urlscan.io logo urlscan.io
SecurityTrails logo

bloomington.bairdwealth.com Open in urlscan Pro
2606:4700::6810:45c5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bloomington.bairdwealth.com/
Effective URL: https://bloomington.bairdwealth.com/
Submission: On February 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 1 countries across 10 domains to perform 44 HTTP transactions. The main IP is 2606:4700::6810:45c5, located in United States and belongs to CLOUDFLARENET, US. The main domain is bloomington.bairdwealth.com.
TLS certificate: Issued by Cloudflare Inc RSA CA-2 on February 7th 2023. Valid for: a year.
This is the only time bloomington.bairdwealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700::6810:44c5 (United States)

ASN13335 (CLOUDFLARENET, US)
bloomington.bairdwealth.com
1    2606:4700::6810:45c5 (United States)

ASN13335 (CLOUDFLARENET, US)
bloomington.bairdwealth.com
12    2600:9000:21ea:ac00:11:ad6d:cf00:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.fmgsuite.com
14    2607:f8b0:4006:821::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
maps.googleapis.com
2    52.216.214.129 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
fmg-websites-custom.s3.amazonaws.com
1    2607:f8b0:4006:80f::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.225.214.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-106.ewr50.r.cloudfront.net
static.site24x7rum.com
3    2607:f8b0:4006:80c::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4006:80f::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:80c::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4006:824::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
maps.gstatic.com
1    2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    34.211.74.190 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-74-190.us-west-2.compute.amazonaws.com
col.site24x7rum.com
Apex Domain
Subdomains		 Transfer
14 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
maps.googleapis.com — Cisco Umbrella Rank: 354
267 KB
12 fmgsuite.com
static.fmgsuite.com — Cisco Umbrella Rank: 95273
1 MB
5 gstatic.com
fonts.gstatic.com
maps.gstatic.com
134 KB
3 site24x7rum.com
static.site24x7rum.com — Cisco Umbrella Rank: 19995
col.site24x7rum.com — Cisco Umbrella Rank: 23219
23 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2 Failed
2 KB
2 amazonaws.com
fmg-websites-custom.s3.amazonaws.com — Cisco Umbrella Rank: 159703
126 KB
2 bairdwealth.com
bloomington.bairdwealth.com
11 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
355 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
44 KB
44 10
Domain Requested by
12 maps.googleapis.com www.google.com
maps.googleapis.com
bloomington.bairdwealth.com
12 static.fmgsuite.com bloomington.bairdwealth.com
static.fmgsuite.com
3 fonts.gstatic.com fonts.googleapis.com
2 col.site24x7rum.com static.site24x7rum.com
2 maps.gstatic.com www.google.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.com bloomington.bairdwealth.com
static.fmgsuite.com
2 fmg-websites-custom.s3.amazonaws.com bloomington.bairdwealth.com
2 fonts.googleapis.com bloomington.bairdwealth.com
2 bloomington.bairdwealth.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 static.site24x7rum.com bloomington.bairdwealth.com
1 www.googletagmanager.com bloomington.bairdwealth.com
44 13
Subject Issuer Validity Valid
bloomington.bairdwealth.com
Cloudflare Inc RSA CA-2		 2023-02-07 -
2024-02-07		 a year crt.sh
*.fmgsuite.com
Amazon		 2022-08-30 -
2023-09-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.site24x7rum.com
Amazon		 2022-07-31 -
2023-08-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://bloomington.bairdwealth.com/
Frame ID: 98D2979AF93FFFB654C954B34DD95EE3
Requests: 28 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3093.4195503997003!2d-86.53774808464172!3d39.16518187953018!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x886c66e0a8c10179%3A0xe025b49c7d12d294!2s202%20S%20College%20Ave%2C%20Bloomington%2C%20IN%2047404!5e0!3m2!1sen!2sus!4v1646788429244!5m2!1sen!2sus
Frame ID: 21EAA68A51799D91129E67FE89B12E96
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3093.4195503997003!2d-86.53774808464172!3d39.16518187953018!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x886c66e0a8c10179%3A0xe025b49c7d12d294!2s202%20S%20College%20Ave%2C%20Bloomington%2C%20IN%2047404!5e0!3m2!1sen!2sus!4v1646788429244!5m2!1sen!2sus
Frame ID: BE4836CDF27782499E8F1448D575A808
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Baird's Bloomington Office

Page URL History Show full URLs

  1. http://bloomington.bairdwealth.com/ HTTP 301
    https://bloomington.bairdwealth.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtag/js

Page Statistics

44
Requests

98 %
HTTPS

77 %
IPv6

10
Domains

13
Subdomains

13
IPs

1
Countries

1913 kB
Transfer

3189 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bloomington.bairdwealth.com/ HTTP 301
    https://bloomington.bairdwealth.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bloomington.bairdwealth.com/
Redirect Chain
  • http://bloomington.bairdwealth.com/
  • https://bloomington.bairdwealth.com/
48 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:45c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
641ed8ac752cbb854461605a38122b6950f17fedbdd5d468efcfec36d87e48cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
79e8e8aabbacd163-BUF
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 24 Feb 2023 14:32:08 GMT
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-stackifyid
V2|b7945ab3-7b57-4f27-8511-9dda8efa6f44|C78253|CD57063

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
79e8e8a93d32d153-BUF
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Fri, 24 Feb 2023 14:32:07 GMT
Location
https://bloomington.bairdwealth.com/
Server
cloudflare
Transfer-Encoding
chunked
X-StackifyID
V2|07490715-0810-4be7-b641-f0d382f64738|C78253|CD57063
7a1.css
static.fmgsuite.com/site/templates/007/dist/ 		260 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.fmgsuite.com/site/templates/007/dist/7a1.css?v=2.86.45.42710.388
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:ac00:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0ca8400e4a6d5a082100d233f0b34a123cbc435f3065679a769b3a329e48bb9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 23:54:32 GMT
x-amz-version-id
2gNBC221m4Atm1Lz7s0A101YC16G11L9
content-encoding
gzip
last-modified
Tue, 21 Feb 2023 22:58:34 GMT
server
AmazonS3
via
1.1 0c2947bdc7b8340f8e04a5a58d570236.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
etag
W/"a4c143c67fa9fd8da3a99e2ea98af09f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
52657
x-amz-replication-status
FAILED
x-amz-cf-id
WN6tj3kg-CD6Dcmq9sKDUZ3xwNPNEo1zA9myPsXNHVj9lLqAO7Ym6g==
css
fonts.googleapis.com/ 		1 KB
805 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Feb 2023 14:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 12:40:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Feb 2023 14:32:08 GMT
css2
fonts.googleapis.com/ 		1 KB
535 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Prata&display=swap
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96c4e58e8a03bbdefeb244e74873ce152349cdb30b308628dd7c3e2d7c7e118a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Feb 2023 14:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 13:45:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Feb 2023 14:32:08 GMT
baird-theme-2022.css
fmg-websites-custom.s3.amazonaws.com/baird-theme-2022/css/ 		114 KB
114 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fmg-websites-custom.s3.amazonaws.com/baird-theme-2022/css/baird-theme-2022.css?v=1.3
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.214.129 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3909b2ed7d87762e0d1d2639fb96080363a6a32a66819adbd1f6f39956951ef1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 14:32:09 GMT
x-amz-version-id
QHzO5jGOuvTKno7nRfXdZJh5Qx7vzz8u
Last-Modified
Tue, 08 Feb 2022 20:22:57 GMT
Server
AmazonS3
x-amz-request-id
3HFKD4JZGT4JE0JX
ETag
"2d7de6919b240c7f4514425dc3373dc7"
x-amz-server-side-encryption
AES256
Content-Type
text/css
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
116547
x-amz-id-2
LpLvoObSVOuMoKm7X/oSQfoJlXDA0U2Z5FqEflCa/R3HEXRHhhDz4T+tIJ4o/c+xX1zAb3A8ODQ=
js
www.googletagmanager.com/gtag/ 		111 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-24680519-10
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c82c7975414a36a3a50e3c98872af318e80037d417d15710403d64010cf7d0fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 14:32:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44492
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Feb 2023 14:32:08 GMT
brokerCheck-bar-logo.png
static.fmgsuite.com/site/templates/global/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/site/templates/global/img/brokerCheck-bar-logo.png
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:ac00:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
270a370311bb246a1b54005d05dbb6d51b4f20ac2c3dc19d98e68c20633eeecd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 05:34:31 GMT
x-amz-version-id
dZCHQiEUM2FhUbYWC5Iaxpt0MKWXK1gn
via
1.1 0c2947bdc7b8340f8e04a5a58d570236.cloudfront.net (CloudFront)
last-modified
Tue, 21 Feb 2023 22:59:10 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
32257
etag
"0a702e6adbbb9c114979785ab0055ff7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
x-amz-replication-status
FAILED
accept-ranges
bytes
content-length
6131
x-amz-cf-id
lYt2pFPt1X6IBGG1e25w2hSLTF89C4fbOZpRQCp4RMFoFh74kacByw==
c83d1682-b18f-4526-9bcc-b4c42b47ac53.png
static.fmgsuite.com/media/TransparentLogo/variantSize/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/TransparentLogo/variantSize/c83d1682-b18f-4526-9bcc-b4c42b47ac53.png
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:ac00:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233de4efef61c52e49333c69808a8b1ea8ccd6cd58bc39a85198206053a99cd0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 14:32:09 GMT
x-amz-version-id
hUt_fwmAOz_bPnWobqDt521yM6VIYIcO
via
1.1 0c2947bdc7b8340f8e04a5a58d570236.cloudfront.net (CloudFront)
last-modified
Wed, 09 Mar 2022 01:04:48 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
etag
"bc13736e72020a94240f6c673d390385"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
12985
x-amz-cf-id
dCycukgB9Ud3gpRGdelsQ_tSUgdqJaxY_XgXz3Bn-F-qkytMThTXtg==
d4689c04-7d7c-46e5-a245-ee27163ca795.jpg
static.fmgsuite.com/media/sideBySide/variantSize/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/sideBySide/variantSize/d4689c04-7d7c-46e5-a245-ee27163ca795.jpg?v=1
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:ac00:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6cddcbdcdb8a2c555694a2c662079ddf9074a4dcc486b60d69e28bb4078d9def

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 14:32:09 GMT
x-amz-version-id
Y6XfvSu76aVgya_Yx9pDGURA6FCjKDf9
via
1.1 0c2947bdc7b8340f8e04a5a58d570236.cloudfront.net (CloudFront)
last-modified
Wed, 09 Mar 2022 03:11:02 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
etag
"376cf4a980354a55cd0aea8e66754438"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
95780
x-amz-cf-id
p9L1NFVMtzR8Gj-EJE4GAlydJ9AKlx7_OePV5WJynwFopkDTdYLy4g==
06663b14-079c-4352-a698-26862c704965.jpg
static.fmgsuite.com/media/WebsiteBoxImage/variantSize/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/WebsiteBoxImage/variantSize/06663b14-079c-4352-a698-26862c704965.jpg?v=1
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:ac00:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
859c46113f7442ede1556f1ce54f08a59705ea036415349fc026c802d692ab80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:00:09 GMT
x-amz-version-id
UhRnvhjOFfBmXLPbtVciA0bLllUAZN3P
via
1.1 0c2947bdc7b8340f8e04a5a58d570236.cloudfront.net (CloudFront)
last-modified
Wed, 02 Feb 2022 15:01:05 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
23520
etag
"53cdd4e0bbedf9abf36c4e686056292f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
70726
x-amz-cf-id
FlqRKkAnfUleQ3hYIMfpydbh7N-GwgoSFiZjkRA9TBMFwslgMVcuVA==
214f1a60-1e56-43fa-90ac-cacd3b1e5363.jpg
static.fmgsuite.com/media/WebsiteBoxImage/variantSize/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/WebsiteBoxImage/variantSize/214f1a60-1e56-43fa-90ac-cacd3b1e5363.jpg?v=1
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:ac00:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
816ea2eb34d06f6b06c55c7803e0310b8e1725c4ab6dbcb047b154e270b01df6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 03:28:31 GMT
x-amz-version-id
JzJlcM4b3oLRdLEemhvntdoPscwgw8K5
via
1.1 0c2947bdc7b8340f8e04a5a58d570236.cloudfront.net (CloudFront)
last-modified
Mon, 14 Feb 2022 15:00:15 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
39818
etag
"5e00981a4e18e54b8ca8235dba144c95"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
90865
x-amz-cf-id
-WpHyND1fdDk02UJWDtTVTd3yK7nCSP0foE6eD08Cn8JPzhk2rOpjQ==
2f63a306-f169-4d24-816d-8cf92ab45237.jpg
static.fmgsuite.com/media/WebsiteBoxImage/variantSize/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/WebsiteBoxImage/variantSize/2f63a306-f169-4d24-816d-8cf92ab45237.jpg?v=1
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:ac00:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13a2f34daa86cfd3a55ac3864e6b474eac129bac6dd0a0dd558eb95da9491cc2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
pQKHPUwdhfyT6asEk409Ca.g3JygchUu
date
Fri, 24 Feb 2023 14:32:09 GMT
via
1.1 0c2947bdc7b8340f8e04a5a58d570236.cloudfront.net (CloudFront)
last-modified
Wed, 02 Feb 2022 15:07:03 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
x-amz-server-side-encryption
AES256
etag
"561d9aae4b2ff2287e50b9e4b4a2d053"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
63214
x-amz-cf-id
zM5Q8Z0JsBzu5ry2vH8f7FLtdn7M2GWDR-CHslrJM_qqqfDToOAkvQ==
scripts.js
static.fmgsuite.com/site/templates/007/dist/ 		291 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.45.42710.388
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:ac00:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
685cfbc6e0180849db9a611401e87f78ec7f936200b58c2b3f0cba898b314566

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 23:52:45 GMT
x-amz-version-id
ku7cTAzHjvX.NfApd6E4BxjfWm30HAHo
content-encoding
gzip
last-modified
Tue, 21 Feb 2023 22:58:37 GMT
server
AmazonS3
via
1.1 0c2947bdc7b8340f8e04a5a58d570236.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
etag
W/"703c1ea6b016490cbb6f527814f41d06"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
age
52764
x-amz-replication-status
FAILED
x-amz-cf-id
LUZce2AKgqhhgKLAIxW7EKmz1t_VVNOdbJY6h2SHR2EcGh2mAqkzpg==
baird-theme-2022.js
fmg-websites-custom.s3.amazonaws.com/baird-theme-2022/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fmg-websites-custom.s3.amazonaws.com/baird-theme-2022/js/baird-theme-2022.js?v=1.3
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.214.129 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5a2413e90875d0c65ae696348ba4ddb871c871d2834b92bc2f4681bc11545c55

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 14:32:09 GMT
x-amz-version-id
JaBlBTzB2li4miKCStb8hrQvhANtfZQi
Last-Modified
Mon, 07 Feb 2022 14:54:58 GMT
Server
AmazonS3
x-amz-request-id
3HFYR5N127FV6RV3
ETag
"79641c9489d3424ed0d63ce9a09183eb"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
11179
x-amz-id-2
byo496HljxUEY+8CZ2SwtyXdXPtVogrk/izQr3w/ASwQCePGwWNfOVgknx+rhq28h3olhZW9Hms=
site24x7rum-min.js
static.site24x7rum.com/beacon/ 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=bf43c1778f8d741b80145273d2fd6586
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-106.ewr50.r.cloudfront.net
Software
ZGS /
Resource Hash
fb67e3e8554db868ea13c2cfdde7ae425e934e2053ee0aed23f44f6c5f913619

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 12:10:51 GMT
Content-Encoding
gzip
Via
1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront)
Server
ZGS
X-Amz-Cf-Pop
EWR50-C1
Age
8477
Transfer-Encoding
chunked
Vary
accept-encoding
Content-Type
application/javascript;charset=ISO-8859-1
Access-Control-Allow-Origin
*
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
84__lULzX3-3lZhCqrpvlrogAB_ZkcGkn8vq6-RfLU732BQxJsFy9Q==
fontawesome-webfont.woff2
static.fmgsuite.com/site/templates/007/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fmgsuite.com/site/templates/007/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/7a1.css?v=2.86.45.42710.388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:ac00:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://static.fmgsuite.com/site/templates/007/dist/7a1.css?v=2.86.45.42710.388
Origin
https://bloomington.bairdwealth.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 14:32:09 GMT
x-amz-version-id
PKdHN6hO9AbeJF.nQxsAF.1ZFYk4LUke
via
1.1 0406aa08030e059015fb279667e94e6e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
FAILED
content-length
77160
last-modified
Tue, 21 Feb 2023 22:58:38 GMT
server
AmazonS3
etag
"af7ae505a9eed503f8b8e6982036873e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
JNl-Tsay6KmmtAC2IEOHLPXTCLUj1XnnOqYLZzvCysqmqMlNWFxfdw==
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bloomington.bairdwealth.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:10:47 GMT
x-content-type-options
nosniff
age
141681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 23:10:47 GMT
fmgicons2.woff
static.fmgsuite.com/site/templates/fonts/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fmgsuite.com/site/templates/fonts/fmgicons2.woff?v=2.58.0.2
Requested by
Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/7a1.css?v=2.86.45.42710.388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:ac00:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47181851e16a59444c2b7d695a1b13e6724ab8c44646719a2f5486aac45f4a9e

Request headers

Referer
https://static.fmgsuite.com/site/templates/007/dist/7a1.css?v=2.86.45.42710.388
Origin
https://bloomington.bairdwealth.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 14:32:09 GMT
x-amz-version-id
pxXhu4Hh7V5vCzqC87mdd8GujLFJLcMU
via
1.1 0406aa08030e059015fb279667e94e6e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
FAILED
content-length
5824
last-modified
Tue, 21 Feb 2023 22:58:45 GMT
server
AmazonS3
etag
"6f1d2ace7b4daee7afe9fc08b7de37fd"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
_HgdUmId95esEF3s2aP9fDm23hvk-RYZMokABMQlutxjMcSz69z_TQ==
6xKhdSpbNNCT-sWPCm4.woff2
fonts.gstatic.com/s/prata/v18/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/prata/v18/6xKhdSpbNNCT-sWPCm4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Prata&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bcb1e2c165a9dab26ede996b90fc62ce359f19cdcf076aa09876a943f20075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bloomington.bairdwealth.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 19:15:04 GMT
x-content-type-options
nosniff
age
242224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18396
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:41:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Feb 2024 19:15:04 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bloomington.bairdwealth.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 18:23:16 GMT
x-content-type-options
nosniff
age
72532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 18:23:16 GMT
embed
www.google.com/maps/ Frame 21EA 		0
0
embed
www.google.com/maps/ Frame BE48 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3093.4195503997003!2d-86.53774808464172!3d39.16518187953018!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x886c66e0a8c10179%3A0xe025b49c7d12d294!2s202%20S%20College%20Ave%2C%20Bloomington%2C%20IN%2047404!5e0!3m2!1sen!2sus!4v1646788429244!5m2!1sen!2sus
Requested by
Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.45.42710.388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
3bcfeb87314839f9e0ae12678be9aab371682369aac89e59f036457396a07082
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-AhrGWwk4EF4lXBOuU4dEdw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bloomington.bairdwealth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
940
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-AhrGWwk4EF4lXBOuU4dEdw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Fri, 24 Feb 2023 14:32:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Origin X-Origin Referer
x-content-type-options
nosniff
x-xss-protection
0
ff5de013-0889-4832-8ab1-d37cc475da6c.jpg
static.fmgsuite.com/media/images/ 		549 KB
550 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/images/ff5de013-0889-4832-8ab1-d37cc475da6c.jpg
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:ac00:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fbdcc4f17198dcd1d55b432a9fe542ba1c5d819c70febebc8ca9e641988d22b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 14:32:10 GMT
x-amz-version-id
Ynj.i_5wUzeC10M0Bfxzhj2ycSqg11.s
via
1.1 0c2947bdc7b8340f8e04a5a58d570236.cloudfront.net (CloudFront)
last-modified
Fri, 01 Apr 2022 18:38:43 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
etag
"0de08d19b5b5b6d7c7d9a01e45dc7157"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
561680
x-amz-cf-id
_vN_d_SZrsVxoUkjmut03rQFnd0YM-5KJT7nHfNZD8bB2Cu2zkL8CA==
e8c8590d-1988-4244-9584-d59a3c9c51f4.jpg
static.fmgsuite.com/media/images/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/images/e8c8590d-1988-4244-9584-d59a3c9c51f4.jpg
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:ac00:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf7974d034b9986a01664e3a3637666e478064f1175c5f4bf024967fc01414f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 14:32:10 GMT
x-amz-version-id
7O0a85E3jnQylsMux9obrami5GyafcZ1
via
1.1 0c2947bdc7b8340f8e04a5a58d570236.cloudfront.net (CloudFront)
last-modified
Fri, 01 Apr 2022 18:28:54 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
etag
"cb636cb5a28328e4e9ba832cdd0b5819"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
196328
x-amz-cf-id
VTHoMuDnTBvV8u-HVcSXHzf-mUxuY8l34FiqjZkePV5ppLkC3W-wHA==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-24680519-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Feb 2023 12:41:43 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6626
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 24 Feb 2023 14:41:43 GMT
js
maps.googleapis.com/maps/api/ Frame BE48 		172 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3093.4195503997003!2d-86.53774808464172!3d39.16518187953018!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x886c66e0a8c10179%3A0xe025b49c7d12d294!2s202%20S%20College%20Ave%2C%20Bloomington%2C%20IN%2047404!5e0!3m2!1sen!2sus!4v1646788429244!5m2!1sen!2sus
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
2d1843a67c68863617a7bb7e5ad3739c828eb53ae66ec1be21be1da6c6760611
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 14:19:31 GMT
content-encoding
gzip
server
mafe
age
758
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57727
x-xss-protection
0
expires
Fri, 24 Feb 2023 14:49:31 GMT
collect
www.google-analytics.com/j/ 		2 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1029722400&t=pageview&_s=1&dl=https%3A%2F%2Fbloomington.bairdwealth.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Baird%27s%20Bloomington%20Office&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=292487994&gjid=1589018085&cid=273093876.1677249129&tid=UA-24680519-10&_gid=1031694332.1677249129&_r=1&gtm=457e32m0&z=116453027
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bloomington.bairdwealth.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 14:32:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bloomington.bairdwealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame BE48 		3 B
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 14:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/52/2/ Frame BE48 		223 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.gstatic.com/maps-api-v3/embed/js/52/2/init_embed.js
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3093.4195503997003!2d-86.53774808464172!3d39.16518187953018!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x886c66e0a8c10179%3A0xe025b49c7d12d294!2s202%20S%20College%20Ave%2C%20Bloomington%2C%20IN%2047404!5e0!3m2!1sen!2sus!4v1646788429244!5m2!1sen!2sus
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6470f74fae13baa44b1efa2a508adadeb09136fbfdbeeb58db78d50a43b383c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 19:33:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69754
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 17:16:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Feb 2024 19:33:13 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-24680519-10&cid=273093876.1677249129&jid=292487994&gjid=1589018085&_gid=1031694332.1677249129&_u=YEBAAUAAAAAAACAAI~&z=1262873865
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bloomington.bairdwealth.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 24 Feb 2023 14:32:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bloomington.bairdwealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-24680519-10&cid=273093876.1677249129&jid=292487994&_u=YEBAAUAAAAAAACAAI~&z=1151216546
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloomington.bairdwealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 14:32:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/52/2/ Frame BE48 		270 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/52/2/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e9b7ac7d4e1f3759ec5e276b8a043c3f9d5dcdcd86952c9350c9fa7022a3b70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 07:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76949
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 17:17:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 24 Feb 2024 07:47:12 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/52/2/ Frame BE48 		159 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/52/2/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c74cda41a2f1422171ec0ae8a3409c79b7b58e5a1947545c929fccd271b8eb7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 12:12:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8378
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59406
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 17:17:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 24 Feb 2024 12:12:31 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/52/2/ Frame BE48 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/52/2/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd2e7f6b4916d6a31ea9430b7efc129cf43c2a4ac0c494285504c336352d597e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 19:10:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27542
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 17:17:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Feb 2024 19:10:47 GMT
overlay.js
maps.googleapis.com/maps-api-v3/api/js/52/2/ Frame BE48 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/52/2/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a93124af12ca13c11984a629113f13c6f87689b2986411bc8178023164214186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 19:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1375
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 17:17:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Feb 2024 19:10:50 GMT
truncated
/ Frame BE48 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame BE48 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i4355479&2i6401785&2e1&3u16&4m2&1u560&2u400&5m6&1e0&5sen&6sus&10b1&12b1&14i1379903&client=google-maps-embed&token=127655
Requested by
Host: bloomington.bairdwealth.com
URL: https://bloomington.bairdwealth.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
bb0ec8ae11d0547dd670fae7b09d402eaf97c7dc7e21a51263a409c08e0a49f8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 14:32:10 GMT
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
server-timing
gfet4t7; dur=139
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33445
x-xss-protection
0
expires
Sat, 25 Feb 2023 14:32:10 GMT
onion.js
maps.googleapis.com/maps-api-v3/api/js/52/2/ Frame BE48 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/52/2/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fadd146875a76637559ff6787ab2d538617473656a584f0cb765bceed1b2b21d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 19:10:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10045
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 17:17:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Feb 2024 19:10:51 GMT
search_impl.js
maps.googleapis.com/maps-api-v3/api/js/52/2/ Frame BE48 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/52/2/search_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a824304f02328dcce1fb07830a338a65d95a0f8c7997690d0f3e42efc51b8e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 19:15:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1404
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 17:17:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Feb 2024 19:15:17 GMT
resource
col.site24x7rum.com/rum/ 		19 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://col.site24x7rum.com/rum/resource
Requested by
Host: static.site24x7rum.com
URL: https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=bf43c1778f8d741b80145273d2fd6586
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.74.190 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-74-190.us-west-2.compute.amazonaws.com
Software
ZGS /
Resource Hash
d371490817f54924439cd86d57c2a049bd3382bf43a1a73346f454a7cacd6b73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://bloomington.bairdwealth.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 24 Feb 2023 14:32:10 GMT
x-content-type-options
nosniff
server
ZGS
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,OPTIONS
content-type
application/json;charset=ISO-8859-1
access-control-allow-origin
*
vary
Origin
access-control-allow-headers
request-id, request-context, Origin, Accept-Language
content-length
19
x-xss-protection
1
data
col.site24x7rum.com/rum/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://col.site24x7rum.com/rum/data
Requested by
Host: static.site24x7rum.com
URL: https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=bf43c1778f8d741b80145273d2fd6586
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.74.190 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-74-190.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bloomington.bairdwealth.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame BE48 		326 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/openhand_8_8.cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 14:32:11 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/bmp
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Fri, 24 Feb 2023 14:32:11 GMT
ViewportInfoService.GetViewportInfo
maps.googleapis.com/maps/api/js/ Frame BE48 		27 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d39.154907618632805&2d-86.55365417773984&2m2&1d39.17553718007571&2d-86.51705334292178&2u16&4sen&5e0&6sm%40635000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._4u4n1a&client=google-maps-embed&token=96526
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/52/2/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
229db4ce23c4e45cac2ca28913a75581ad6648e6f02ad381a54b0f6d0b710ceb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 14:32:10 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=49
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2998
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame BE48 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._uxcir0&client=google-maps-embed&token=62303
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/52/2/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 14:32:10 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=27
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ Frame BE48 		62 B
83 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7simtrlf&10e1&11b0&callback=_xdc_._ue1zc2&client=google-maps-embed&token=8062
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/52/2/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
9957f071ed49635f2da5491905f6bed5dd66edcb76ddecfd7660c20620927bcb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 14:32:10 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=21
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3093.4195503997003!2d-86.53774808464172!3d39.16518187953018!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x886c66e0a8c10179%3A0xe025b49c7d12d294!2s202%20S%20College%20Ave%2C%20Bloomington%2C%20IN%2047404!5e0!3m2!1sen!2sus!4v1646788429244!5m2!1sen!2sus

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| FMG function| gtag object| dataLayer string| rumMOKey object| MatterPage function| fmgjQuery object| PresentationLoad object| Video undefined| toggleSubmitButton undefined| hideSubmitMessage undefined| showSubmitMessage undefined| showLoadingOverlay function| $ function| jQuery function| Stellar object| Modernizr object| html5 function| yepnope object| Global function| Awesomplete object| scrollOptions object| targets function| scrollReveal function| scrollRevealElement function| checkVisible function| getHeaderHeight function| scrollDown string| navBtnTitle object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| s247RUM object| insightRUM function| S247RumQueueImpl function| initInsightEvent function| site24x7RumObjectEquals function| site24x7RumError object| TraceKit object| site24x7rum object| webVitals object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
.bloomington.bairdwealth.com/ Name: __cf_bm
Value: Z0vFFLNbxZB9w19lBJ8QGhxNftVi8wraOgFR8V.0EOM-1677249128-0-AdrrFK0g/vEVVdaGWwcoQtfaE1cYFJrKnIXUZx5Up4m3BuN9eM0rPty4pPM7aQAwML+3pOa3SOq8G6aXIvMJDTS1cLbsfN6sFfM+2uvQWiv+
.bairdwealth.com/ Name: _ga
Value: GA1.2.273093876.1677249129
.bairdwealth.com/ Name: _gid
Value: GA1.2.1031694332.1677249129
.bairdwealth.com/ Name: _gat_gtag_UA_24680519_10
Value: 1
bloomington.bairdwealth.com/ Name: site24x7rumID
Value: 488330789038125.1677249127712.1677249127712
col.site24x7rum.com/ Name: s247cname
Value: ecd86347-1e6e-4e2d-ae5e-06467cca06e4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bloomington.bairdwealth.com
col.site24x7rum.com
fmg-websites-custom.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
maps.gstatic.com
static.fmgsuite.com
static.site24x7rum.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.google.com
13.225.214.106
2600:9000:21ea:ac00:11:ad6d:cf00:93a1
2606:4700::6810:44c5
2606:4700::6810:45c5
2607:f8b0:4004:c1b::9b
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80f::2004
2607:f8b0:4006:80f::2008
2607:f8b0:4006:821::200a
2607:f8b0:4006:824::2003
34.211.74.190
52.216.214.129
13a2f34daa86cfd3a55ac3864e6b474eac129bac6dd0a0dd558eb95da9491cc2
229db4ce23c4e45cac2ca28913a75581ad6648e6f02ad381a54b0f6d0b710ceb
233de4efef61c52e49333c69808a8b1ea8ccd6cd58bc39a85198206053a99cd0
270a370311bb246a1b54005d05dbb6d51b4f20ac2c3dc19d98e68c20633eeecd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d1843a67c68863617a7bb7e5ad3739c828eb53ae66ec1be21be1da6c6760611
2fbdcc4f17198dcd1d55b432a9fe542ba1c5d819c70febebc8ca9e641988d22b
3909b2ed7d87762e0d1d2639fb96080363a6a32a66819adbd1f6f39956951ef1
3bcfeb87314839f9e0ae12678be9aab371682369aac89e59f036457396a07082
47181851e16a59444c2b7d695a1b13e6724ab8c44646719a2f5486aac45f4a9e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a2413e90875d0c65ae696348ba4ddb871c871d2834b92bc2f4681bc11545c55
5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
641ed8ac752cbb854461605a38122b6950f17fedbdd5d468efcfec36d87e48cf
6470f74fae13baa44b1efa2a508adadeb09136fbfdbeeb58db78d50a43b383c0
685cfbc6e0180849db9a611401e87f78ec7f936200b58c2b3f0cba898b314566
6cddcbdcdb8a2c555694a2c662079ddf9074a4dcc486b60d69e28bb4078d9def
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
75bcb1e2c165a9dab26ede996b90fc62ce359f19cdcf076aa09876a943f20075
7e9b7ac7d4e1f3759ec5e276b8a043c3f9d5dcdcd86952c9350c9fa7022a3b70
816ea2eb34d06f6b06c55c7803e0310b8e1725c4ab6dbcb047b154e270b01df6
859c46113f7442ede1556f1ce54f08a59705ea036415349fc026c802d692ab80
8a824304f02328dcce1fb07830a338a65d95a0f8c7997690d0f3e42efc51b8e8
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96c4e58e8a03bbdefeb244e74873ce152349cdb30b308628dd7c3e2d7c7e118a
9957f071ed49635f2da5491905f6bed5dd66edcb76ddecfd7660c20620927bcb
a0ca8400e4a6d5a082100d233f0b34a123cbc435f3065679a769b3a329e48bb9
a93124af12ca13c11984a629113f13c6f87689b2986411bc8178023164214186
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
bb0ec8ae11d0547dd670fae7b09d402eaf97c7dc7e21a51263a409c08e0a49f8
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c74cda41a2f1422171ec0ae8a3409c79b7b58e5a1947545c929fccd271b8eb7d
c82c7975414a36a3a50e3c98872af318e80037d417d15710403d64010cf7d0fa
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf7974d034b9986a01664e3a3637666e478064f1175c5f4bf024967fc01414f7
d371490817f54924439cd86d57c2a049bd3382bf43a1a73346f454a7cacd6b73
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fadd146875a76637559ff6787ab2d538617473656a584f0cb765bceed1b2b21d
fb67e3e8554db868ea13c2cfdde7ae425e934e2053ee0aed23f44f6c5f913619
fd2e7f6b4916d6a31ea9430b7efc129cf43c2a4ac0c494285504c336352d597e