www.bakertilly.com Open in urlscan Pro
2606:4700::6810:8426 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bakertilly.com/page/pay-invoice
Submission: On July 07 via manual (July 7th 2023, 2:34:32 pm UTC) from US — Scanned from DE

Summary HTTP 108 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 23 domains to perform 108 HTTP transactions. The main IP is 2606:4700::6810:8426, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bakertilly.com. The Cisco Umbrella rank of the primary domain is 481618.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2023. Valid for: a year.

This is the only time www.bakertilly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700::68... 2606:4700::6810:8426	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1 2	23.21.131.202 23.21.131.202	14618 (AMAZON-AES) (AMAZON-AES)
2 8	151.101.1.181 151.101.1.181	54113 (FASTLY) (FASTLY)
3	2a04:4e42:8e:... 2a04:4e42:8e::720	54113 (FASTLY) (FASTLY)
22	151.101.129.181 151.101.129.181	54113 (FASTLY) (FASTLY)
6	18.208.66.21 18.208.66.21	14618 (AMAZON-AES) (AMAZON-AES)
4	18.66.97.118 18.66.97.118	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3031::ac43:d595	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21f... 2600:9000:21f3:2000:6:ea06:d140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	3.215.172.219 3.215.172.219	14618 (AMAZON-AES) (AMAZON-AES)
1	34.206.49.104 34.206.49.104	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2 8	2600:9000:225... 2600:9000:225e:bc00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:310... 2a02:26f0:3100::1735:28ba	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2600:9000:223... 2600:9000:223e:cc00:11:1faa:8080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e6:... 2606:4700:e6::ac40:c518	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.121.42 13.32.121.42	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	18.196.135.18 18.196.135.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:3400:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:2be6:b3b1:eee6:abb5	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
108	31

16 2606:4700::6810:8426 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bakertilly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.21.131.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-131-202.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.1.181 (United States) 2 redirects

ASN54113 (FASTLY, US)

play.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:8e::720 (United States)

ASN54113 (FASTLY, US)

images.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 151.101.129.181 (United States)

ASN54113 (FASTLY, US)

assets.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.208.66.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-66-21.compute-1.amazonaws.com

raw.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-118.fra56.r.cloudfront.net

cdn.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::ac43:d595 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.calibermind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e.calibermind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:2000:6:ea06:d140:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.cdn.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.215.172.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-172-219.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.49.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-49-104.compute-1.amazonaws.com

baker-tilly-www.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:225e:bc00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:28ba (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:223e:cc00:11:1faa:8080:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:c518 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-42.fra60.r.cloudfront.net

analytics-sm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.135.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-135-18.eu-central-1.compute.amazonaws.com

35627.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:3400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:2be6:b3b1:eee6:abb5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	vidyard.com 2 redirects play.vidyard.com — Cisco Umbrella Rank: 14245 assets.vidyard.com — Cisco Umbrella Rank: 26675 raw.vidyard.com — Cisco Umbrella Rank: 28333 cdn.vidyard.com — Cisco Umbrella Rank: 21143	1 MB
16	bakertilly.com www.bakertilly.com — Cisco Umbrella Rank: 481618	787 KB
9	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2811 d.adroll.com — Cisco Umbrella Rank: 1489	86 KB
6	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4985	4 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 544 px4.ads.linkedin.com — Cisco Umbrella Rank: 6544	5 KB
5	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 17822	3 KB
5	prismic.io images.prismic.io — Cisco Umbrella Rank: 14263 static.cdn.prismic.io — Cisco Umbrella Rank: 30884 baker-tilly-www.prismic.io — Cisco Umbrella Rank: 923388	43 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2556 www.google.com — Cisco Umbrella Rank: 10	873 B
3	google.de www.google.de — Cisco Umbrella Rank: 4752	669 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	2 KB
3	calibermind.com cdn.calibermind.com — Cisco Umbrella Rank: 52290 e.calibermind.com — Cisco Umbrella Rank: 49758	60 KB
2	analytics-sm.com analytics-sm.com — Cisco Umbrella Rank: 14752	2 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	6 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 4787	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	173 KB
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2345	1 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031	391 B
1	siteimproveanalytics.io 35627.global.siteimproveanalytics.io — Cisco Umbrella Rank: 939409	476 B
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 4409	13 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1768	681 B
1	gstatic.com fonts.gstatic.com	23 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	854 B
108	23

	Domain	Requested by
22	assets.vidyard.com	play.vidyard.com assets.vidyard.com
16	www.bakertilly.com	www.bakertilly.com
8	s.adroll.com	2 redirects www.googletagmanager.com s.adroll.com
8	play.vidyard.com	2 redirects www.bakertilly.com assets.vidyard.com
6	ws.zoominfo.com	www.bakertilly.com
6	raw.vidyard.com	assets.vidyard.com
5	js.zi-scripts.com	www.bakertilly.com
4	cdn.vidyard.com	www.bakertilly.com assets.vidyard.com
3	px.ads.linkedin.com	3 redirects
3	www.google.de
3	images.prismic.io	www.bakertilly.com
2	www.google.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.bakertilly.com
2	region1.analytics.google.com	www.googletagmanager.com
2	analytics-sm.com	www.bakertilly.com
2	snap.licdn.com	www.bakertilly.com snap.licdn.com
2	www.google-analytics.com	www.googletagmanager.com www.bakertilly.com
2	pi.pardot.com	www.bakertilly.com pi.pardot.com
2	www.googletagmanager.com	www.bakertilly.com www.googletagmanager.com
2	cdn.calibermind.com	www.bakertilly.com
2	trkn.us	1 redirects www.bakertilly.com
1	d.adroll.com	s.adroll.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	www.bakertilly.com
1	35627.global.siteimproveanalytics.io
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	siteimproveanalytics.com	www.bakertilly.com
1	e.calibermind.com	www.bakertilly.com
1	baker-tilly-www.prismic.io	static.cdn.prismic.io
1	polyfill.io	www.bakertilly.com
1	static.cdn.prismic.io	www.bakertilly.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.bakertilly.com
108	34

This site contains links to these domains. Also see Links.

Domain
www.billerpayments.com
connect.bakertilly.com
careers.bakertilly.com
www.facebook.com
www.instagram.com
twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.vidyard.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-01` - `2024-08-01`	a year	crt.sh
images.prismic.io GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-10` - `2024-04-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
calibermind.com E1	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.cdn.prismic.io Amazon RSA 2048 M02	`2023-02-28` - `2023-08-26`	6 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-13` - `2023-09-12`	a year	crt.sh
*.prismic.io Amazon RSA 2048 M01	`2023-02-20` - `2023-09-23`	7 months	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
js.zi-scripts.com Amazon RSA 2048 M02	`2022-10-17` - `2023-11-15`	a year	crt.sh
siteimproveanalytics.com GTS CA 1P5	`2023-07-03` - `2023-10-01`	3 months	crt.sh
*.analytics-sm.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.global.r1.siteimproveanalytics.io Amazon RSA 2048 M02	`2023-06-15` - `2024-07-13`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.bakertilly.com/page/pay-invoice
Frame ID: FB17A7CAEFB19AED4557D783617ADEF5
Requests: 64 HTTP requests in this frame

Frame: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
Frame ID: DA273EB60B71AD7B6369663AE032B3C5
Requests: 18 HTTP requests in this frame

Frame: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
Frame ID: 4BA44F65D907098F646D2B35BEBE2990
Requests: 17 HTTP requests in this frame

Frame: https://baker-tilly-www.prismic.io/prismic-toolbar/4.0.9/iframe.html
Frame ID: CB5F86AC2B9C666D0A749A46E55EA130
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online invoice payment portal - Baker TillyBaker TillyarrowarrowarrowFacebookInstagramTwitterLinkedInYouTube

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

108
Requests

94 %
HTTPS

69 %
IPv6

23
Domains

34
Subdomains

31
IPs

4
Countries

2611 kB
Transfer

9081 kB
Size

23
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.billerpayments.com/app/cust/login.do?bsn=bakertilly
Title: Pay by EFT/checkingarrowCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://connect.bakertilly.com/subscribe
Title: Subscribe to newslettersarrowCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://careers.bakertilly.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bakertillyus
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bakertillyus/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/bakertillyus
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bakertillyus/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/bakertillyus
Title: YouTube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://trkn.us/pixel/conv/ppt=15512;g=sitewide;gid=38260;ord=9455389178321.398 HTTP 302
https://trkn.us/pixel/conv/ppt=15512;g=sitewide;gid=38260;ord=9455389178321.398;ip=138.199.38.132;cuidchk=1

Request Chain 38

https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/18086233/2LJT_-7icQ0AWWHx7tLNBw.jpg

Request Chain 45

https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/36179724/0FZJ_C825DkjDmaWWMGQybVId-xbs62w.gif

Request Chain 77

https://s.adroll.com/j/exp/ZIA6BVWR65BBXJT4LUM5OD/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 78

https://s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 92

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1688740466650&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1688740466650&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D30525%26time%3D1688740466650%26url%3Dhttps%253A%252F%252Fwww.bakertilly.com%252Fpage%252Fpay-invoice%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1688740466650&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1688740466650&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&cookiesTest=true&liSync=true&e_ipv6=AQJ-zp53PaPk0gAAAYkwxpJlVusKGayJY1Z7_zUEfmJvcm9NeHmlozQKdhwdlhIxiaiKde3yDICf9kF1LVQh823IJJ4npQ

108 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pay-invoice Show response
www.bakertilly.com/page/ 1 MB
122 KB 323ms
295ms Document
text/html 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3628490ace08f04e98db89c249cadec8cb9c1cd5b5b32eb3fe3db51a2df1f995

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, must-revalidate, max-age=587, s-maxage=587, stale-while-revalidate=25
cf-cache-status: DYNAMIC
cf-ray: 7e30cee25ec69131-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 14:34:25 GMT
server: cloudflare
via: 1.1 vegur
x-cache-expired-at: 9m 47.2s
x-cache-status: HIT
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
854 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Sora:wght@400;600;700&display=swap

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ffdf4768508bc04c5f0bb174e4ea8347f838dfa3f77aa0cced6e0746248258e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 14:34:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jul 2023 14:34:25 GMT

GET
H2 200 page.js Show response
www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/ 249 KB
69 KB 599ms
597ms Script
application/javascript 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/page.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b3d338d777813ec8e257a8a897a487d471125c967229e6e10da0544a1f9783f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/page/pay-invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 16 Jun 2023 18:53:56 GMT
server: cloudflare
x-powered-by: Express
etag: W/"3e3e2-188c58e95a0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7e30cee4aad59131-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 18:34:25 GMT

GET
H2 200 _app.js Show response
www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/ 705 KB
194 KB 603ms
601ms Script
application/javascript 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/_app.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 81f8a2600dae163150902cd1ee654f6427132058563e412f129ff6f9d919a1c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/page/pay-invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 16 Jun 2023 18:53:56 GMT
server: cloudflare
x-powered-by: Express
etag: W/"b0389-188c58e95a0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7e30cee4aad89131-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 18:34:25 GMT

GET
H2 200 webpack-f5e50b6b501ccea2a79b.js Show response
www.bakertilly.com/_next/static/runtime/ 1 KB
933 B 18ms
16ms Script
application/javascript 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/runtime/webpack-f5e50b6b501ccea2a79b.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 404ae79ad9b03e63047736ebaf77df9a759b0add1fa42e02bd6a4f362d64098e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/page/pay-invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 01 Feb 2023 20:14:09 GMT
server: cloudflare
age: 11125638
x-powered-by: Express
etag: W/"5ce-1860e9d8268"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e30cee4bae09131-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 06 Jul 2024 14:34:25 GMT

GET
H2 200 commons.9303157ded889490281c.js Show response
www.bakertilly.com/_next/static/chunks/ 692 KB
212 KB 28ms
26ms Script
application/javascript 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/chunks/commons.9303157ded889490281c.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0a2a2890f016af9e76c8fd55f1b956fbc147f220e1ad057fe5504f34a161a52f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/page/pay-invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 01 Jun 2023 15:44:29 GMT
server: cloudflare
age: 3106084
x-powered-by: Express
etag: W/"acec5-18877a1bf48"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e30cee4bae29131-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 06 Jul 2024 14:34:25 GMT

GET
H2 200 styles.492532e7304ebfe67c59.js Show response
www.bakertilly.com/_next/static/chunks/ 72 KB
17 KB 22ms
20ms Script
application/javascript 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/chunks/styles.492532e7304ebfe67c59.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6f980494011e2b36e6239dbbf84d47450e4b76f8ffd0e660c7e8a936bb320500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/page/pay-invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 01 Jun 2023 15:44:29 GMT
server: cloudflare
age: 3106055
x-powered-by: Express
etag: W/"1209a-18877a1bf48"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e30cee4bae49131-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 06 Jul 2024 14:34:25 GMT

GET
H2 200 main-3c30a278dddde2fd1b61.js Show response
www.bakertilly.com/_next/static/runtime/ 30 KB
10 KB 23ms
21ms Script
application/javascript 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/runtime/main-3c30a278dddde2fd1b61.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3fc06ba8cad24bdea755d92f562d741555ddefcf4d9a2e31b62dc74a0c76b02d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/page/pay-invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Jun 2023 19:10:39 GMT
server: cloudflare
age: 1968783
x-powered-by: Express
etag: W/"77b1-188bb512b98"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e30cee4bae69131-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 06 Jul 2024 14:34:25 GMT

GET
H2 200 commons.6fdd7bfa.chunk.css
www.bakertilly.com/_next/static/css/ 44 KB
5 KB 533ms
531ms Stylesheet
text/css 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/css/commons.6fdd7bfa.chunk.css
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b0354b897c7621be81c71261fda090a41deaa3de873c06b20225c7a21a79f5be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/page/pay-invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 16 Jun 2023 18:53:56 GMT
server: cloudflare
x-powered-by: Express
etag: W/"aea0-188c58e95a0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7e30cee4bada9131-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 18:34:25 GMT

GET
H2 200 styles.b097b497.chunk.css
www.bakertilly.com/_next/static/css/ 294 KB
41 KB 576ms
575ms Stylesheet
text/css 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/css/styles.b097b497.chunk.css
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 134b26eb74fbfc72f9687871af310d821c275dbb4250770199511a933b2fe019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/page/pay-invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 16 Jun 2023 18:53:56 GMT
server: cloudflare
x-powered-by: Express
etag: W/"497c9-188c58e95a0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7e30cee4badd9131-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 18:34:25 GMT

GET
H2 200 _app.js.7bb98398.chunk.css
www.bakertilly.com/_next/static/css/static/f5niA8DDUBnym4oqYFOHh/pages/ 3 KB
817 B 280ms
279ms Stylesheet
text/css 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/css/static/f5niA8DDUBnym4oqYFOHh/pages/_app.js.7bb98398.chunk.css
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c74cb95556f697e59eeb6814a2926e976cce99dbb5d3a9e1a66fb3cfd19ece90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/page/pay-invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 16 Jun 2023 18:53:56 GMT
server: cloudflare
x-powered-by: Express
etag: W/"a08-188c58e95a0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7e30cee4bade9131-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 18:34:25 GMT

GET
H/1.1

200
OK

ppt=15512;g=sitewide;gid=38260;ord=9455389178321.398;ip=138.199.38.132;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=15512;g=sitewide;gid=38260;ord=9455389178321.398
https://trkn.us/pixel/conv/ppt=15512;g=sitewide;gid=38260;ord=9455389178321.398;ip=138.199.38.132;cuidchk=1

42 B
780 B

115ms
115ms

Image
image/gif

23.21.131.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=15512;g=sitewide;gid=38260;ord=9455389178321.398;ip=138.199.38.132;cuidchk=1

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice

Protocol

HTTP/1.1

Server

23.21.131.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-21-131-202.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Jul 2023 14:34:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Fri, 07 Jul 2023 14:34:25 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/conv/ppt=15512;g=sitewide;gid=38260;ord=9455389178321.398;ip=138.199.38.132;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H2 200 gjYAPjZcUNzm4kMJnUJtBP Show response
play.vidyard.com/ Frame DA27 3 KB
1 KB 50ms
20ms Document
text/html 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

52f816a11c725d0f55ec6861264fe09d6796604569271cc1dae577023fa97917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.bakertilly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 726953
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1466
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 14:34:25 GMT
etag: W/"dd7-jcPDrP3Tzsq0rL4q1bVYTUrAsZo"
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31557600
vary: X-China, accept-language, Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-china: 0
x-served-by: cache-fra-etou8220109-FRA
x-timer: S1688740465.435702,VS0,VE1

GET
H2 200 kt15XQZGHtnXFdTuDceGJL Show response
play.vidyard.com/ Frame 4BA4 3 KB
2 KB 47ms
20ms Document
text/html 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

52f816a11c725d0f55ec6861264fe09d6796604569271cc1dae577023fa97917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.bakertilly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 726953
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1466
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 14:34:25 GMT
etag: W/"dd7-jcPDrP3Tzsq0rL4q1bVYTUrAsZo"
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31557600
vary: X-China, accept-language, Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-china: 0
x-served-by: cache-fra-etou8220109-FRA
x-timer: S1688740465.435776,VS0,VE1

GET
H2 200 0900dec5-bc23-4cbd-aaf0-f4c6c4568aac_hands-typing-laptop-card.jpg
images.prismic.io/baker-tilly-www/ 365 B
516 B 55ms
19ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/baker-tilly-www/0900dec5-bc23-4cbd-aaf0-f4c6c4568aac_hands-typing-laptop-card.jpg?auto=compress,format&rect=0,300,2000,800&w=20&h=8

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

394436333f9c418b80acaf64edacdac03b5e97a79fe59f30c795c77fa94bff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
x-content-type-options: nosniff
age: 1990191
x-cache: MISS, HIT
x-imgix-id: b1c1244bc6963f8129bd985835068022fbf2c2f0
cross-origin-resource-policy: cross-origin
content-length: 365
x-served-by: cache-sjc10081-SJC, cache-fra-etou8220117-FRA
x-imgix-render-farm: 01.139848
last-modified: Wed, 14 Jun 2023 13:44:34 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ba5b1418-712f-4c03-9600-0ddc433f387a_forbes-america-best-large-employers-2021.png
images.prismic.io/baker-tilly-www/ 3 KB
4 KB 54ms
19ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/baker-tilly-www/ba5b1418-712f-4c03-9600-0ddc433f387a_forbes-america-best-large-employers-2021.png?auto=compress,format

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

e266e5bd0261f9b09628302c3ad85c8c5fbfa031c97dbce730ac7ef28e6bb30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
x-content-type-options: nosniff
age: 1482113
x-cache: HIT, HIT
x-imgix-id: 759facc77d937604378e1fab16aa6198d0d10dae
cross-origin-resource-policy: cross-origin
content-length: 3321
x-served-by: cache-sjc10066-SJC, cache-fra-etou8220117-FRA
x-imgix-render-farm: 01.139848
last-modified: Tue, 20 Jun 2023 10:52:32 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 runtime~main-34d134e19de9eeafeff784d332814b54.js Show response
assets.vidyard.com/play/js/ Frame 4BA4 7 KB
3 KB 30ms
6ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c8cc28880fd73c6fc4a34f19a1da101c97d7b86ce1a15b017ceb9d67902004c

Request headers

Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 144427
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2271
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740465.495912,VS0,VE0
etag: "3ea63272cffba79e4c2fc7bc189f5fd0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 202

GET
H2 200 main-0848513ab96834b7b8adae23e7926ac3.js Show response
assets.vidyard.com/play/js/ Frame 4BA4 105 KB
14 KB 33ms
9ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e0a93c95249cebbb8a22324d3f8e5f0801a41ff1fd27ac43485f8a56816e366a

Request headers

Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 816520
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 14298
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740465.496598,VS0,VE0
etag: "2ce8f04d821e84645ad08091b9f7ea27"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 221

GET
H2 200 runtime~main-34d134e19de9eeafeff784d332814b54.js Show response
assets.vidyard.com/play/js/ Frame DA27 7 KB
2 KB 31ms
8ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c8cc28880fd73c6fc4a34f19a1da101c97d7b86ce1a15b017ceb9d67902004c

Request headers

Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 144427
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2271
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740465.496215,VS0,VE0
etag: "3ea63272cffba79e4c2fc7bc189f5fd0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 203

GET
H2 200 main-0848513ab96834b7b8adae23e7926ac3.js Show response
assets.vidyard.com/play/js/ Frame DA27 105 KB
14 KB 30ms
7ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e0a93c95249cebbb8a22324d3f8e5f0801a41ff1fd27ac43485f8a56816e366a

Request headers

Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 816520
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 14298
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740465.496138,VS0,VE0
etag: "2ce8f04d821e84645ad08091b9f7ea27"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 220

GET
H2 200 gjYAPjZcUNzm4kMJnUJtBP.json Show response
play.vidyard.com/player/ Frame DA27 6 KB
3 KB 7ms
7ms Fetch
application/json 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/player/gjYAPjZcUNzm4kMJnUJtBP.json

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f9c0978c3f2b9e6c23772ba17c9c814e2a22347933b5286e0b2943fbc722b522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
referrer: https://www.bakertilly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 42863
x-cache: HIT
content-length: 2834
x-served-by: cache-fra-etou8220109-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1688740466.513173,VS0,VE1
etag: W/"1969-nH7mHQb2sktltmxfFWPbXRVPAVo"
vary: X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 kt15XQZGHtnXFdTuDceGJL.json Show response
play.vidyard.com/player/ Frame 4BA4 6 KB
3 KB 7ms
7ms Fetch
application/json 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/player/kt15XQZGHtnXFdTuDceGJL.json

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

07e751f01dd72a2065f3512dfc861ab50ea65b783f64f5b143f75714380230d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
referrer: https://www.bakertilly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 42863
x-cache: HIT
content-length: 2838
x-served-by: cache-fra-etou8220109-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1688740466.514613,VS0,VE1
etag: W/"1993-cgSAFAdXKXT0uuuEL+RwZIFLSsw"
vary: X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 footer-growth-symbol-61001e0f568e1bafc85e854056da7017.png
www.bakertilly.com/_next/static/images/ 28 KB
29 KB 189ms
189ms Image
image/png 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bakertilly.com/_next/static/images/footer-growth-symbol-61001e0f568e1bafc85e854056da7017.png
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dde21bacb6b7f5cdb1d620ea43681754fb22a9630f642175c70c3f2b492b3cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/page/pay-invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Fri, 16 Jun 2023 18:53:56 GMT
server: cloudflare
x-powered-by: Express
etag: W/"71dc-188c58e95a0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7e30cee57d221cb7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29148
expires: Fri, 07 Jul 2023 18:34:25 GMT

GET
H2 200 vendors~player~player-pomo~unreleased-df2391d32af077b8d9ca510b917c36f1.js Show response
assets.vidyard.com/play/js/ Frame DA27 158 KB
41 KB 7ms
7ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player~player-pomo~unreleased-df2391d32af077b8d9ca510b917c36f1.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aee6d27128fd4ddfe41cc445091806c75a434d5ec038504d27f5bc2e70c80052

Request headers

Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 2063976
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 41500
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.525063,VS0,VE0
etag: "1d35ae4b75036d6637a97c4a2732e6b9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 209

GET
H2 200 vendors~access-code~player-pomo~whitelisted-embed-82e566e8d0c1e6de3e38ee5017c0611b.js Show response
assets.vidyard.com/play/js/ Frame DA27 102 KB
29 KB 9ms
8ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~access-code~player-pomo~whitelisted-embed-82e566e8d0c1e6de3e38ee5017c0611b.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ccedf98acb69c612e09902c544608d87856b855bb3dd80c8eac6c95ce79d9719

Request headers

Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 314056
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 29240
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.525449,VS0,VE0
etag: "7f004f73f9109bcc230d16c0d75c6869"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 216

GET
H2 200 vendors~player-pomo-a39c738932a626c42cefd1a141021a87.js Show response
assets.vidyard.com/play/js/ Frame DA27 613 KB
104 KB 9ms
9ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player-pomo-a39c738932a626c42cefd1a141021a87.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 17da6fb62c483baf018edd851ca11f5be6f1771d5fb96be90c377fc15a5223d4

Request headers

Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 2063976
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 106545
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.525362,VS0,VE0
etag: "6a79e1f3fbbfd122dbd2036abdb20ada"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 216

GET
H2 200 player-pomo-2b397053f05dba4ef8f1c813a8319c49.css
assets.vidyard.com/play/stylesheets/ Frame DA27 41 KB
8 KB 15ms
15ms Stylesheet
text/css 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/player-pomo-2b397053f05dba4ef8f1c813a8319c49.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a0c4780b1472acb7b53ecfa8a6f29a6754fa238bf508c3ec1048103e4ed14198

Request headers

Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 293149
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 7748
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.525941,VS0,VE1
etag: "e5a65f2b6af1eb515b62a232e472884e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 201

GET
H2 200 player-pomo-2b397053f05dba4ef8f1c813a8319c49.js Show response
assets.vidyard.com/play/js/ Frame DA27 263 KB
52 KB 15ms
15ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/player-pomo-2b397053f05dba4ef8f1c813a8319c49.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b95922e7d702a5ab85ed29cd30237399d270711848c3f06f58c63de110116070

Request headers

Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 314354
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 53223
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.526283,VS0,VE0
etag: "4bf441d8bb44268dc289459e7d148181"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 216

GET
H2 200 vendors~player~player-pomo~unreleased-df2391d32af077b8d9ca510b917c36f1.js Show response
assets.vidyard.com/play/js/ Frame 4BA4 158 KB
41 KB 17ms
16ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player~player-pomo~unreleased-df2391d32af077b8d9ca510b917c36f1.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aee6d27128fd4ddfe41cc445091806c75a434d5ec038504d27f5bc2e70c80052

Request headers

Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 2063976
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 41500
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.528047,VS0,VE0
etag: "1d35ae4b75036d6637a97c4a2732e6b9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 210

GET
H2 200 vendors~access-code~player-pomo~whitelisted-embed-82e566e8d0c1e6de3e38ee5017c0611b.js Show response
assets.vidyard.com/play/js/ Frame 4BA4 102 KB
29 KB 18ms
17ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~access-code~player-pomo~whitelisted-embed-82e566e8d0c1e6de3e38ee5017c0611b.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ccedf98acb69c612e09902c544608d87856b855bb3dd80c8eac6c95ce79d9719

Request headers

Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 314056
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 29240
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.528844,VS0,VE0
etag: "7f004f73f9109bcc230d16c0d75c6869"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 217

GET
H2 200 vendors~player-pomo-a39c738932a626c42cefd1a141021a87.js Show response
assets.vidyard.com/play/js/ Frame 4BA4 613 KB
104 KB 17ms
17ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player-pomo-a39c738932a626c42cefd1a141021a87.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 17da6fb62c483baf018edd851ca11f5be6f1771d5fb96be90c377fc15a5223d4

Request headers

Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 2063976
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 106545
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.528447,VS0,VE0
etag: "6a79e1f3fbbfd122dbd2036abdb20ada"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 217

GET
H2 200 player-pomo-2b397053f05dba4ef8f1c813a8319c49.css
assets.vidyard.com/play/stylesheets/ Frame 4BA4 41 KB
8 KB 17ms
16ms Stylesheet
text/css 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/player-pomo-2b397053f05dba4ef8f1c813a8319c49.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a0c4780b1472acb7b53ecfa8a6f29a6754fa238bf508c3ec1048103e4ed14198

Request headers

Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 293149
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 7748
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.528033,VS0,VE0
etag: "e5a65f2b6af1eb515b62a232e472884e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 202

GET
H2 200 player-pomo-2b397053f05dba4ef8f1c813a8319c49.js Show response
assets.vidyard.com/play/js/ Frame 4BA4 263 KB
52 KB 17ms
17ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/player-pomo-2b397053f05dba4ef8f1c813a8319c49.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b95922e7d702a5ab85ed29cd30237399d270711848c3f06f58c63de110116070

Request headers

Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 314354
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 53223
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.528465,VS0,VE0
etag: "4bf441d8bb44268dc289459e7d148181"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 217

GET
H2 200 gjYAPjZcUNzm4kMJnUJtBP Show response
play.vidyard.com/video/ Frame DA27 201 B
280 B 8ms
7ms XHR
application/json 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/video/gjYAPjZcUNzm4kMJnUJtBP

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3d946c4b330820c0de668e3a74ad14443f060ce332c243e772349d6d7327d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 1990190
x-cache: HIT
content-length: 180
x-served-by: cache-fra-etou8220109-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1688740466.615494,VS0,VE2
etag: W/"c9-6TBxHQeh6hS+f1tw+Q19zCJo8ag"
vary: X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 7-264f8ea0dde8aed26f4c36cd5a46a5b9.js Show response
assets.vidyard.com/play/js/ Frame DA27 438 KB
98 KB 7ms
7ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/7-264f8ea0dde8aed26f4c36cd5a46a5b9.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b506149960b2fff2e53d7c4a5f77d61f4c6dde17727d57ce625325a6f8def0cf

Request headers

Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 6348660
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 99844
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Thu, 20 Apr 2023 15:30:39 GMT
x-timer: S1688740466.624174,VS0,VE0
etag: "f49707c09cf7ee4b05a5a3fbb208269f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 204

GET
H2 200 6-6d953adca69fd74f9e96e00302f818f7.css
assets.vidyard.com/play/stylesheets/ Frame DA27 181 B
235 B 8ms
7ms Stylesheet
text/css 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/6-6d953adca69fd74f9e96e00302f818f7.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8

Request headers

Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 1422068
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 103
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.624300,VS0,VE0
etag: "5b8ad2d3286aa47c692cbb0bae4d9cc4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 198

GET
H2 200 6-6d953adca69fd74f9e96e00302f818f7.js Show response
assets.vidyard.com/play/js/ Frame DA27 13 KB
4 KB 9ms
8ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/6-6d953adca69fd74f9e96e00302f818f7.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6cd58cd233d94e718f646e153a5f404b9bfe4a5196cb39fb3cfd60f6f1defff6

Request headers

Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 1521737
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3681
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.624450,VS0,VE0
etag: "affe9d5260b60a37641e0c0fc9444935"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 201

GET
H2 200 36-34530a24c03e3d588698f3b06977c93b.js Show response
assets.vidyard.com/play/js/ Frame DA27 4 KB
1 KB 9ms
9ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/36-34530a24c03e3d588698f3b06977c93b.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e4fe41f7e70dc5a8e0b4d179311e5b47ac976056b0f2f8ebf1e70d63f639e92e

Request headers

Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 917335
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1428
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.624546,VS0,VE0
etag: "58184e39cc64f08d77fc42b9c701938e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 169

OPTIONS
H2 200 visitors
raw.vidyard.com/v2/ Frame 0
0 297ms
97ms Preflight
text/html 18.208.66.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/visitors
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.66.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-66-21.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://play.vidyard.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-methods: POST, PUT
access-control-allow-origin: https://play.vidyard.com
access-control-max-age: 86400
content-length: 0
content-type: text/html;charset=utf-8
date: Fri, 07 Jul 2023 14:34:25 GMT

GET
H2

200

2LJT_-7icQ0AWWHx7tLNBw.jpg
cdn.vidyard.com/thumbnails/18086233/ Frame DA27
Redirect Chain

https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP.jpg
https://cdn.vidyard.com/thumbnails/18086233/2LJT_-7icQ0AWWHx7tLNBw.jpg

365 KB
366 KB

138ms
103ms

Image
image/jpeg

18.66.97.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/18086233/2LJT_-7icQ0AWWHx7tLNBw.jpg
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Server: 18.66.97.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3128d0f8732c7861930e023a82672e330f8b095297e4471be526a83c0c5d1db3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 11:22:28 GMT
x-amz-version-id: r0NpTWwuL_zB981tolz465g58PJgCbQ1
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P2
age: 11518
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: STANDARD_IA
content-length: 374073
last-modified: Tue, 22 Jun 2021 18:04:51 GMT
server: AmazonS3
etag: "b49aada29fb13b97ca262d67bb88257b"
vary: Origin
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: 4FogbstOB1v_Dy8XFqzmaRTe00BnzYeMl3SnDMR1dKD4-Bmd-yRNrQ==

Redirect headers

date: Fri, 07 Jul 2023 14:34:25 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 1815287
x-cache: HIT
content-length: 92
x-served-by: cache-fra-etou8220109-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1688740466.685815,VS0,VE1
vary: Accept, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: https://cdn.vidyard.com/thumbnails/18086233/2LJT_-7icQ0AWWHx7tLNBw.jpg
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 visitors Show response
raw.vidyard.com/v2/ Frame DA27 71 B
216 B 100ms
100ms XHR
application/json 18.208.66.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/visitors
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.66.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-66-21.compute-1.amazonaws.com
Software: /
Resource Hash: b54be784ae8b3f51852f02497b085e60e3e32ac094f3738c7bfbee8e259c3460

Request headers

Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Fri, 07 Jul 2023 14:34:26 GMT
x-vidyard-hostname: 53f38589f53f
content-length: 71
content-type: application/json; charset=utf-8

GET
H2 200 kt15XQZGHtnXFdTuDceGJL Show response
play.vidyard.com/video/ Frame 4BA4 195 B
274 B 7ms
7ms XHR
application/json 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/video/kt15XQZGHtnXFdTuDceGJL

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

17b8745e133514985919a983f89b84f21924f157196af28d9bfd228ebe5fdfaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 1990191
x-cache: HIT
content-length: 175
x-served-by: cache-fra-etou8220109-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1688740466.709578,VS0,VE1
etag: W/"c3-3rbhA89EULA2PdH8uAGFlEmkA/s"
vary: X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 7-264f8ea0dde8aed26f4c36cd5a46a5b9.js Show response
assets.vidyard.com/play/js/ Frame 4BA4 438 KB
98 KB 8ms
7ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/7-264f8ea0dde8aed26f4c36cd5a46a5b9.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b506149960b2fff2e53d7c4a5f77d61f4c6dde17727d57ce625325a6f8def0cf

Request headers

Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 6348660
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 99844
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Thu, 20 Apr 2023 15:30:39 GMT
x-timer: S1688740466.715293,VS0,VE0
etag: "f49707c09cf7ee4b05a5a3fbb208269f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 205

GET
H2 200 6-6d953adca69fd74f9e96e00302f818f7.css
assets.vidyard.com/play/stylesheets/ Frame 4BA4 181 B
218 B 11ms
9ms Stylesheet
text/css 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/6-6d953adca69fd74f9e96e00302f818f7.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8

Request headers

Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 1422068
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 103
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.716058,VS0,VE0
etag: "5b8ad2d3286aa47c692cbb0bae4d9cc4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 199

GET
H2 200 6-6d953adca69fd74f9e96e00302f818f7.js Show response
assets.vidyard.com/play/js/ Frame 4BA4 13 KB
4 KB 11ms
9ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/6-6d953adca69fd74f9e96e00302f818f7.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6cd58cd233d94e718f646e153a5f404b9bfe4a5196cb39fb3cfd60f6f1defff6

Request headers

Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 1521737
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3681
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.716136,VS0,VE0
etag: "affe9d5260b60a37641e0c0fc9444935"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 202

GET
H2 200 36-34530a24c03e3d588698f3b06977c93b.js Show response
assets.vidyard.com/play/js/ Frame 4BA4 4 KB
1 KB 12ms
9ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/36-34530a24c03e3d588698f3b06977c93b.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-34d134e19de9eeafeff784d332814b54.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e4fe41f7e70dc5a8e0b4d179311e5b47ac976056b0f2f8ebf1e70d63f639e92e

Request headers

Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: br
via: 1.1 varnish
age: 917335
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1428
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 13 Jun 2023 17:13:10 GMT
x-timer: S1688740466.716901,VS0,VE0
etag: "58184e39cc64f08d77fc42b9c701938e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 170

GET
H2

200

0FZJ_C825DkjDmaWWMGQybVId-xbs62w.gif
cdn.vidyard.com/thumbnails/36179724/ Frame 4BA4
Redirect Chain

https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL.jpg
https://cdn.vidyard.com/thumbnails/36179724/0FZJ_C825DkjDmaWWMGQybVId-xbs62w.gif

293 KB
294 KB

128ms
114ms

Image
image/gif

18.66.97.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/36179724/0FZJ_C825DkjDmaWWMGQybVId-xbs62w.gif
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Server: 18.66.97.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 151dd342bb803c6ab1719ce9aa990525f820ca44c341c7a0fce89b129dd27378

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 11:22:28 GMT
x-amz-version-id: dR3exdAbOde1cJ7uUW8RMUW_BGe.Rw4S
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P2
age: 11518
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: STANDARD_IA
content-length: 300263
last-modified: Wed, 03 May 2023 16:48:51 GMT
server: AmazonS3
etag: "86d287beb5cd8bddec98ff9c530614e3"
vary: Origin
content-type: image/gif
accept-ranges: bytes
x-amz-cf-id: 8DHakq7zba15_0IEWn6xxYXKmUkU8G4eWkZO5dwnC_8jW0XwIV2eNA==

Redirect headers

date: Fri, 07 Jul 2023 14:34:25 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 1446253
x-cache: HIT
content-length: 102
x-served-by: cache-fra-etou8220109-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1688740466.742746,VS0,VE1
vary: Accept, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: https://cdn.vidyard.com/thumbnails/36179724/0FZJ_C825DkjDmaWWMGQybVId-xbs62w.gif
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 master.m3u8 Show response
cdn.vidyard.com/media/hls/pY9LFTCCx0A6MYPs7uuzzg/,full_hd,hd,480p,sd,.mp4.urlset/ Frame DA27 559 B
918 B 120ms
105ms XHR
application/vnd.apple.mpegurl 18.66.97.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidyard.com/media/hls/pY9LFTCCx0A6MYPs7uuzzg/,full_hd,hd,480p,sd,.mp4.urlset/master.m3u8?F0McDIlZpLCYWLEJhjYU-SPRrt0VG-KFTrrgRhPZTSSy-5VKQGqrUUJGstbxX5f7VC2SD3jVaSGcAunhglkesDXtvS-yyxiWtfPlnC9nwDz67G4LG-n4F2OglfP49oMYVXsobmWqZoe1quc9pnmJR5noLlitagfb9lsHHlgPw15Ditj0zQViwqdBy04cX-rhLGpFNg
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/7-264f8ea0dde8aed26f4c36cd5a46a5b9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-118.fra56.r.cloudfront.net
Software: nginx/1.21.1 /
Resource Hash: c9f61a7e3f7448edb6e0d094348748ab6417800244a4ddb8531a2f4826ef8a86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 11:22:27 GMT
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
server: nginx/1.21.1
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P2
age: 11518
etag: "-1-22f"
x-cache: Hit from cloudfront
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: ETag,X-CDN
accept-ranges: bytes
content-length: 559
x-amz-cf-id: wisYmOdL41T5jYAI1UrQp6fzVkgCR0B4se-xSf4b_jSL7eBHAtWDJA==

GET
H2 200 master.m3u8 Show response
cdn.vidyard.com/media/hls/ms9DHptlFCMZD2HnOvvZBQ/,full_hd,hd,480p,sd,.mp4.urlset/ Frame 4BA4 558 B
919 B 116ms
104ms XHR
application/vnd.apple.mpegurl 18.66.97.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidyard.com/media/hls/ms9DHptlFCMZD2HnOvvZBQ/,full_hd,hd,480p,sd,.mp4.urlset/master.m3u8?8-u87luqxTnbx0Mc4YAHcl1QwvtQJyYsat9edIHptNIYI6JgbaBXQGpJabUHYbe6y8JeXX8vBv-TrkHQ2NseICJ7Z-OSpAweYRGF2Pc0gDPSrKR52e1inabVhCU01DNjQr-S326706xyeoYRoWWctdhU_Vmexzj2E4f6lp5ir-99wazoo4XwLtqzTGehgo2AehMmaQ
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/7-264f8ea0dde8aed26f4c36cd5a46a5b9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-118.fra56.r.cloudfront.net
Software: nginx/1.21.1 /
Resource Hash: a4bca417f384b34a875a34aec7981119088b3cbee77aa3609695fcf9fc79f66f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 11:22:27 GMT
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
server: nginx/1.21.1
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P2
age: 11518
etag: "-1-22e"
x-cache: Hit from cloudfront
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: ETag,X-CDN
accept-ranges: bytes
content-length: 558
x-amz-cf-id: RTNNCHtNOgSWaldGfmAn_TwnCJQmB-_JSTvX5E6IRoEGCjwKd147sg==

GET
H3 200 rocket-loader.min.js Show response
www.bakertilly.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 9ms
9ms Script
application/javascript 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bakertilly.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/page/pay-invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jul 2023 15:21:35 GMT
server: cloudflare
etag: W/"64a438ff-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7e30cee79fbc1cb7-FRA
expires: Sun, 09 Jul 2023 14:34:25 GMT

GET
H2 200 xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2
fonts.gstatic.com/s/sora/v11/ 23 KB
23 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sora/v11/xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Sora:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bc567bba08485fa1610412e323cce4ff69f40e7269743360281c68d234f59cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bakertilly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 12:47:16 GMT
x-content-type-options: nosniff
age: 6429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23252
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 18:15:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 12:47:16 GMT

GET
H2 200 identifyEmail.latest.js Show response
cdn.calibermind.com/js/ 838 B
1 KB 46ms
13ms Script
application/javascript 2606:4700:3031::ac43:d595
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calibermind.com/js/identifyEmail.latest.js

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d595 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda851ced6071adcde40501c1c09e21fd48be1594567337f82711a6371b9779c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 61941
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 30 Jun 2023 17:07:12 GMT
server: cloudflare
etag: W/"649f0bc0-346"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F93TBQ9aA7z54Fa5roAHECljgxTVyquxx8M%2BCqdxHg2AMmsQ7wZsj0uUtXp%2B2awMO6Q4%2FahWx8bbKlhHP%2B46%2FrgPLoxJWGxd6o5MM94jjJbDecn8PFRoJ1UYcz64beoUix3yrG4DfKWWqeE%2B%2FqZm5xcA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400, stale-if-error=3600
cf-ray: 7e30cee92816bbce-FRA

GET
H2 200 prismic.js Show response
static.cdn.prismic.io/ 29 KB
10 KB 57ms
8ms Script
application/javascript 2600:9000:21f3:2000:6:ea06:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.prismic.io/prismic.js?repo=baker-tilly-www&new=true
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2000:6:ea06:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8eb5ecfec8aa8ef9e39ce22a7243d1a5c71362e3792dbd1a0a26ea7f2d359d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 05:26:09 GMT
content-encoding: gzip
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
last-modified: Fri, 21 Oct 2022 11:42:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 32898
x-amz-server-side-encryption: AES256
etag: W/"c8bfbb59bff7a90e1029b3831ece2c04"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 80TKrSNN0DIpGOAUEQFHgLM_VnN8qhNKGwWIs3fwPwRtbkRtq-ReIg==

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
681 B 29ms
8ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default%2Ces2017%2Ces2016%2Cfetch%2CObject.keys%2CObject.assign%2CObject.entries%2CObject.values%2CPromise.prototype.finally%2CPromise

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
Origin: https://www.bakertilly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Jul 2023 14:34:26 GMT
age: 2116385
detected-user-agent: Chrome Mobile/114.0.0
useragent_normaliser: chrome/114.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=2
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 May 2023 00:17:37 GMT
fastly_service_version: 195
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
normalized-user-agent: chrome/114.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H3 404 footer-growth-symbol.png
www.bakertilly.com/assets/images/logos/ 31 KB
31 KB 18ms
17ms Image
text/html 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bakertilly.com/assets/images/logos/footer-growth-symbol.png
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/css/styles.b097b497.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 6b1902539d090b662fd02530fce20cd34e28b90a30900ec43b1f52bf3695c550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/_next/static/css/styles.b097b497.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 24570
x-powered-by: Next.js
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7e30cee8f96f1cb7-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 18:34:26 GMT

POST
H2 200 player_loads Show response
raw.vidyard.com/v2/ Frame DA27 68 B
213 B 107ms
107ms XHR
application/json 18.208.66.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.66.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-66-21.compute-1.amazonaws.com
Software: /
Resource Hash: 0a723bfc1534bfd32272d1808e6bdda835cf32059d9d5cfa216b3be2484cda79

Request headers

Referer: https://play.vidyard.com/gjYAPjZcUNzm4kMJnUJtBP
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Fri, 07 Jul 2023 14:34:26 GMT
x-vidyard-hostname: 8a3bbcb44fe4
content-length: 68
content-type: application/json; charset=utf-8

OPTIONS
H2 200 player_loads
raw.vidyard.com/v2/ Frame 0
0 120ms
120ms Preflight
text/html 18.208.66.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.66.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-66-21.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://play.vidyard.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-methods: POST, PUT
access-control-allow-origin: https://play.vidyard.com
access-control-max-age: 86400
content-length: 0
content-type: text/html;charset=utf-8
date: Fri, 07 Jul 2023 14:34:26 GMT

POST
H2 200 player_loads Show response
raw.vidyard.com/v2/ Frame 4BA4 68 B
213 B 107ms
106ms XHR
application/json 18.208.66.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.66.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-66-21.compute-1.amazonaws.com
Software: /
Resource Hash: 23827a82b559487467161c9703ac21d8b2c7ed1e1a9bfdb130e0055955b7bf11

Request headers

Referer: https://play.vidyard.com/kt15XQZGHtnXFdTuDceGJL
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Fri, 07 Jul 2023 14:34:26 GMT
x-vidyard-hostname: 4be7ac962817
content-length: 68
content-type: application/json; charset=utf-8

OPTIONS
H2 200 player_loads
raw.vidyard.com/v2/ Frame 0
0 101ms
101ms Preflight
text/html 18.208.66.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.66.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-66-21.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://play.vidyard.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-methods: POST, PUT
access-control-allow-origin: https://play.vidyard.com
access-control-max-age: 86400
content-length: 0
content-type: text/html;charset=utf-8
date: Fri, 07 Jul 2023 14:34:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 236 KB
77 KB 53ms
32ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3bbf3bfd4f846138c93ce31a1099bea4ab6f26a1574758483eac7b0f3b241df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78461
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Jul 2023 14:34:26 GMT

GET
H2 200 a.js Show response
cdn.calibermind.com/ 213 KB
59 KB 32ms
25ms Script
application/javascript 2606:4700:3031::ac43:d595
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calibermind.com/a.js

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d595 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0647d8975d5c92ea700e635befca523c5aac18754b8454d954909fe070e68cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 64171
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 30 Jun 2023 17:05:30 GMT
server: cloudflare
etag: W/"649f0b5a-354c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UM3db3RZNcB9zPbHqsmxwM2zlq9aX0hxxdlK3j3bLTSy%2B6%2BREyirO5Coa1EIKLHkxwjDRR58dAqFT%2BMJAujPaaUX7PFHEevnVjPoA%2B2SbJzeiBY6YPi2LDlfMW%2Fhxe6BMNLpK8Ik0Y3YhYhqrKtNM3X7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400, stale-if-error=3600
cf-ray: 7e30cee9281abbce-FRA

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 303ms
104ms Script
application/javascript 3.215.172.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-172-219.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 07 Jul 2023 14:34:26 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Thu, 06 Jul 2023 17:25:12 GMT
Server: PardotServer
etag: "15f4-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1988
expires: Sun, 06 Jul 2025 14:34:26 GMT

POST
H3 200 search Show response
www.bakertilly.com/api/algolia/ 22 KB
4 KB 283ms
282ms Fetch
application/json 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/api/algolia/search
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/page.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c8d97ba08735690322c1fc876a818cd4dad81de45485dfaa999d53b72861bb7a

Request headers

Referer: https://www.bakertilly.com/page/pay-invoice
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"57fa-jeSySim5E6m4DN2dPIIzL/PwJoM"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7e30ceeaebc91cb7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 iframe.html Show response
baker-tilly-www.prismic.io/prismic-toolbar/4.0.9/ Frame CB5F 20 KB
7 KB 313ms
106ms Document
text/html 34.206.49.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://baker-tilly-www.prismic.io/prismic-toolbar/4.0.9/iframe.html
Requested by: Host: static.cdn.prismic.io
URL: https://static.cdn.prismic.io/prismic.js?repo=baker-tilly-www&new=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.49.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-49-104.compute-1.amazonaws.com
Software: /
Resource Hash: dd34cc3a0af95382d37cf4318648616c35e2abcff7ccad25d6ec9ec140ddd0e2

Request headers

Referer: https://www.bakertilly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 07 Jul 2023 14:34:26 GMT
etag: W/"e304e33fcad3a742d951d7047710bb65"
last-modified: Fri, 21 Oct 2022 11:42:33 GMT

GET
H2 200 0900dec5-bc23-4cbd-aaf0-f4c6c4568aac_hands-typing-laptop-card.jpg
images.prismic.io/baker-tilly-www/ 21 KB
22 KB 9ms
9ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/baker-tilly-www/0900dec5-bc23-4cbd-aaf0-f4c6c4568aac_hands-typing-laptop-card.jpg?auto=compress,format&rect=0,257,2000,635&w=1670&h=530

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

2fd7a52ee801db4babf4fc2fc81055ed43f62a716dadf1bdc85862ced222292f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
x-content-type-options: nosniff
age: 942886
x-cache: HIT, HIT
x-imgix-id: 9e0e2474bfcc115becef375d01dc5ff096c21e6f
cross-origin-resource-policy: cross-origin
content-length: 21995
x-served-by: cache-sjc1000084-SJC, cache-fra-etou8220117-FRA
x-imgix-render-farm: 01.140360
last-modified: Mon, 26 Jun 2023 16:39:39 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 index.js Show response
www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/ 135 KB
38 KB 362ms
362ms Script
application/javascript 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/index.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/runtime/main-3c30a278dddde2fd1b61.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cb89e52fb378a1a09a4f280fec458336bacde9a64e2b5cbf3fc73dbac31d72be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/page/pay-invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 16 Jun 2023 18:53:56 GMT
server: cloudflare
x-powered-by: Express
etag: W/"21ad2-188c58e95a0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7e30ceeb1c0e1cb7-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 18:34:26 GMT

GET
H3 200 leave-a-message.js Show response
www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/contact/ 27 KB
10 KB 188ms
188ms Script
application/javascript 2606:4700::6810:8426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/contact/leave-a-message.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/runtime/main-3c30a278dddde2fd1b61.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 75390eafe7e6dfb07f49756869625bf3a4fab0cf6807db2605c399cd0d46612a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/page/pay-invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 16 Jun 2023 18:53:56 GMT
server: cloudflare
x-powered-by: Express
etag: W/"6deb-188c58e95a0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7e30ceeb1c101cb7-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 18:34:26 GMT

POST
H2 200 p Show response
e.calibermind.com/v1/ 16 B
625 B 384ms
355ms Fetch
application/json 2606:4700:3031::ac43:d595
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://e.calibermind.com/v1/p

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d595 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8JI7RCrwagcz28ojJ7OfnDCXuvqgeVeAbL73opPYBO9WHx3DgX1ii3ocwevXjVPYySeju1Mf%2FhXm6sA5K8Pzu7%2BzSnHiljvK5JsVUQiF0RWjmS%2FEYoqP9zW4BuPpezgvRxg33qACyqdXuDxGlIRYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7e30ceeb7e6b18d7-FRA
alt-svc: h3=":443"; ma=86400
access-control-allow-headers: Content-Type,Authorization
content-length: 16
x-request-id: 37c0a120-e009-4347-add8-e2826ef88722

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Jul 2023 13:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5389
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 07 Jul 2023 15:04:37 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 67 KB
22 KB 47ms
9ms Script
text/javascript 2600:9000:225e:bc00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:bc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a8177ea57b73e6d04544d59b5a48e8ffe03d8904f5c2a2754b9c34219abe82b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id: ynjGLHCZyIhadPv8Qz1n_wki97bxL8oO
Content-Encoding: gzip
Via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
Date: Fri, 07 Jul 2023 14:19:49 GMT
Age: 878
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 22 Jun 2023 17:43:19 GMT
Server: AmazonS3
Etag: W/"527ca8c7c9b842ca9719a241fc1f2629"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ELDP77fFp0_SyDVMh-62oZJwYeq7mB8v56vNsqlSShcKwb9GHsJkbg==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
772 B 60ms
8ms Script
application/x-javascript 2a02:26f0:3100::1735:28ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28ba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Jun 2023 17:35:57 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=85682
accept-ranges: bytes
content-length: 560

GET
H2 200 zi-tag.js Show response
js.zi-scripts.com/ 8 KB
3 KB 66ms
7ms Script
application/javascript 2600:9000:223e:cc00:11:1faa:8080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:cc00:11:1faa:8080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 965216e5aefbff8eb9979708c07a2414392ed6d780dfe53c27c356e317478727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: kLHcdItHLihWTOne3WThVFFe1AtpHRg8
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Fri, 07 Jul 2023 09:54:09 GMT
last-modified: Fri, 28 Apr 2023 05:37:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 16818
etag: W/"d708741896b6af0f1908a95a605b4dec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Mvy5M3NQggh_PtVmj_bJdP18CB1ElWy_-uIfgCRaOXiD5r2DwTnb4Q==

GET
H2 200 siteanalyze_35627.js Show response
siteimproveanalytics.com/js/ 43 KB
13 KB 38ms
16ms Script
application/javascript 2606:4700:e6::ac40:c518
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_35627.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 677a2869f548232072376354afb060e9dcb0797a8408fcc05f91aa24a303dee6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QWVPEK3J8E4A5CXV
age: 5176
alt-svc: h3=":443"; ma=86400
content-length: 12614
x-amz-id-2: MZOnH/W2Hm5utL+rT2CDoNAXxiJn3h+QUQfHNH/IFQkem9F1sWUURzghZOloQc69rGWx5IkTFyQ=
last-modified: Wed, 28 Jun 2023 18:12:31 GMT
server: cloudflare
etag: "c91f96f938d3182011c942890184d805"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWOcKlmI1X3EXpjyoAvLhdsk4qmQWTfol3rurg8RZfkxNpBIUfXSqX68Hvf%2BuaPdWWLmYBJPL8KzYgeC2XDid7l%2BAc5Mg7uJ6qX5UG4GCb4F6p1Vk1vrItAS%2F6FTbNtm58EwxazPXgAgW3hWOBxeW3vjqUMdD%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 7e30ceeb9f9b9945-FRA

GET
H2 200 beacon.js Show response
analytics-sm.com/js/v1/ 2 KB
2 KB 43ms
7ms Script
application/javascript 13.32.121.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-sm.com/js/v1/beacon.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/page/pay-invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 133b0a1570d26f9e1beeecaeb4587a8f449c65bff8c87895cdd7e98879644ba6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:26:51 GMT
content-encoding: gzip
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Mon, 18 Nov 2019 20:56:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 456
etag: W/"ab9f4a2518b1913f8a45b16f69d1c7a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600, no-transform, public
x-amz-cf-id: eXMBDFWaapFTU6fxkZUBbV6z4t_ap9D9uv5TWGISuo6qF3H-79jXgw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
96 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DDHH2G7ZCE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e95191549b621c23fbbd08a65a65733aa0fa832e29e44a2a566909f5e821614e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 07 Jul 2023 14:34:26 GMT

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 2 KB
2 KB 170ms
170ms Script
text/javascript 3.215.172.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=50965&account_id=871811&title=Online%20invoice%20payment%20portal%20-%20Baker%20Tilly&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-172-219.compute-1.amazonaws.com

Software

PardotServer /

Resource Hash

73cc63bb03dcd45fb88da44aab94ebcd0b587fe595a0259353875a72b1d33ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 07 Jul 2023 14:34:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
Server: PardotServer
vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 940
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 /
analytics-sm.com/ 68 B
387 B 7ms
6ms Image
image/png 13.32.121.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics-sm.com/?bid=10a28e2c-7096-450e-bdb9-2a977d6102b6&smuid=1688740817161&bt=1688740466555&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&url_path=%2Fpage%2Fpay-invoice&title=Online%20invoice%20payment%20portal%20-%20Baker%20Tilly
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 06:55:28 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Mon, 15 Oct 2018 15:03:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 10395539
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache
content-length: 68
x-amz-cf-id: IeX6DtnJhPtBQTL3Mu7DsN-dKv4sBzLiR0kScS5mMX5FmXnuhlnRdQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 14ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1581275963&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&ul=en-us&de=UTF-8&dt=Online%20invoice%20payment%20portal%20-%20Baker%20Tilly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=775194296&gjid=1817063480&cid=1706444454.1688740467&tid=UA-9130791-1&_gid=640768172.1688740467&_r=1&_slc=1&gtm=45He3750n7154NKV2&z=127926668

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 14:34:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bakertilly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/ZIA6BVWR65BBXJT4LUM5OD/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

8ms
8ms

Script
application/javascript

2600:9000:225e:bc00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Server: 2600:9000:225e:bc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id: KLTaAvzmAP.1_rS.URSLlTS3u46mZQHP
Date: Thu, 06 Jul 2023 19:24:40 GMT
Via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Age: 74365
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Tue, 21 Mar 2023 16:39:30 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: p6jEZPPjq0-e1k1DCqjUDYLi-ViVKhHOMRu0Ere-I2eH3dFRmuzbcg==

Redirect headers

Date: Thu, 06 Jul 2023 16:53:59 GMT
Via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
Age: 78026
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 4pWQkF9sJeY4bHYs9BXjxOotEEeGfmrq8zM18Eea6ACXslzUeqpyDg==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

8ms
8ms

Script
application/javascript

2600:9000:225e:bc00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:225e:bc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Thu, 06 Jul 2023 18:26:19 GMT
Via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
Age: 72492
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: bRwkByW3gxsHzsKHfhq9WZza44_fcZJnAp2bFRf8gFEKPxh_MpW4Aw==

Redirect headers

Date: Thu, 06 Jul 2023 16:54:00 GMT
Via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
Age: 78026
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Wce5WRQYGHtVoQmwhV4aOtwidM3C-TD8Ff9DhpfQ3Ye21pmLykdfyg==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/ 4 KB
3 KB 22ms
9ms Script
text/javascript 2600:9000:225e:bc00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:bc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id: iCb9X8L7nmAqzG2XcJGMlhXmsPIi2r7h
Content-Encoding: gzip
Via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Date: Fri, 07 Jul 2023 14:08:17 GMT
Age: 1570
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 05 Jul 2023 11:11:06 GMT
Server: AmazonS3
Etag: W/"a7bb70ece1e3f0f3879dcfca4857a770"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: SpL3HfnF5Xml3C6XMJtkrnl1cT5rJ5OD7qEYsNr1Rp0LXLPfYwvbXg==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 34ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DDHH2G7ZCE&gtm=45je3750&_p=1581275963&_gaz=1&cid=1706444454.1688740467&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1688740466&sct=1&seg=0&dl=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&dt=Online%20invoice%20payment%20portal%20-%20Baker%20Tilly&en=page_view&_fv=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DDHH2G7ZCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 14:34:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bakertilly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 84ms
28ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DDHH2G7ZCE&cid=1706444454.1688740467&gtm=45je3750&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DDHH2G7ZCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 14:34:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bakertilly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1017606877/ 3 KB
2 KB 69ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017606877/?random=1688740466613&cv=11&fst=1688740466613&bg=ffffff&guid=ON&async=1&gtm=45je3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&hn=www.googleadservices.com&frm=0&tiba=Online%20invoice%20payment%20portal%20-%20Baker%20Tilly&auid=1709527792.1688740466&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DDHH2G7ZCE&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a554be88e0473b1086d86b33588a30452a7d05c1b72fdfa6cdc9c1a539d2b29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 14:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 53ms
32ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DDHH2G7ZCE&cid=1706444454.1688740467&gtm=45je3750&aip=1&z=2029765296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 14:34:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:3100::1735:28ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28ba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jun 2023 22:23:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=24935
accept-ranges: bytes
content-length: 4807

GET
H2 200 image.aspx
35627.global.siteimproveanalytics.io/ 34 B
476 B 48ms
7ms Image
image/gif 18.196.135.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://35627.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&title=Online%20invoice%20payment%20portal%20-%20Baker%20Tilly&res=1600x1200&accountid=35627&rt=1652&prev=f3628528-4c21-fec2-17e5-b39219440774&luid=3323882b-882d-476a-0cae-bccb5e450d2f&rnd=9796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.135.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-135-18.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 07 Jul 2023 14:34:26 GMT
cache-control: max-age=0
content-length: 34
expires: Fri, 07 Jul 2023 14:34:26 UTC

GET
H2 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 115 B
479 B 154ms
154ms Fetch
application/json 2600:9000:223e:cc00:11:1faa:8080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/page.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:cc00:11:1faa:8080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 8335cb59b57f6368c049f20bf9a83113584ec456cdf62a66dd7e7e368e7e4ba1

Request headers

Content-Type: application/json
Referer: https://www.bakertilly.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer 158d84a7071679921759
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
visited_url: https://www.bakertilly.com/page/pay-invoice

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-powered-by: Express
etag: W/"73-MgCnpLJnHKccDNSUmkUK2dZkjkc"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 115
apigw-requestid: HspR_gHMvHcEMUg=
x-amz-cf-id: znkYa1u_ot265NawGnwTT9e01D3zIExGXcqvjIYM8v4N17579QXnEQ==

OPTIONS
H2 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 166ms
153ms Preflight 2600:9000:223e:cc00:11:1faa:8080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:cc00:11:1faa:8080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.bakertilly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: HspR-h9QPHcEMiQ=
date: Fri, 07 Jul 2023 14:34:26 GMT
vary: Access-Control-Request-Headers
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-id: LOXZVMexRL_emda6DosW1bZZba840YFMR8_PRsdof-mVmKSeHyv0Qw==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-powered-by: Express

OPTIONS
H2 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 163ms
151ms Preflight 2600:9000:223e:cc00:11:1faa:8080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:cc00:11:1faa:8080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.bakertilly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: HspR-i2IPHcEMIw=
date: Fri, 07 Jul 2023 14:34:26 GMT
vary: Access-Control-Request-Headers
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-id: LuYNIzvy_W6BCs_gHUJCHz3gIm5jK7M08vT7oggsNwPYfdFeK5kvdQ==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 115 B
478 B 149ms
149ms Fetch
application/json 2600:9000:223e:cc00:11:1faa:8080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/page.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:cc00:11:1faa:8080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: e7ebab4a20c29f29d2936de33c8af1cebbd9ccf59751571a469a165498888098

Request headers

Content-Type: application/json
Referer: https://www.bakertilly.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer 158d84a7071679921759
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
visited_url: https://www.bakertilly.com/page/pay-invoice

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-powered-by: Express
etag: W/"73-ukqrILCK77gVFtReCBPuwaIY5Po"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 115
apigw-requestid: HspR_gvTPHcEMJw=
x-amz-cf-id: xzkTaQXc1asTf2j4-DJv2NiCaFg9w62vX0pvS5pgYN7OpSzC5sFmoA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 49ms
28ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-9130791-1&cid=1706444454.1688740467&jid=775194296&gjid=1817063480&_gid=640768172.1688740467&_u=YEBAAEAAAAAAACAAI~&z=223551646

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 07 Jul 2023 14:34:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bakertilly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/30525/domain/bakertilly.com/ 36 B
391 B 29ms
6ms XHR
application/json 2600:9000:20eb:3400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/30525/domain/bakertilly.com/token
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/page.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.bakertilly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 13:47:55 GMT
content-encoding: gzip
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2791
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-amz-cf-id: wD_BI_uGOulgM_V2lU4q6eOEjTJ7VMHjYEbTLeFbcwv0BXtP6UgeeA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1688740466650&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1688740466650&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D30525%26time%3D1688740466650%26url%3Dhttps%253A%252F%252Fwww.bakertilly.com%252Fp...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1688740466650&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1688740466650&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&cookiesTest=true&liSync=true&e_ipv6=AQJ-zp53PaPk0gAAAYkwxpJlVu...

0
265 B

226ms
186ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1688740466650&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&cookiesTest=true&liSync=true&e_ipv6=AQJ-zp53PaPk0gAAAYkwxpJlVusKGayJY1Z7_zUEfmJvcm9NeHmlozQKdhwdlhIxiaiKde3yDICf9kF1LVQh823IJJ4npQ
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:27 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7388B1C728D44F068AC059391E65C291 Ref B: DUS30EDGE0416 Ref C: 2023-07-07T14:34:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/5oevGit2rYyvrI45EQ==

Redirect headers

date: Fri, 07 Jul 2023 14:34:26 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5A19FDD9E91B47128E06C656A9CC2FE8 Ref B: FRAEDGE2008 Ref C: 2023-07-07T14:34:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1688740466650&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&cookiesTest=true&liSync=true&e_ipv6=AQJ-zp53PaPk0gAAAYkwxpJlVusKGayJY1Z7_zUEfmJvcm9NeHmlozQKdhwdlhIxiaiKde3yDICf9kF1LVQh823IJJ4npQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/5oerxMq17mz6AD0hxg==

GET
H2 200 ZIA6BVWR65BBXJT4LUM5OD Show response
d.adroll.com/consent/check/ 452 B
545 B 96ms
29ms Script
application/javascript 2a05:d018:cc3:fe05:2be6:b3b1:eee6:abb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/ZIA6BVWR65BBXJT4LUM5OD?pv=4323656919.860896&arrfrr=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&_s=d930fe8cb4844cc41e762aa8173ebfb3&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:2be6:b3b1:eee6:abb5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: eaab4efd17febfe522da5e0e9df38a91b24bddd4860293731fbc4d89c8bc54ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:34:26 GMT
server: nginx/1.22.1
content-length: 452
content-type: application/javascript

GET
H2 200 /
www.google.com/pagead/1p-user-list/1017606877/ 42 B
455 B 41ms
19ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1017606877/?random=1688740466613&cv=11&fst=1688738400000&bg=ffffff&guid=ON&async=1&gtm=45je3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&frm=0&tiba=Online%20invoice%20payment%20portal%20-%20Baker%20Tilly&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3977633559&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 14:34:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1017606877/ 42 B
154 B 19ms
19ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1017606877/?random=1688740466613&cv=11&fst=1688738400000&bg=ffffff&guid=ON&async=1&gtm=45je3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&frm=0&tiba=Online%20invoice%20payment%20portal%20-%20Baker%20Tilly&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3977633559&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 14:34:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 50ms
33ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-9130791-1&cid=1706444454.1688740467&jid=775194296&_u=YEBAAEAAAAAAACAAI~&z=1484196978

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 14:34:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-9130791-1&cid=1706444454.1688740467&jid=775194296&_u=YEBAAEAAAAAAACAAI~&z=1484196978

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 14:34:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 418 KB
56 KB 9ms
9ms Script
text/javascript 2600:9000:225e:bc00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:bc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id: wD7IUQmRA9PUuld8lU58FBeuMlOqC6p6
Content-Encoding: gzip
Via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Date: Fri, 07 Jul 2023 14:31:02 GMT
Age: 211
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 05 Jul 2023 21:39:27 GMT
Server: AmazonS3
Etag: W/"3306a47faf7223d93fb356e8a73d1942"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: sTmE_jrrkxKow9lN3PgddBHQA5SAvKWeGqdtMO_6bbwyoPGocqxwKw==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 12ms
12ms Image
image/png 2600:9000:225e:bc00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:bc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Thu, 06 Jul 2023 21:58:21 GMT
Via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Age: 59806
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: PnaPqI6tWlkcnMzY5LQTFKzPopZW34voPBWVgVTJFK0JnlUudLIxOA==

GET
H3 200 / Show response
ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3/ 3 KB
2 KB 145ms
145ms Fetch
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3/?iszitag=true

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f07f4c142ffdee6494d73fe01c0335fa41d8b42012826e75cca29d8e4e3bc229

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/page/pay-invoice
_zitok: 1d1af10eb1bf377d9c921688740466
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/javascript

Response headers

date: Fri, 07 Jul 2023 14:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.bakertilly.com
access-control-allow-credentials: true
cf-ray: 7e30ceef8ae43636-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 /
ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3/ Frame 0
0 171ms
155ms Preflight
text/html 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3/?iszitag=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _zitok,content-type
Access-Control-Request-Method: GET
Origin: https://www.bakertilly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
access-control-allow-origin: https://www.bakertilly.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e30ceee9e563821-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 14:34:27 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

GET
H3 200 / Show response
ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3/ 3 KB
2 KB 162ms
152ms Fetch
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3/?iszitag=true

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fcffaa2edb5778389303aa8ed638994165c45d5fbfd96b99c03ff22d01e21e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/page/pay-invoice
_zitok: 0096cf185502a34af5411688740466
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/javascript

Response headers

date: Fri, 07 Jul 2023 14:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.bakertilly.com
access-control-allow-credentials: true
cf-ray: 7e30ceef8ae33636-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 /
ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3/ Frame 0
0 151ms
143ms Preflight
text/html 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3/?iszitag=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _zitok,content-type
Access-Control-Request-Method: GET
Origin: https://www.bakertilly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
access-control-allow-origin: https://www.bakertilly.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e30ceee9e583821-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 14:34:27 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

OPTIONS
H2 200 collect
ws.zoominfo.com/pixel/ Frame 0
0 135ms
134ms Preflight
text/html 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/collect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,requestfromzitag,unifiedscriptverified,x-ws-collect-type
Access-Control-Request-Method: POST
Origin: https://www.bakertilly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
access-control-allow-origin: https://www.bakertilly.com
allow: GET,HEAD,POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e30cef089313821-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 14:34:27 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

POST
H3 200 collect Show response
ws.zoominfo.com/pixel/ 0
611 B 141ms
141ms XHR
text/plain 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/collect

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

requestFromZITag: true
Referer: https://www.bakertilly.com/
x-ws-collect-type: xhr
unifiedScriptVerified: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Fri, 07 Jul 2023 14:34:27 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
access-control-allow-origin: https://www.bakertilly.com
access-control-allow-credentials: true
cf-ray: 7e30cef15de5383c-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DDHH2G7ZCE&gtm=45je3750&_p=1581275963&cid=1706444454.1688740467&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1688740466&sct=1&seg=0&dl=https%3A%2F%2Fwww.bakertilly.com%2Fpage%2Fpay-invoice&dt=Online%20invoice%20payment%20portal%20-%20Baker%20Tilly&en=GA4%20Page%20View&_et=13
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DDHH2G7ZCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 14:34:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bakertilly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bakertilly.com/	1969-12-31 23:59:59	Name: sid Value: c767b51b-f3cd-48a2-888f-c29e1c2178be
.trkn.us/	1970-01-20 21:51:16	Name: barometric[cuid] Value: cuid_df9bbcde-2621-4e6f-afbc-8f6f280ff0e7
.bakertilly.com/	1970-01-20 21:51:16	Name: ajs_anonymous_id Value: 47551d47-f890-4120-8cc4-faebdba040f8
.bakertilly.com/	1970-01-20 15:15:16	Name: _gcl_au Value: 1.1.1709527792.1688740466
.bakertilly.com/	1970-01-20 22:41:40	Name: sm_uuid Value: 1688740817161
.bakertilly.com/	1970-01-20 13:07:06	Name: _gid Value: GA1.2.640768172.1688740467
.bakertilly.com/	1970-01-20 13:05:40	Name: _gat_UA-9130791-1 Value: 1
.bakertilly.com/	1970-01-20 22:41:40	Name: _ga Value: GA1.1.1706444454.1688740467
.bakertilly.com/	1970-01-20 22:41:40	Name: _ga_DDHH2G7ZCE Value: GS1.1.1688740466.1.0.1688740466.60.0.0
.bakertilly.com/	1970-01-20 22:41:40	Name: nmstat Value: f3628528-4c21-fec2-17e5-b39219440774
www.bakertilly.com/	1970-01-20 13:07:06	Name: ln_or Value: eyIzMDUyNSI6ImQifQ%3D%3D
.doubleclick.net/	1970-01-20 13:05:41	Name: test_cookie Value: CheckForPermission
35627.global.siteimproveanalytics.io/	1970-01-20 13:15:45	Name: AWSALBCORS Value: 9kZh/sdjFejA4oqCUes5YQ9moJpDttoz+Z7AcnUzAUserbIZwdYVsqw8ASnktUqrtf3dsHRlldVpecPXvlbTa9YT7boEuMxg+sn+U/Syj7Ju9MqgXrB8j0Pw+5QS
.linkedin.com/	1970-01-20 15:15:16	Name: li_sugr Value: 488d1a08-fe14-4564-88ef-36a8914af6d3
.linkedin.com/	1970-01-20 21:51:16	Name: bcookie Value: "v=2&bd61d1f2-dcb3-4ae0-8607-6902649b5342"
.linkedin.com/	1970-01-20 13:07:06	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2943:u=1:x=1:i=1688740466:t=1688826866:v=2:sig=AQGaU5n7qZmM_HxP0TTZ7bMDoTlEMljd"
.www.bakertilly.com/	1970-01-20 22:41:40	Name: _zitok Value: 0096cf185502a34af5411688740466
.linkedin.com/	1970-01-20 13:48:52	Name: UserMatchHistory Value: AQIYQMNWvNtyegAAAYkwxpD1bYuhlq6ykIpDsC2hJ3_7l55fwiWzy0t55WcmWdPTtQvcZ3MUCMAo-Q
.linkedin.com/	1970-01-20 13:48:52	Name: AnalyticsSyncHistory Value: AQLIimMLiZUz8QAAAYkwxpD1-ZO5yTlSfOedC8SohWSf3asVeJVr5sW5hVhYYQMzZHC43kdt0yjz3Gletp3zLg
.www.linkedin.com/	1970-01-20 21:51:16	Name: bscookie Value: "v=1&202307071434273419f69a-af26-416c-8393-99bc5cca02f6AQGHLDNLIAF1NUCgzwXJDmzbviev3lJE"
.linkedin.com/	1970-01-20 17:24:52	Name: li_gc Value: MTswOzE2ODg3NDA0Njc7MjswMjGX4GLhbo6Ea5OMO9HE4FMBnATUWNJec/sGISvZLmYQaQ==
.zoominfo.com/	1970-01-20 13:05:42	Name: __cf_bm Value: 4lkFwWm1U3urEGf5SvYFAwGeiuRqovW2F1MhLdnK_TQ-1688740467-0-AW20S7qzkKKbj2rs692/db1korbO9lJGf5istqIXeHzLflAJ4k3qIeHhppO/2vGNRYvH0TQCu3Oh8CXeGnR4cC4=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: URt50HUb2kUY56ieJy6RCGgtz4UTjfJ_WWh0dVfTd4U-1688740467273-0-604800000

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.bakertilly.com/assets/images/logos/footer-growth-symbol.png Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.bakertilly.com/page/pay-invoice Message: The resource https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/contact/leave-a-message.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.bakertilly.com/page/pay-invoice Message: The resource https://www.bakertilly.com/_next/static/f5niA8DDUBnym4oqYFOHh/pages/index.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

35627.global.siteimproveanalytics.io
analytics-sm.com
assets.vidyard.com
baker-tilly-www.prismic.io
cdn.calibermind.com
cdn.linkedin.oribi.io
cdn.vidyard.com
d.adroll.com
e.calibermind.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.prismic.io
js.zi-scripts.com
pi.pardot.com
play.vidyard.com
polyfill.io
px.ads.linkedin.com
px4.ads.linkedin.com
raw.vidyard.com
region1.analytics.google.com
s.adroll.com
siteimproveanalytics.com
snap.licdn.com
static.cdn.prismic.io
stats.g.doubleclick.net
trkn.us
ws.zoominfo.com
www.bakertilly.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
13.107.42.14
13.32.121.42
151.101.1.181
151.101.129.181
18.196.135.18
18.208.66.21
18.66.97.118
2001:4860:4802:32::36
23.21.131.202
2600:9000:20eb:3400:2:53b2:240:93a1
2600:9000:21f3:2000:6:ea06:d140:93a1
2600:9000:223e:cc00:11:1faa:8080:93a1
2600:9000:225e:bc00:6:9280:1080:93a1
2606:4700:3031::ac43:d595
2606:4700::6810:650c
2606:4700::6810:8426
2606:4700:e6::ac40:c518
2620:1ec:21::14
2a00:1450:4001:803::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c07::9d
2a02:26f0:3100::1735:28ba
2a04:4e42:8e::720
2a04:4e42::282
2a05:d018:cc3:fe05:2be6:b3b1:eee6:abb5
3.215.172.219
34.206.49.104
07e751f01dd72a2065f3512dfc861ab50ea65b783f64f5b143f75714380230d6
0a2a2890f016af9e76c8fd55f1b956fbc147f220e1ad057fe5504f34a161a52f
0a723bfc1534bfd32272d1808e6bdda835cf32059d9d5cfa216b3be2484cda79
0bc567bba08485fa1610412e323cce4ff69f40e7269743360281c68d234f59cf
0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025
133b0a1570d26f9e1beeecaeb4587a8f449c65bff8c87895cdd7e98879644ba6
134b26eb74fbfc72f9687871af310d821c275dbb4250770199511a933b2fe019
151dd342bb803c6ab1719ce9aa990525f820ca44c341c7a0fce89b129dd27378
17b8745e133514985919a983f89b84f21924f157196af28d9bfd228ebe5fdfaa
17da6fb62c483baf018edd851ca11f5be6f1771d5fb96be90c377fc15a5223d4
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
23827a82b559487467161c9703ac21d8b2c7ed1e1a9bfdb130e0055955b7bf11
2fd7a52ee801db4babf4fc2fc81055ed43f62a716dadf1bdc85862ced222292f
3128d0f8732c7861930e023a82672e330f8b095297e4471be526a83c0c5d1db3
3628490ace08f04e98db89c249cadec8cb9c1cd5b5b32eb3fe3db51a2df1f995
394436333f9c418b80acaf64edacdac03b5e97a79fe59f30c795c77fa94bff79
3bbf3bfd4f846138c93ce31a1099bea4ab6f26a1574758483eac7b0f3b241df9
3fc06ba8cad24bdea755d92f562d741555ddefcf4d9a2e31b62dc74a0c76b02d
404ae79ad9b03e63047736ebaf77df9a759b0add1fa42e02bd6a4f362d64098e
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63
47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f
4a8177ea57b73e6d04544d59b5a48e8ffe03d8904f5c2a2754b9c34219abe82b
52f816a11c725d0f55ec6861264fe09d6796604569271cc1dae577023fa97917
677a2869f548232072376354afb060e9dcb0797a8408fcc05f91aa24a303dee6
6b1902539d090b662fd02530fce20cd34e28b90a30900ec43b1f52bf3695c550
6cd58cd233d94e718f646e153a5f404b9bfe4a5196cb39fb3cfd60f6f1defff6
6f980494011e2b36e6239dbbf84d47450e4b76f8ffd0e660c7e8a936bb320500
73cc63bb03dcd45fb88da44aab94ebcd0b587fe595a0259353875a72b1d33ae5
75390eafe7e6dfb07f49756869625bf3a4fab0cf6807db2605c399cd0d46612a
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c8cc28880fd73c6fc4a34f19a1da101c97d7b86ce1a15b017ceb9d67902004c
81f8a2600dae163150902cd1ee654f6427132058563e412f129ff6f9d919a1c2
8335cb59b57f6368c049f20bf9a83113584ec456cdf62a66dd7e7e368e7e4ba1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
8a554be88e0473b1086d86b33588a30452a7d05c1b72fdfa6cdc9c1a539d2b29
965216e5aefbff8eb9979708c07a2414392ed6d780dfe53c27c356e317478727
a0c4780b1472acb7b53ecfa8a6f29a6754fa238bf508c3ec1048103e4ed14198
a4bca417f384b34a875a34aec7981119088b3cbee77aa3609695fcf9fc79f66f
ab8eb5ecfec8aa8ef9e39ce22a7243d1a5c71362e3792dbd1a0a26ea7f2d359d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee6d27128fd4ddfe41cc445091806c75a434d5ec038504d27f5bc2e70c80052
b0354b897c7621be81c71261fda090a41deaa3de873c06b20225c7a21a79f5be
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3d338d777813ec8e257a8a897a487d471125c967229e6e10da0544a1f9783f2
b506149960b2fff2e53d7c4a5f77d61f4c6dde17727d57ce625325a6f8def0cf
b54be784ae8b3f51852f02497b085e60e3e32ac094f3738c7bfbee8e259c3460
b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8
b95922e7d702a5ab85ed29cd30237399d270711848c3f06f58c63de110116070
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c74cb95556f697e59eeb6814a2926e976cce99dbb5d3a9e1a66fb3cfd19ece90
c8d97ba08735690322c1fc876a818cd4dad81de45485dfaa999d53b72861bb7a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9f61a7e3f7448edb6e0d094348748ab6417800244a4ddb8531a2f4826ef8a86
cb89e52fb378a1a09a4f280fec458336bacde9a64e2b5cbf3fc73dbac31d72be
ccedf98acb69c612e09902c544608d87856b855bb3dd80c8eac6c95ce79d9719
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda851ced6071adcde40501c1c09e21fd48be1594567337f82711a6371b9779c
d0647d8975d5c92ea700e635befca523c5aac18754b8454d954909fe070e68cc
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
dd34cc3a0af95382d37cf4318648616c35e2abcff7ccad25d6ec9ec140ddd0e2
dde21bacb6b7f5cdb1d620ea43681754fb22a9630f642175c70c3f2b492b3cd5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0a93c95249cebbb8a22324d3f8e5f0801a41ff1fd27ac43485f8a56816e366a
e266e5bd0261f9b09628302c3ad85c8c5fbfa031c97dbce730ac7ef28e6bb30f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d946c4b330820c0de668e3a74ad14443f060ce332c243e772349d6d7327d76
e4fe41f7e70dc5a8e0b4d179311e5b47ac976056b0f2f8ebf1e70d63f639e92e
e7ebab4a20c29f29d2936de33c8af1cebbd9ccf59751571a469a165498888098
e95191549b621c23fbbd08a65a65733aa0fa832e29e44a2a566909f5e821614e
eaab4efd17febfe522da5e0e9df38a91b24bddd4860293731fbc4d89c8bc54ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07f4c142ffdee6494d73fe01c0335fa41d8b42012826e75cca29d8e4e3bc229
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f9c0978c3f2b9e6c23772ba17c9c814e2a22347933b5286e0b2943fbc722b522
fcffaa2edb5778389303aa8ed638994165c45d5fbfd96b99c03ff22d01e21e73
ffdf4768508bc04c5f0bb174e4ea8347f838dfa3f77aa0cced6e0746248258e8

www.bakertilly.com Open in urlscan Pro 2606:4700::6810:8426 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

108 Requests

94 %HTTPS

69 %IPv6

23 Domains

34 Subdomains

31 IPs

4 Countries

2611 kBTransfer

9081 kBSize

23 Cookies

8 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bakertilly.com Open in urlscan Pro
2606:4700::6810:8426 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

94 %
HTTPS

69 %
IPv6

23
Domains

34
Subdomains

31
IPs

4
Countries

2611 kB
Transfer

9081 kB
Size

23
Cookies

108 HTTP transactions
0 data transactions