urlscan.io logo urlscan.io
SecurityTrails logo

markellbaldwin.com Open in urlscan Pro
34.136.51.111  Public Scan

Go To Rescan Add Verdict Report
URL: https://markellbaldwin.com/
Submission: On June 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 26 HTTP transactions. The main IP is 34.136.51.111, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is markellbaldwin.com.
TLS certificate: Issued by R3 on May 12th 2024. Valid for: 3 months.
This is the only time markellbaldwin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    34.136.51.111 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.51.136.34.bc.googleusercontent.com
markellbaldwin.com
2    104.17.3.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    13.32.23.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-60.fra56.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
3    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a04:4e42:200::720 (United States)

ASN54113 (FASTLY, US)
polywork-production.imgix.net
polywork-images-proxy.imgix.net
1    151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.google.de
1    151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
Apex Domain
Subdomains		 Transfer
11 markellbaldwin.com
markellbaldwin.com
1 MB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
291 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1638
150 KB
2 imgix.net
polywork-production.imgix.net
polywork-images-proxy.imgix.net
52 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
91 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4311
14 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 8088
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
257 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3125
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 4076
65 KB
1 cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
14 KB
26 11
Domain Requested by
11 markellbaldwin.com markellbaldwin.com
3 www.googletagmanager.com markellbaldwin.com
www.googletagmanager.com
2 js.stripe.com markellbaldwin.com
js.stripe.com
2 connect.facebook.net markellbaldwin.com
connect.facebook.net
2 challenges.cloudflare.com 1 redirects markellbaldwin.com
1 polywork-images-proxy.imgix.net
1 www.google.de markellbaldwin.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 polywork-production.imgix.net markellbaldwin.com
1 www.googleoptimize.com markellbaldwin.com
1 d2wy8f7a9ursnm.cloudfront.net markellbaldwin.com
26 12

This site contains links to these domains. Also see Links.

Domain
linkedin.com
twitter.com
youtube.com
medium.com
Subject Issuer Validity Valid
markellbaldwin.com
R3		 2024-05-12 -
2024-08-10		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-06 -
2024-07-05		 3 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-12-07 -
2025-01-07		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2024-09-19		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.de
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://markellbaldwin.com/
Frame ID: 21FB6458D78D9CB3F268A90BC957DC02
Requests: 25 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: E1453CC9E0A33A08BC28A9466B9D2550
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Markell Baldwin

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

26
Requests

96 %
HTTPS

50 %
IPv6

11
Domains

12
Subdomains

12
IPs

4
Countries

1973 kB
Transfer

7269 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
markellbaldwin.com/ 		51 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://markellbaldwin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.136.51.111 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.51.136.34.bc.googleusercontent.com
Software
Caddy /
Resource Hash
aefe286fecf4f1548bde02e6a36e14aa56b5f5d5e32cd383295b55298aac8090
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
8184
content-type
text/html; charset=utf-8
date
Thu, 27 Jun 2024 17:30:33 GMT
etag
W/"99e62878a144d76a0a92a69cc168c79a"
link
</assets/application-8fc5959715f11e200f29e4e7c0987e3c4eb2fa7ac1a2cf931f268a982bdea0a9.css>; rel=preload; as=style; nopush,</assets/templated/typographies/cormorant-garamond-19c38b4a89aeef51a6e4e648ad1cc8807c90626362dfd586a16899c4d53d64f9.css>; rel=preload; as=style; nopush,</assets/templated/typographies/sizing-926fbe0577043d51f08137e610ce52e021290d110b6e17182358947217d81413.css>; rel=preload; as=style; nopush,</assets/templated/templates/trailblazer-e5c478e321c28a8595dc69bb0cc5a50c046820c7b79252c28503222d9da72c89.css>; rel=preload; as=style; nopush,</assets/tailwind-86853cd5b3562e2ef796f3d15b2354200d36b29d939bfa7e3114337cc74172a6.css>; rel=preload; as=style; nopush,</assets/application-8fc5959715f11e200f29e4e7c0987e3c4eb2fa7ac1a2cf931f268a982bdea0a9.css>; rel=preload; as=style; nopush,</packs/js/application-a79181c4434bf43762a9.js>; rel=preload; as=script; nopush
referrer-policy
strict-origin-when-cross-origin
server
Caddy
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding, Origin
via
1.1 google
x-cloud-trace-context
1d337f8ea6f7b62725b16fb13ab1283a/16071373142886151687;o=0
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
4398cde8-4d0c-4af9-b377-9e54dd4ce568
x-runtime
0.868463
x-xss-protection
1; mode=block
application-8fc5959715f11e200f29e4e7c0987e3c4eb2fa7ac1a2cf931f268a982bdea0a9.css
markellbaldwin.com/assets/ 		2 MB
186 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://markellbaldwin.com/assets/application-8fc5959715f11e200f29e4e7c0987e3c4eb2fa7ac1a2cf931f268a982bdea0a9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.136.51.111 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.51.136.34.bc.googleusercontent.com
Software
Caddy /
Resource Hash
f6f08c14031f26c3c36880664cd3989dd2fcea12da09c118d065e591a2c6bdf4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:33 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:55:15 GMT
server
Caddy
vary
accept-encoding, Origin
content-type
text/css
cache-control
public, max-age=604800
alt-svc
h3=":443"; ma=2592000
content-length
190313
cormorant-garamond-19c38b4a89aeef51a6e4e648ad1cc8807c90626362dfd586a16899c4d53d64f9.css
markellbaldwin.com/assets/templated/typographies/ 		1 KB
519 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://markellbaldwin.com/assets/templated/typographies/cormorant-garamond-19c38b4a89aeef51a6e4e648ad1cc8807c90626362dfd586a16899c4d53d64f9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.136.51.111 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.51.136.34.bc.googleusercontent.com
Software
Caddy /
Resource Hash
f4c95d125dc6449b74ed890cc764997f39fcef62897f1a712bd2a565fa123781
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:33 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:55:15 GMT
server
Caddy
vary
accept-encoding, Origin
content-type
text/css
cache-control
public, max-age=604800
alt-svc
h3=":443"; ma=2592000
content-length
420
sizing-926fbe0577043d51f08137e610ce52e021290d110b6e17182358947217d81413.css
markellbaldwin.com/assets/templated/typographies/ 		2 KB
415 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://markellbaldwin.com/assets/templated/typographies/sizing-926fbe0577043d51f08137e610ce52e021290d110b6e17182358947217d81413.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.136.51.111 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.51.136.34.bc.googleusercontent.com
Software
Caddy /
Resource Hash
c53d3bb2ef995a0e9f826848482f69698a0596c2b60145bc349fdba9a02a5d3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:33 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:55:16 GMT
server
Caddy
vary
accept-encoding, Origin
content-type
text/css
cache-control
public, max-age=604800
alt-svc
h3=":443"; ma=2592000
content-length
380
trailblazer-e5c478e321c28a8595dc69bb0cc5a50c046820c7b79252c28503222d9da72c89.css
markellbaldwin.com/assets/templated/templates/ 		762 B
365 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://markellbaldwin.com/assets/templated/templates/trailblazer-e5c478e321c28a8595dc69bb0cc5a50c046820c7b79252c28503222d9da72c89.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.136.51.111 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.51.136.34.bc.googleusercontent.com
Software
Caddy /
Resource Hash
f07b9404ffd0fd23eaca0b4806770f9544338ee68436152ddedce6042c353074
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:33 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:55:16 GMT
server
Caddy
vary
accept-encoding, Origin
content-type
text/css
cache-control
public, max-age=604800
alt-svc
h3=":443"; ma=2592000
content-length
307
tailwind-86853cd5b3562e2ef796f3d15b2354200d36b29d939bfa7e3114337cc74172a6.css
markellbaldwin.com/assets/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://markellbaldwin.com/assets/tailwind-86853cd5b3562e2ef796f3d15b2354200d36b29d939bfa7e3114337cc74172a6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.136.51.111 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.51.136.34.bc.googleusercontent.com
Software
Caddy /
Resource Hash
6ff14281e6c98b0f40a5203f0c4332922d5f6bafca66f59a932b5115ecef60b8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:33 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:55:16 GMT
server
Caddy
vary
accept-encoding, Origin
content-type
text/css
cache-control
public, max-age=604800
alt-svc
h3=":443"; ma=2592000
content-length
4947
application-a79181c4434bf43762a9.js
markellbaldwin.com/packs/js/ 		3 MB
450 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://markellbaldwin.com/packs/js/application-a79181c4434bf43762a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.136.51.111 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.51.136.34.bc.googleusercontent.com
Software
Caddy /
Resource Hash
80bae0f284e750d4f68be5493b1a050bf790cc0b260ff8ffd4044870dd3e23a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:33 GMT
content-encoding
br
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:56:32 GMT
server
Caddy
vary
accept-encoding, Origin
content-type
application/javascript
cache-control
public, max-age=604800
alt-svc
h3=":443"; ma=2592000
content-length
460968
api.js
challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js
42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js
Requested by
Host: markellbaldwin.com
URL: https://markellbaldwin.com/
Protocol
H3
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdf9b58fcf84b6c75c42ba56855fb02e0a990771aa1932c18a0fa73ef640000a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://markellbaldwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 27 Jun 2024 17:30:33 GMT
content-encoding
br
last-modified
Wed, 19 Jun 2024 17:35:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
89a72a66abb3c017-WAW
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 27 Jun 2024 17:30:33 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/b/c7e29c8c8b6e/api.js
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
89a72a663b44c017-WAW
alt-svc
h3=":443"; ma=86400
content-length
0
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v7/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Requested by
Host: markellbaldwin.com
URL: https://markellbaldwin.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-60.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84963441bd727dbb97cf02ab3a3b8ba446aa546eb3ae26ac197f9d0954e3daf6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 14:55:56 GMT
x-amz-version-id
9gmVNAB_2jCt.33UjmOP16GXkgj_YpUP
Content-Encoding
gzip
Via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
6143679
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 17 Apr 2024 14:55:48 GMT
Server
AmazonS3
ETag
W/"531917ee37953978a512b1ae34bf0773"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=315360000
X-Amz-Cf-Id
eV3i6axZWVFm2JQuOCbZ7Ht1ASAH7tnsktxnLlHE39xrpllsb8UhyA==
js
www.googletagmanager.com/gtag/ 		301 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z7048VMS68
Requested by
Host: markellbaldwin.com
URL: https://markellbaldwin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19d82381de9feb7f34e9eb80c75d50e3dec241d4e7df59fbf6805be92428f11a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104034
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 27 Jun 2024 17:30:37 GMT
js
www.googletagmanager.com/gtag/ 		239 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10865685512
Requested by
Host: markellbaldwin.com
URL: https://markellbaldwin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54184f43345ef724819bc362aae87fae50b3662af74a6c63ce8f25b938343147
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86906
x-xss-protection
0
last-modified
Thu, 27 Jun 2024 16:21:58 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jun 2024 17:30:37 GMT
optimize.js
www.googleoptimize.com/ 		178 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-5BF4Z7C
Requested by
Host: markellbaldwin.com
URL: https://markellbaldwin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22b4bc0b0e07acbc75f2344d718b4478869f047c91ebed6eed9ae48d46e9e1a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65807
x-xss-protection
0
last-modified
Thu, 27 Jun 2024 16:21:58 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jun 2024 17:30:38 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: markellbaldwin.com
URL: https://markellbaldwin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6495f9ca6e4d090fec96d1f3acc2cb1d108af257ca664d1f80df7aa6058200c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Origin
https://markellbaldwin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Jun 2024 17:30:37 GMT
content-md5
QqCijmztj8RcpVcoLqlffA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=47, rtx=0, c=14, mss=1297, tbw=2804, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
PxhY/4Dl98fttN12ZbnZyUQgiZSZmxIYHIT8iG/b4fjmEa2AlTpu9tr9n/zl5KK0NdgSkcXHsQEBGlgZjK4hHg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d297fb8f47d78cc8603bb29464e5c852
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"24a1945c35544070d218a9e02d453dcd"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 27 Jun 2024 17:45:50 GMT
dct904vjw1jwzcukgmcfkm5ixj03
polywork-production.imgix.net/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polywork-production.imgix.net/dct904vjw1jwzcukgmcfkm5ixj03?ixlib=rails-4.3.1&auto=compress%2Cformat&w=540&h=696&fit=crop&dpr=1&q=75
Requested by
Host: markellbaldwin.com
URL: https://markellbaldwin.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
edad3bf043239408767e5922a0eae68cc741d0f427afe373978ab270587b64e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:33 GMT
x-content-type-options
nosniff
age
107429
x-cache
MISS, HIT, MISS
x-imgix-id
5eec1731a942345479be7a03435e718a98806745
cross-origin-resource-policy
cross-origin
content-length
48317
x-served-by
cache-sjc1000101-SJC, cache-fra-etou8220058-FRA, cache-cph2320036-CPH
last-modified
Wed, 26 Jun 2024 11:40:04 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
quill.core-bcc2b8a44b9fb712ce511146bf2d95bf1ee71ceb3e8f73d9ed3b2549567b8f85.css
markellbaldwin.com/assets/quill/dist/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://markellbaldwin.com/assets/quill/dist/quill.core-bcc2b8a44b9fb712ce511146bf2d95bf1ee71ceb3e8f73d9ed3b2549567b8f85.css
Requested by
Host: markellbaldwin.com
URL: https://markellbaldwin.com/assets/application-8fc5959715f11e200f29e4e7c0987e3c4eb2fa7ac1a2cf931f268a982bdea0a9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.136.51.111 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.51.136.34.bc.googleusercontent.com
Software
Caddy /
Resource Hash
230cd94150c240c49c2ad37de58a5400832bb7f2605e0a42e86e1c7d7299be15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/assets/application-8fc5959715f11e200f29e4e7c0987e3c4eb2fa7ac1a2cf931f268a982bdea0a9.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:34 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:55:15 GMT
server
Caddy
vary
accept-encoding, Origin
content-type
text/css
cache-control
public, max-age=604800
alt-svc
h3=":443"; ma=2592000
content-length
1513
animate.min-f2a2e8fd36c2f66fe064015fd419ab7964e3ed27bcbd968031dc35997329825e.css
markellbaldwin.com/assets/animate.css/ 		24 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://markellbaldwin.com/assets/animate.css/animate.min-f2a2e8fd36c2f66fe064015fd419ab7964e3ed27bcbd968031dc35997329825e.css
Requested by
Host: markellbaldwin.com
URL: https://markellbaldwin.com/assets/application-8fc5959715f11e200f29e4e7c0987e3c4eb2fa7ac1a2cf931f268a982bdea0a9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.136.51.111 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.51.136.34.bc.googleusercontent.com
Software
Caddy /
Resource Hash
3e6c86d3342a72227967d6b88498e536945df6b7b7332b76bf466a7d3dbac7bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/assets/application-8fc5959715f11e200f29e4e7c0987e3c4eb2fa7ac1a2cf931f268a982bdea0a9.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:34 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:55:15 GMT
server
Caddy
vary
accept-encoding, Origin
content-type
text/css
cache-control
public, max-age=604800
alt-svc
h3=":443"; ma=2592000
content-length
3279
v3
js.stripe.com/ 		614 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: markellbaldwin.com
URL: https://markellbaldwin.com/packs/js/application-a79181c4434bf43762a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
289cd622c55a241670bd8d1778e4ea776c4876d358b79eb35df53d33518efad1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 27 Jun 2024 17:30:37 GMT
via
1.1 varnish
age
24
x-cache
HIT
content-length
152936
x-request-id
2df8751f-1f45-44d3-98e5-77cc03ea6a1d
x-served-by
cache-fra-etou8220146-FRA
last-modified
Thu, 27 Jun 2024 17:23:34 GMT
server
Fastly
etag
"2070ce116f78a7d3e055beb2626d6634"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3
DM-Sans-variable-4b4dfa8f036efb160d44f1c96a95b06f116e39c0af38473626cd2dcbcea6135e.ttf
markellbaldwin.com/assets/ 		233 KB
234 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://markellbaldwin.com/assets/DM-Sans-variable-4b4dfa8f036efb160d44f1c96a95b06f116e39c0af38473626cd2dcbcea6135e.ttf
Requested by
Host: markellbaldwin.com
URL: https://markellbaldwin.com/assets/templated/typographies/cormorant-garamond-19c38b4a89aeef51a6e4e648ad1cc8807c90626362dfd586a16899c4d53d64f9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.136.51.111 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.51.136.34.bc.googleusercontent.com
Software
Caddy /
Resource Hash
89bb04dfe23de60f95d39251a4b6368f411ad436d20fd48b3fd3fa28a30157ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/assets/templated/typographies/cormorant-garamond-19c38b4a89aeef51a6e4e648ad1cc8807c90626362dfd586a16899c4d53d64f9.css
Origin
https://markellbaldwin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Wed, 26 Jun 2024 17:55:15 GMT
server
Caddy
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=604800
vary
Origin
alt-svc
h3=":443"; ma=2592000
content-length
238984
CormorantGaramond-BoldItalic-b7c7f0924dba3de3a7a9a4e6bdb7def8fe40361d5e54292e7c6f88a7ae0d27af.ttf
markellbaldwin.com/assets/ 		405 KB
405 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://markellbaldwin.com/assets/CormorantGaramond-BoldItalic-b7c7f0924dba3de3a7a9a4e6bdb7def8fe40361d5e54292e7c6f88a7ae0d27af.ttf
Requested by
Host: markellbaldwin.com
URL: https://markellbaldwin.com/assets/templated/typographies/cormorant-garamond-19c38b4a89aeef51a6e4e648ad1cc8807c90626362dfd586a16899c4d53d64f9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.136.51.111 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.51.136.34.bc.googleusercontent.com
Software
Caddy /
Resource Hash
b2e6ce5dd56f6004a909602850dbecc04202f7864e1922d69016c506031763bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/assets/templated/typographies/cormorant-garamond-19c38b4a89aeef51a6e4e648ad1cc8807c90626362dfd586a16899c4d53d64f9.css
Origin
https://markellbaldwin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Wed, 26 Jun 2024 17:55:15 GMT
server
Caddy
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=604800
vary
Origin
alt-svc
h3=":443"; ma=2592000
content-length
414744
sdk.js
connect.facebook.net/en_US/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ffd6e6aa285262dd994c35891317cdd4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
05f708ed0fa794d3507879c90f6783e3b646c27749d3896b4714017d1f08d248
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Origin
https://markellbaldwin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Jun 2024 17:30:37 GMT
content-md5
58IUTJ7RUwWGBImsjdZs0g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89056
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=21, mss=1297, tbw=6636, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
Bb+2xHRzfHukEzuvNsY8uTPKcFR6oz+1vFEFxtRt+2/cYMNDcdBvNXrkavtRhH6En1z6UDA+ICJKKyKrzyjEWg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
64d6d6abbb644772ea0446c763d1a595
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"876e07c37563ea3cc2d4d32067ee426d"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 27 Jun 2025 15:43:01 GMT
js
www.googletagmanager.com/gtag/ 		307 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z7048VMS68&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10865685512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ca7369a7e09242da2cc44612351df53e5c4c2be2e5a2c7486d506a8159d946c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106308
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 27 Jun 2024 17:30:38 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-Z7048VMS68&gtm=45je46q0v873572256za200zb9115669128&_p=1719509434712&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1830569862.1719509438&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719509438&sct=1&seg=0&dl=https%3A%2F%2Fmarkellbaldwin.com%2F&dt=Markell%20Baldwin&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.signed_in=false&ep.user_status=unknown&up.signed_in=false&up.status=unknown&tfd=6596&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z7048VMS68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 27 Jun 2024 17:30:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://markellbaldwin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Z7048VMS68&cid=1830569862.1719509438&gtm=45je46q0v873572256za200zb9115669128&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z7048VMS68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 27 Jun 2024 17:30:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://markellbaldwin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Z7048VMS68&cid=1830569862.1719509438&gtm=45je46q0v873572256za200zb9115669128&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1299004099
Requested by
Host: markellbaldwin.com
URL: https://markellbaldwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 27 Jun 2024 17:30:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame E145 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://markellbaldwin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
221274
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 27 Jun 2024 17:30:39 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
44025
x-content-type-options
nosniff
x-request-id
66edfcac-50de-47d7-bca8-2dc032740908
x-served-by
cache-fra-etou8220120-FRA
https%3A%2F%2Fpolywork-production.s3.us-east-2.amazonaws.com%2Fxszvtnyvhxxip4n2qxopbey6coei%3Fresponse-content-disposition%3Dinline%253B%2520filename%253D%2522mb%2520photo%25202023.jpg%2522%253B%25...
polywork-images-proxy.imgix.net/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://polywork-images-proxy.imgix.net/https%3A%2F%2Fpolywork-production.s3.us-east-2.amazonaws.com%2Fxszvtnyvhxxip4n2qxopbey6coei%3Fresponse-content-disposition%3Dinline%253B%2520filename%253D%2522mb%2520photo%25202023.jpg%2522%253B%2520filename%252A%253DUTF-8%2527%2527mb%252520photo%2525202023.jpg%26response-content-type%3Dimage%252Fjpeg%26X-Amz-Algorithm%3DAWS4-HMAC-SHA256%26X-Amz-Credential%3DAKIAJFVZB22UGYZRHS6A%252F20240627%252Fus-east-2%252Fs3%252Faws4_request%26X-Amz-Date%3D20240627T173032Z%26X-Amz-Expires%3D300%26X-Amz-SignedHeaders%3Dhost%26X-Amz-Signature%3D1f563484d062958bd1f4d2b57f6b8700a2a54c8f855fca11b78d47485933aacf?ixlib=rails-4.3.1&w=32&h=32&fit=crop&auto=format&s=7f1910d9812adadc08b4885df2faf2bb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
217e76c3bd3575be9c153ccc26b73161c856fb18648ae3df32be320f95087437
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://markellbaldwin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:30:40 GMT
x-content-type-options
nosniff
age
0
x-cache
MISS, MISS, MISS
x-imgix-id
aeef50154e7ec7445d25b214fa4af2d10dedcfdf
cross-origin-resource-policy
cross-origin
content-length
4854
x-served-by
cache-sjc1000127-SJC, cache-fra-eddf8230115-FRA, cache-cph2320036-CPH
last-modified
Thu, 27 Jun 2024 17:30:40 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| turnstile object| webpackJsonp object| regeneratorRuntime object| Turbo object| iframely function| Dropzone function| _ function| hotkeys object| Chartkick object| Strada object| reactiveElementVersions object| litHtmlVersions object| litElementVersions boolean| _rails_loaded function| initializeTooltip object| Rails function| gtag object| dataLayer function| fbAsyncInit object| Bugsnag object| FB object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkStripeJSouter function| noop function| Stripe object| __buffer

9 Cookies

Domain/Path Name / Value
markellbaldwin.com/ Name: client_session_identifier
Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqWTFObUV5TWpoaExXTTJNV1l0TkRreU1pMWhOMk5tTFRKbU56VTVPR0kyT1ROaFpTST0iLCJleHAiOiIyMDI1LTA2LTI3VDE3OjMwOjMyLjI3MloiLCJwdXIiOiJjb29raWUuY2xpZW50X3Nlc3Npb25faWRlbnRpZmllciJ9fQ%3D%3D--b537f800a7786e61c537f519a11a8bb275b2a1c8
markellbaldwin.com/ Name: _polywork_session
Value: uGJ3F9UeeJ%2FnMWEFUbNl1JFcOVxupV2DxvCaIwTM8Zpg2FLwjP6cS%2FsnS6tozgMgZDrI6dbXfOt%2FmbU2qbE%2BQUWXJYPN32qjn%2F5onyhw%2FBobcr%2B%2FekmZL3pONAn0k4jdhFqK7dGCOt%2FOTKAI3ms2l1DGlDWmAhVUjK2kDqxsWDjo5bfXDP91gF9UsxxOnGuGO6RysGqIE6kC6%2BHZCfKc4Rwo%2F4Ap2eO5f1AMYr9d6ZhCStDtOE5gXnn3j4fWBdKDGXpwVRymWtL%2BoMAVlCHZfNwHGehwblQcFCOqqYYPAlDO54Quf4e0QNNirlvCLKk%3D--j0xW2W6eDGgmOO6I--CejDfwG%2BI2leZ7xUJmbRKQ%3D%3D
markellbaldwin.com/ Name: tzo
Value: Europe/Berlin
.markellbaldwin.com/ Name: _gcl_au
Value: 1.1.557800905.1719509438
.markellbaldwin.com/ Name: _ga_Z7048VMS68
Value: GS1.1.1719509438.1.1.1719509439.59.0.0
.markellbaldwin.com/ Name: _ga
Value: GA1.1.656a228a-c61f-4922-a7cf-2f7598b693ae
m.stripe.com/ Name: m
Value: 8bbae7c4-18f2-40a0-8fe7-2d18b85e95ad4ca8c7
.markellbaldwin.com/ Name: __stripe_mid
Value: ed4f0ca1-dc75-4e5a-8235-8d58b847b90f80e441
.markellbaldwin.com/ Name: __stripe_sid
Value: 5291d058-fd53-429d-8fc5-1f15ca93c05ddd5bb9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
connect.facebook.net
d2wy8f7a9ursnm.cloudfront.net
js.stripe.com
markellbaldwin.com
polywork-images-proxy.imgix.net
polywork-production.imgix.net
region1.analytics.google.com
stats.g.doubleclick.net
www.google.de
www.googleoptimize.com
www.googletagmanager.com
104.17.3.184
13.32.23.60
142.250.184.195
151.101.0.176
151.101.192.176
2001:4860:4802:34::36
2a00:1450:4001:80b::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c04::9b
2a03:2880:f083:100:face:b00c:0:3
2a04:4e42:200::720
34.136.51.111
05f708ed0fa794d3507879c90f6783e3b646c27749d3896b4714017d1f08d248
0ca7369a7e09242da2cc44612351df53e5c4c2be2e5a2c7486d506a8159d946c
19d82381de9feb7f34e9eb80c75d50e3dec241d4e7df59fbf6805be92428f11a
217e76c3bd3575be9c153ccc26b73161c856fb18648ae3df32be320f95087437
22b4bc0b0e07acbc75f2344d718b4478869f047c91ebed6eed9ae48d46e9e1a3
230cd94150c240c49c2ad37de58a5400832bb7f2605e0a42e86e1c7d7299be15
289cd622c55a241670bd8d1778e4ea776c4876d358b79eb35df53d33518efad1
3e6c86d3342a72227967d6b88498e536945df6b7b7332b76bf466a7d3dbac7bb
54184f43345ef724819bc362aae87fae50b3662af74a6c63ce8f25b938343147
6495f9ca6e4d090fec96d1f3acc2cb1d108af257ca664d1f80df7aa6058200c8
6ff14281e6c98b0f40a5203f0c4332922d5f6bafca66f59a932b5115ecef60b8
80bae0f284e750d4f68be5493b1a050bf790cc0b260ff8ffd4044870dd3e23a3
84963441bd727dbb97cf02ab3a3b8ba446aa546eb3ae26ac197f9d0954e3daf6
89bb04dfe23de60f95d39251a4b6368f411ad436d20fd48b3fd3fa28a30157ae
aefe286fecf4f1548bde02e6a36e14aa56b5f5d5e32cd383295b55298aac8090
b2e6ce5dd56f6004a909602850dbecc04202f7864e1922d69016c506031763bb
c53d3bb2ef995a0e9f826848482f69698a0596c2b60145bc349fdba9a02a5d3e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edad3bf043239408767e5922a0eae68cc741d0f427afe373978ab270587b64e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07b9404ffd0fd23eaca0b4806770f9544338ee68436152ddedce6042c353074
f4c95d125dc6449b74ed890cc764997f39fcef62897f1a712bd2a565fa123781
f6f08c14031f26c3c36880664cd3989dd2fcea12da09c118d065e591a2c6bdf4
fdf9b58fcf84b6c75c42ba56855fb02e0a990771aa1932c18a0fa73ef640000a