwest%20Advisors&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUIhAAAAACAAI~&jid=2133625313&gjid=94182555&cid=1336046225.1687270413&tid=UA-167933633-1&_gid=1023675073.1687270413&_r=1&gtm=457e36e0&did=dZGIzZG&gdid=dZGIzZG&jsscut=1&z=952223344
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://firstmidwestadvisors.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Jun 2023 14:13:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://firstmidwestadvisors.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles.css
a.mailmunch.co/app/v1/ 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/styles.css
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:4e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 03:27:33 GMT
content-encoding
gzip
via
1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
125163
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2274
last-modified
Thu, 15 Jun 2023 05:35:56 GMT
server
AmazonS3
etag
"f33954bb68eee3eae13e6110d233b18f"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
DF42TT-87qTgTAXbOvEkImI6WIzCfYQO6iddmlv2myl6Bm7AyJRlAQ==
927286
forms.mailmunch.co/sites/ 		130 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.mailmunch.co/sites/927286
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.157.58.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-58-70.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
9816b76871f8b425dedf2f50c90fbc133baa02b0a8b8bccf71004175391b2b1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 20 Jun 2023 14:13:33 GMT
Via
1.1 vegur
Server
Cowboy
X-Powered-By
Express
Etag
W/"82-D9WVr3d+gUBsS3m0nXZxQRbJUkI"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-MM-Comp-Tracking, X-MM-EU-Continent, X-MM-T
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-MM-Form-Tool, X-MM-Coupons
Content-Length
130
event
events.api.secureserver.net/t/1/tl/ 		43 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1687270413025&dh=firstmidwestadvisors.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&vci=2087081236&cv=2.0.1&z=734580284&vg=ea6ecfa8-7775-5762-8878-10fe025fd0c4&vtg=ea6ecfa8-7775-5762-8878-10fe025fd0c4&dp=%2Fmergers-and-acquisitions&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%223fbc4267-923e-a83a-06fe-64ae62c5aab6.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD10%22%2C%22storage%22%3A%22p3cephmah004pod10_data17%22%2C%22xid%22%3A%2243243673%22%2C%22wp%22%3A%226.2.2%22%2C%22php%22%3A%227.4.33%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22astra%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22260%22%2C%22wp_alloptions_bytes%22%3A%22565033%22%7D&hit_id=3e308229-7665-5193-ba98-537a5e428bb0&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:18::1724:a292 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Tue, 20 Jun 2023 14:13:33 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://firstmidwestadvisors.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ 		43 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1687270413233&dh=firstmidwestadvisors.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&vci=2087081236&cv=2.0.1&z=854650326&vg=ea6ecfa8-7775-5762-8878-10fe025fd0c4&vtg=ea6ecfa8-7775-5762-8878-10fe025fd0c4&dp=%2Fmergers-and-acquisitions&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%223fbc4267-923e-a83a-06fe-64ae62c5aab6.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD10%22%2C%22storage%22%3A%22p3cephmah004pod10_data17%22%2C%22xid%22%3A%2243243673%22%2C%22wp%22%3A%226.2.2%22%2C%22php%22%3A%227.4.33%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22astra%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22260%22%2C%22wp_alloptions_bytes%22%3A%22565033%22%7D&hit_id=fbd659cd-c56e-5633-b5c8-378840fbdec9&ht=perf&tce=1687270411487&tcs=1687270411442&tdc=1687270413230&tdclee=1687270413029&tdcles=1687270413028&tdi=1687270413028&tdl=1687270411972&tdle=1687270411442&tdls=1687270411408&tfs=1687270411408&tns=1687270410869&trqs=1687270411487&tre=1687270411962&trps=1687270411942&tles=1687270413230&tlee=0&nt=navigate&lcp=2254&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:18::1724:a292 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Tue, 20 Jun 2023 14:13:33 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://firstmidwestadvisors.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
settings-1687265302.json
a.mailmunch.co/forms-cache/927286/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/927286/settings-1687265302.json
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:4e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88bcfbdf48c41dcd747f6d2783acd58eb7bb007f04855a53e8aecc74c90771ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:34 GMT
content-encoding
gzip
via
1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 20 Jun 2023 12:48:28 GMT
server
AmazonS3
etag
W/"23b681a5f19212f61d51e16abc0ecc5f"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
E13fEuLpGPXn3wCQJDt7KOyrlaY7EhOjT9eiZZslt0UaFDid7x8_Og==
popover.js
a.mailmunch.co/app/v1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/popover.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:4e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81a7d8a047857c04f34dee91793ff2474128f76e8339511607f80a27179fc65b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 18:01:33 GMT
content-encoding
gzip
via
1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
159122
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2274
last-modified
Thu, 15 Jun 2023 05:35:53 GMT
server
AmazonS3
etag
"d017048419c4323b27886cdf41687d7f"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
accept-ranges
bytes
x-amz-cf-id
xlT7va8Gx-i4gGzVnocMRJTC8Ksxi4bnc3YP_WtqPtaFitJVw2pOPg==
index-1650556485.html
a.mailmunch.co/forms-cache/927286/1027556/ 		111 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/927286/1027556/index-1650556485.html
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:4e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9c597563e5d34020e67a0def5da510e76230abf5af84ed884613fa3534c5214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:13:35 GMT
content-encoding
gzip
via
1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 22 Feb 2023 14:45:31 GMT
server
AmazonS3
etag
W/"1760bac1a042a913d8c169b34ffe2a4d"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
Np6xIO4WPlIf3Do0Y5PoMcgMJXrq_b_5udzqsdrf45oHUF6tKFdsww==
index.css
a.mailmunch.co/v2/themes/mailmunch/simple/popover/ Frame 7330 		8 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/v2/themes/mailmunch/simple/popover/index.css
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:4e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0c394da8d74dbd52fb6b05fe19e4c01b583af5dda0cafdb2df0788e0c402dba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 22:23:58 GMT
content-encoding
gzip
via
1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
167401
x-cache
Hit from cloudfront
last-modified
Wed, 08 Jan 2020 12:44:12 GMT
server
AmazonS3
etag
W/"356ca1b91209d27c3d0787851b99e4fd"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
9kxNZOAM8z7QrazwImhgc7f54wHjV2W8___SEonvDkFXMH7f3geTng==
css
fonts.googleapis.com/ Frame 7330 		5 KB
797 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700,400
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/v2/themes/mailmunch/simple/popover/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
67eb879fb1645c73ccbaac598e815fd3901eb5114228021d686b8b5e470edbbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.mailmunch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Jun 2023 14:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 20 Jun 2023 13:57:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Jun 2023 14:13:34 GMT
truncated
/ Frame 7330 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc139bb571ba15adcd2e6f37859679ce715e5de67720f0724595e5b8a6dfe9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 7330 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://firstmidwestadvisors.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 05:45:28 GMT
x-content-type-options
nosniff
age
289686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jun 2024 05:45:28 GMT
/
analytics.mailmunch.co/event/ 		35 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.mailmunch.co/event/?site_id=927286&widget_id=1027556&event_name=views&cache=1687270415089&referrer=https%3A%2F%2Ffirstmidwestadvisors.com%2Fmergers-and-acquisitions%2F&visitor_id=a47d560d-fbf5-4005-85a7-2caf903bd1bc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-242-170.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstmidwestadvisors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 20 Jun 2023 14:13:35 GMT
Via
1.1 vegur
Server
Cowboy
X-Powered-By
Express
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| $ function| jQuery object| AstraPageTitle function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend object| _mmunch object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| astraSmoothScroll function| astScrollToTopHandler function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle object| coblocksTinyswiper object| coblocksLigthboxData object| astraAddon function| astraToggleSetupPro function| astraNavMenuTogglePro object| _trfd boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| _trfq object| tccl object| tti number| stick_upto_scroll number| max_width number| gutter object| twemoji object| wp function| onYouTubeIframeAPIReady object| gaGlobal function| _classCallCheck function| mailmunchGetMethodChain function| mailmunchGetOrCreateMethodChain function| MailMunchBaseForm function| _createClass object| _mailmunchInstances function| MailmunchMethodChain function| MailmunchUrlChangeTracker object| MailMunchDeviceDetect object| MailMunchAjax object| MailMunchHelpers object| mailmunch object| MailMunchWidgets object| gaplugins object| gaData function| _mJquery object| jQuery111306622144631949454 function| MailMunchPopover

6 Cookies

Domain/Path Name / Value
.firstmidwestadvisors.com/ Name: _tccl_visitor
Value: ea6ecfa8-7775-5762-8878-10fe025fd0c4
.firstmidwestadvisors.com/ Name: _tccl_visit
Value: ea6ecfa8-7775-5762-8878-10fe025fd0c4
.firstmidwestadvisors.com/ Name: _ga_71C859NF43
Value: GS1.1.1687270413.1.0.1687270413.60.0.0
.firstmidwestadvisors.com/ Name: _ga
Value: GA1.2.1336046225.1687270413
.firstmidwestadvisors.com/ Name: _gid
Value: GA1.2.1023675073.1687270413
.firstmidwestadvisors.com/ Name: _gat_gtag_UA_167933633_1
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1vs7f1.p3cdn1.secureserver.net
a.mailmunch.co
ajax.googleapis.com
analytics.mailmunch.co
events.api.secureserver.net
firstmidwestadvisors.com
fonts.googleapis.com
fonts.gstatic.com
forms.mailmunch.co
img1.wsimg.com
img6.wsimg.com
r20.rs6.net
region1.analytics.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.de
www.googletagmanager.com
162.159.135.45
192.124.249.169
2001:4860:4802:34::36
208.75.122.11
23.53.42.211
2600:9000:237d:4e00:4:c961:9640:93a1
2a00:1450:4001:800::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:400c:c07::9b
2a02:26f0:3500:18::1724:a292
3.232.242.170
54.157.58.70
072799c158a63f494abfbb8c4a0a7f1322029d531192c34092b88ddfdf693b2d
073755b43f55a99987aa9f8d6b99239e8cdc9952fe4f1ef0275850610702a80b
0c2994680115796fdc121c352837ed6b5c4fa6df426d2d88925c7f2244eb6bdc
159043fcb16dd5c9a4b6a80581f7a91dc5987665ea5f7851da6c29fba0615a64
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
2f167ae1780938fa19464993733924d0d078d5f5ce7955a596a55c210cb36cc8
2f169489cea45d4acbc800270fb5aba448801314411acfaf2539161d11974014
3598ea7efef4d45e55111b704560e9b5e3557cf25b5efe3f9208cf26cfff7db8
3f7af01f4d8414f9dfe9e2dc0f693ad62b3081e7a345aee612114e4c4aebcd2e
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9
470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553
4b2e89b72178662b63552cfaeb94919b30de5050dd2302e3b951333b86af6b99
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
53d4114fbd4b94de008401dc1381e75046f8273032b270dc1879dfd2d3ff8ce4
567762125a6f755df1fd3880a2c9dcdf7743787c58f69475f711b833cbad3c5d
67eb879fb1645c73ccbaac598e815fd3901eb5114228021d686b8b5e470edbbd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ccbd8ecbdd75a19e0c7cb77a0de420d0f9c7b6766815259361db4c65a73f6ab
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312
773dfc6730b3a2bcb68f1829835956f1a733608a5662782d1cf12304443c80ce
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
81a7d8a047857c04f34dee91793ff2474128f76e8339511607f80a27179fc65b
88bcfbdf48c41dcd747f6d2783acd58eb7bb007f04855a53e8aecc74c90771ba
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9816b76871f8b425dedf2f50c90fbc133baa02b0a8b8bccf71004175391b2b1b
99bfaa4701c1302d3cb52051c04aceda00f347ae1f979578329db056ee20e376
9bc0966f793217465b16db209de07f945210caa979834ecafd0d42bccba60a4d
9c197c685d1cfde9e68e198bd0c023f58202efd10e5991a58aeacb01db67f844
a9c597563e5d34020e67a0def5da510e76230abf5af84ed884613fa3534c5214
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af90387eacaa6317d6b7c4bba76c2ab18b44542f70339d74df9b19a697f776f1
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b7cfb675f372a8b72b320a64230e9dab189b958c8bad0661c38ab8578566d2
c0c394da8d74dbd52fb6b05fe19e4c01b583af5dda0cafdb2df0788e0c402dba
c6703f70a36d19c4598cbac6090f2fed7863e4800e06bd8c0c1e25df0e88d2d8
cc139bb571ba15adcd2e6f37859679ce715e5de67720f0724595e5b8a6dfe9b5
cde5c586ae4068dfc13aec750cd2179991fdeb948106c146629480390b3b471e
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8584a1e36abe27ea5b15fd037ab9fb25270d44705ee29f8cc38d213c128c5d3
f860bbb071d2de91d3b6cbd420c787f4b09c8d9d0cb2be2a772a3b3ff6047936