www.bdo.com Open in urlscan Pro
2606:4700:4400::ac40:91ea Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://engage.nortonrosefulbright.com/e/aa0uriqurmjkza/d72ddd15-6967-4c54-b27d-630ec0c2008d
Effective URL:
https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_ca...
Submission: On May 23 via manual (May 23rd 2024, 10:49:37 pm UTC) from MX — Scanned from DE

Summary HTTP 138 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 29 domains to perform 138 HTTP transactions. The main IP is 2606:4700:4400::ac40:91ea, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bdo.com. The Cisco Umbrella rank of the primary domain is 287351.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 9th 2023. Valid for: a year.

This is the only time www.bdo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	18.239.50.56 18.239.50.56	16509 (AMAZON-02) (AMAZON-02)
1 1	13.42.182.217 13.42.182.217	16509 (AMAZON-02) (AMAZON-02)
35	2606:4700:440... 2606:4700:4400::ac40:91ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
20	2400:52e0:1e0... 2400:52e0:1e00::1079:1	200325 (BUNNYCDN) (BUNNYCDN)
1	3.214.207.123 3.214.207.123	14618 (AMAZON-AES) (AMAZON-AES)
3	172.67.213.149 172.67.213.149	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.227.219.48 13.227.219.48	16509 (AMAZON-02) (AMAZON-02)
8	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
8	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0d::9c	15169 (GOOGLE) (GOOGLE)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1	2606:4700:310... 2606:4700:3108::ac42:2af8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1	54.230.228.49 54.230.228.49	16509 (AMAZON-02) (AMAZON-02)
1	54.230.228.27 54.230.228.27	16509 (AMAZON-02) (AMAZON-02)
1	54.171.19.13 54.171.19.13	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::644	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	13.227.219.60 13.227.219.60	16509 (AMAZON-02) (AMAZON-02)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::644	54113 (FASTLY) (FASTLY)
1	18.159.167.47 18.159.167.47	16509 (AMAZON-02) (AMAZON-02)
138	36

2 18.239.50.56 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-56.ams58.r.cloudfront.net

engage.nortonrosefulbright.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.182.217 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-182-217.eu-west-2.compute.amazonaws.com

nortonrosefulbright.vuturevx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:4400::ac40:91ea (United States)

ASN13335 (CLOUDFLARENET, US)

www.bdo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2400:52e0:1e00::1079:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.207.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-207-123.compute-1.amazonaws.com

app.sendsafely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.213.149 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.calibermind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e.calibermind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-48.ams54.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2af8 (United States)

ASN13335 (CLOUDFLARENET, US)

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

116-edp-270.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-49.muc50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-27.muc50.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.19.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-19-13.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.219.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-60.ams54.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.167.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-167-47.eu-central-1.compute.amazonaws.com

2393.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	bdo.com www.bdo.com — Cisco Umbrella Rank: 287351	3 MB
21	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5911 api.omappapi.com — Cisco Umbrella Rank: 5964	108 KB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 312	175 KB
9	typekit.net use.typekit.net — Cisco Umbrella Rank: 448 p.typekit.net — Cisco Umbrella Rank: 565	174 KB
8	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 882	2 KB
8	t.co t.co — Cisco Umbrella Rank: 717	2 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2400 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 7454 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 7566 tracking.crazyegg.com — Cisco Umbrella Rank: 4579	37 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	243 KB
3	driftt.com js.driftt.com — Cisco Umbrella Rank: 5864	62 KB
3	calibermind.com cdn.calibermind.com — Cisco Umbrella Rank: 53643 e.calibermind.com — Cisco Umbrella Rank: 50170	61 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	22 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	313 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3095	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	4 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	399 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	73 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3868	6 KB
2	nortonrosefulbright.com 2 redirects engage.nortonrosefulbright.com — Cisco Umbrella Rank: 438558	1 KB
1	siteimproveanalytics.io 2393.global.siteimproveanalytics.io — Cisco Umbrella Rank: 495017	151 B
1	wistia.net fast.wistia.net — Cisco Umbrella Rank: 7802	134 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3735	6 KB
1	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4396	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
1	mktoresp.com 116-edp-270.mktoresp.com — Cisco Umbrella Rank: 480556	318 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 533	306 B
1	google.de www.google.de — Cisco Umbrella Rank: 7810	63 B
1	sendsafely.com app.sendsafely.com — Cisco Umbrella Rank: 367817	5 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 801	15 KB
1	vuturevx.com 1 redirects nortonrosefulbright.vuturevx.com — Cisco Umbrella Rank: 995432	969 B
138	29

	Domain	Requested by
35	www.bdo.com	www.bdo.com
20	a.omappapi.com	www.bdo.com a.omappapi.com
12	cdn.cookielaw.org	www.bdo.com cdn.cookielaw.org
8	analytics.twitter.com	www.bdo.com
8	t.co	www.bdo.com
8	use.typekit.net	www.bdo.com use.typekit.net
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	js.driftt.com	www.bdo.com js.driftt.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	www.bdo.com www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	www.bdo.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	cdn.calibermind.com	www.bdo.com
2	connect.facebook.net	www.bdo.com connect.facebook.net
2	munchkin.marketo.net	www.bdo.com munchkin.marketo.net
2	www.google.com	www.bdo.com www.gstatic.com
2	engage.nortonrosefulbright.com	2 redirects
1	2393.global.siteimproveanalytics.io
1	fast.wistia.net	www.bdo.com
1	siteimproveanalytics.com	www.bdo.com
1	fast.wistia.com	www.bdo.com
1	fonts.googleapis.com	a.omappapi.com
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	e.calibermind.com	cdn.calibermind.com
1	116-edp-270.mktoresp.com	munchkin.marketo.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.gstatic.com	www.google.com
1	api.omappapi.com	a.omappapi.com
1	www.google.de	www.bdo.com
1	region1.analytics.google.com	www.googletagmanager.com
1	app.sendsafely.com	www.bdo.com
1	static.ads-twitter.com	www.bdo.com
1	p.typekit.net	use.typekit.net
1	nortonrosefulbright.vuturevx.com	1 redirects
138	37

This site contains links to these domains. Also see Links.

Domain
insights.bdo.com
alumni.bdo.com
learning.bdo.com
www.nasbaregistry.org
www.facebook.com
www.twitter.com
www.linkedin.com
www.bdo.global
twitter.com
www.youtube.com
www.instagram.com
www.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-09` - `2024-08-07`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
script.crazyegg.com E1	`2024-04-05` - `2024-07-04`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-02` - `2024-05-31`	3 months	crt.sh
a.omappapi.com R3	`2024-05-12` - `2024-08-10`	3 months	crt.sh
*.sendsafely.com Amazon RSA 2048 M02	`2024-03-29` - `2025-04-27`	a year	crt.sh
calibermind.com E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.de WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
omappapi.com GTS CA 1P5	`2024-04-18` - `2024-07-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
siteimproveanalytics.com GTS CA 1P5	`2024-04-23` - `2024-07-22`	3 months	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
*.global.r1.siteimproveanalytics.io Amazon RSA 2048 M03	`2023-10-26` - `2024-11-23`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Frame ID: 3C1C47A559E9924669817F216ECE9AC2
Requests: 136 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcK1iEhAAAAAOUWpJHl7ErErYeZfEEKKJKAXCDk&co=aHR0cHM6Ly93d3cuYmRvLmNvbTo0NDM.&hl=de&v=joHA60MeME-PNviL59xVH9zs&size=invisible&cb=qbe28fz39q21
Frame ID: A2CA257FBD9ED057B23A64DAF58C5EBA
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=74z3vuwb7nuy&eId=74z3vuwb7nuy&region=US&forceShow=false&skipCampaigns=false&sessionId=2030efb9-3514-4aa8-a387-20359bb7c20d&sessionStarted=1716504573.482&campaignRefreshToken=3f19c033-a83f-40ca-be84-638186c6e2b3&hideController=false&pageLoadStartTime=1716504572541&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Frame ID: CDCED29976B65C5A683FE386C75A3257
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1716504572541
Frame ID: 997B7B99DCF77906CCB7EE2DD208AA4D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Are Sanctions and Export Controls the New FCPA? | BDO

Page URL History Show full URLs

https://engage.nortonrosefulbright.com/e/aa0uriqurmjkza/d72ddd15-6967-4c54-b27d-630ec0c2008d HTTP 302
https://engage.nortonrosefulbright.com/email_handler.aspx?shortUrl=aa0uriqurmjkza&sid=d72ddd15-6967-4c54-b27d-630ec... HTTP 302
https://nortonrosefulbright.vuturevx.com/edit/email_handler.aspx?shortUrl=aa0uriqurmjkza&sid=d72ddd15-6967-4c54-b27d-... HTTP 302
https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_s... Page URL

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

138
Requests

99 %
HTTPS

51 %
IPv6

29
Domains

37
Subdomains

36
IPs

6
Countries

4611 kB
Transfer

9192 kB
Size

41
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://insights.bdo.com/2024-BDO-CFO-Outlook-Survey.html
Title: 2024 BDO CFO Outlook Survey 2024 BDO CFO Outlook Survey Energize your business strategy with valuable data. chevron_right

Search URL Search Domain Scan URL

URL: https://alumni.bdo.com/
Title: BDO Alumni open_in_new

Search URL Search Domain Scan URL

URL: https://learning.bdo.com/Saba/Web_spf/NA10P1PRD073/common/registercatalog/virtc-W0008743
Title: REGISTER

Search URL Search Domain Scan URL

URL: http://www.nasbaregistry.org/
Title: www.nasbaregistry.org

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_;src=sdkpreparse

Search URL Search Domain Scan URL

URL: https://www.twitter.com/intent/tweet?url=https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&text=Are%20Sanctions%20and%20Export%20Controls%20the%20New%20FCPA?

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite?mini=true&url=https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&title=Are%20Sanctions%20and%20Export%20Controls%20the%20New%20FCPA?

Search URL Search Domain Scan URL

URL: https://www.bdo.global/en-gb/home
Title: Global Network open_in_new

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bdo.usa

Search URL Search Domain Scan URL

URL: https://twitter.com/BDO_USA

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bdo-usa-llp

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BDOUnitedStates

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bdo.usa

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://engage.nortonrosefulbright.com/e/aa0uriqurmjkza/d72ddd15-6967-4c54-b27d-630ec0c2008d HTTP 302
https://engage.nortonrosefulbright.com/email_handler.aspx?shortUrl=aa0uriqurmjkza&sid=d72ddd15-6967-4c54-b27d-630ec0c2008d HTTP 302
https://nortonrosefulbright.vuturevx.com/edit/email_handler.aspx?shortUrl=aa0uriqurmjkza&sid=d72ddd15-6967-4c54-b27d-630ec0c2008d HTTP 302
https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

138 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request are-sanctions-and-export-controls-the-new-fcpa Show response
www.bdo.com/events/
Redirect Chain

https://engage.nortonrosefulbright.com/e/aa0uriqurmjkza/d72ddd15-6967-4c54-b27d-630ec0c2008d
https://engage.nortonrosefulbright.com/email_handler.aspx?shortUrl=aa0uriqurmjkza&sid=d72ddd15-6967-4c54-b27d-630ec0c2008d
https://nortonrosefulbright.vuturevx.com/edit/email_handler.aspx?shortUrl=aa0uriqurmjkza&sid=d72ddd15-6967-4c54-b27d-630ec0c2008d
https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUV...

237 KB
26 KB

1782ms
1740ms

Document
text/html

2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

09160d5464e4b0e3bfc3a0c8ba10a56f75c6426582b8f799f41e62024d165c08

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8888997e3aed1c19-FRA
content-encoding: gzip
content-security-policy: img-src * data:
content-type: text/html; charset=utf-8
date: Thu, 23 May 2024 22:49:32 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 392
Content-Type: text/html; charset=utf-8
Date: Thu, 23 May 2024 22:49:30 GMT
Expires: -1
Location: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Pragma: no-cache
Strict-Transport-Security: max-age=157680000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block

GET
H2 200 yvu8ahf.css
use.typekit.net/ 15 KB
2 KB 37ms
8ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/yvu8ahf.css

Requested by

Host: www.bdo.com
URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3adacad7e7f128965b4db0caf081934239acbdaabc7fdf96895e66ad103343aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 23 May 2024 22:49:32 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1557

GET
H2 200 master.css
www.bdo.com/dist/ 370 KB
90 KB 23ms
23ms Stylesheet
text/css 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/dist/master.css?v=k7cGYTMzaAAy4Wz2jDR0-rOe4Oe6TmL496VAT0ChMs0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

93b706613333680032e16cf68c3474fab39ee0e7ba4e62f8f7a5404f40a132cd

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-security-policy: img-src * data:
age: 544
x-powered-by: ASP.NET
last-modified: Wed, 01 May 2024 14:39:04 GMT
server: cloudflare
etag: "1da9bd55060fd87"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 888899891af61c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 systemPageComponents.min.css
www.bdo.com/_content/Kentico.Content.Web.Rcl/Content/Bundles/Public/ 8 KB
3 KB 22ms
22ms Stylesheet
text/css 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/_content/Kentico.Content.Web.Rcl/Content/Bundles/Public/systemPageComponents.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

40d80a904882613dbdd56665b9dfbc844352e8eceaa7595a0aa612207e780ee0

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-security-policy: img-src * data:
age: 544
x-powered-by: ASP.NET
last-modified: Thu, 29 Feb 2024 14:01:46 GMT
server: cloudflare
etag: "1da6b17d4d52106"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 888899891af81c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1015 B 34ms
17ms Script
text/javascript 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LcK1iEhAAAAAOUWpJHl7ErErYeZfEEKKJKAXCDk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

05d0e5d19e4b7c933d1f5ee5b25b5cf2d3fe3457a66b62691ddfa16a6033c220

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 23 May 2024 22:49:32 GMT

GET
H2 200 BDO-USA_web-01.svg
www.bdo.com/getmedia/4e64ef6e-396a-4245-b942-b3c74eb04f8f/ 44 KB
31 KB 508ms
507ms Image
image/svg+xml 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bdo.com/getmedia/4e64ef6e-396a-4245-b942-b3c74eb04f8f/BDO-USA_web-01.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0b578f64835da3c6ac3e617280d4ba62f78fc2af4a98dc722e106319b270ec38

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: img-src * data:
cf-cache-status: REVALIDATED
content-encoding: gzip
x-powered-by: ASP.NET
content-disposition: inline; filename=BDO-USA_web-01.svg
last-modified: Thu, 19 Oct 2023 18:47:24 GMT
server: cloudflare
etag: W/"638333236447637856"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 888899891af91c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 48ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=yvu8ahf&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162&a=2215779&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yvu8ahf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://use.typekit.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 527 KB
134 KB 85ms
61ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5HMTPX3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3bb06fc5aeada2f41bb37745fd380e446ed1428895c0ba0fd5b6bf7ca2fd68db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137052
x-xss-protection: 0
last-modified: Thu, 23 May 2024 21:57:01 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 May 2024 22:49:32 GMT

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 29 KB
29 KB 34ms
12ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yvu8ahf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://use.typekit.net/yvu8ahf.css
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
server: nginx
etag: "6aeae62b893768150f3460329dc461358e8ab2f5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29820

GET
H2 200 14fc6f6a609772c817b0.woff2
www.bdo.com/dist/assets/fonts/ 163 KB
163 KB 26ms
26ms Font
font/woff2 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/dist/assets/fonts/14fc6f6a609772c817b0.woff2

Requested by

Host: www.bdo.com
URL: https://www.bdo.com/dist/master.css?v=k7cGYTMzaAAy4Wz2jDR0-rOe4Oe6TmL496VAT0ChMs0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2a85ef8beb60f11cbdfd74551269726156aa0b5d710dafe09cad5e999667a6b1

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/dist/master.css?v=k7cGYTMzaAAy4Wz2jDR0-rOe4Oe6TmL496VAT0ChMs0
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: img-src * data:
cf-cache-status: HIT
age: 544
x-powered-by: ASP.NET
content-length: 166596
last-modified: Wed, 01 May 2024 14:39:04 GMT
server: cloudflare
etag: "1da9bd55067bec4"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://www.bdo.com
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989bb641c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 30 KB
30 KB 35ms
13ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yvu8ahf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://use.typekit.net/yvu8ahf.css
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
server: nginx
etag: "09d1a94c81035c62708e0a513ee76d7886d15a25"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30704

GET
H2 200 SEC-ESG-Preparing-for-the-Proposed-SEC-Climate-Disclosure-Rule-Insight.jpg
www.bdo.com/getmedia/c8abce38-2839-4ceb-88ea-e4e56742f27a/ 137 KB
137 KB 508ms
506ms Image
image/jpeg 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bdo.com/getmedia/c8abce38-2839-4ceb-88ea-e4e56742f27a/SEC-ESG-Preparing-for-the-Proposed-SEC-Climate-Disclosure-Rule-Insight.jpg?width=1201&height=796&ext=.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

af75f516f4bd6bd68f526815c8e898760c627367aa4c3f65acaea62246702e17

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-security-policy: img-src * data:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
content-disposition: inline; filename=SEC-ESG-Preparing-for-the-Proposed-SEC-Climate-Disclosure-Rule-Insight.jpg
content-length: 140252
cf-bgj: h2pri
last-modified: Thu, 30 Nov 2023 14:59:07 GMT
server: cloudflare
etag: "638369351478285618"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989db791c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 BDOs-Legal-Tech-Talk-Podcast-Insight.jpg
www.bdo.com/getmedia/09011a88-2438-404a-9eab-6519c66720b5/ 280 KB
281 KB 30ms
28ms Image
image/jpeg 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bdo.com/getmedia/09011a88-2438-404a-9eab-6519c66720b5/BDOs-Legal-Tech-Talk-Podcast-Insight.jpg?width=1200&height=795&ext=.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

25a6614ce0317b0786d80606fd19be551ca740fa48af4f3a000cf6a0485c0ef1

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-security-policy: img-src * data:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 3914
x-powered-by: ASP.NET
content-disposition: inline; filename=BDOs-Legal-Tech-Talk-Podcast-Insight.jpg
content-length: 287040
cf-bgj: h2pri
last-modified: Mon, 12 Jun 2023 15:55:46 GMT
server: cloudflare
etag: "638221677462313174"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989db7b1c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 GEN7_Insight.jpg
www.bdo.com/getmedia/1e1914d4-1d1e-4e55-b5a9-1216499ca860/ 156 KB
156 KB 489ms
488ms Image
image/jpeg 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bdo.com/getmedia/1e1914d4-1d1e-4e55-b5a9-1216499ca860/GEN7_Insight.jpg?width=1201&height=796&ext=.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

dc1d2a36aa4a42bebe82616956c7aeceb8495d79a5ac1bea63af4bea96e85841

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-security-policy: img-src * data:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
content-disposition: inline; filename=GEN7_Insight.jpg
content-length: 159619
cf-bgj: h2pri
last-modified: Mon, 24 Oct 2022 19:20:17 GMT
server: cloudflare
etag: "638022216176808741"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989db7d1c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 IND-2024-Agnostic-CFO-Survey-Report-Insight.jpg
www.bdo.com/getmedia/d1bc8cdc-6b10-43e7-b4a5-17e580a4a63a/ 78 KB
79 KB 486ms
485ms Image
image/jpeg 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bdo.com/getmedia/d1bc8cdc-6b10-43e7-b4a5-17e580a4a63a/IND-2024-Agnostic-CFO-Survey-Report-Insight.jpg?width=1200&height=795&ext=.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f844427a508646fad1cdee193c2d57ea8ab60efe830cedbf0fe9297865492721

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-security-policy: img-src * data:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
content-disposition: inline; filename=IND-2024-Agnostic-CFO-Survey-Report-Insight.jpg
content-length: 80171
cf-bgj: h2pri
last-modified: Thu, 18 Jan 2024 20:08:04 GMT
server: cloudflare
etag: "638411872842872145"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989db801c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 HC-Healthcare-Stability-Outlook-2024-Insight-Image.jpg
www.bdo.com/getmedia/b6a80c61-04b9-400c-9f03-005b5c4a565d/ 112 KB
113 KB 508ms
507ms Image
image/jpeg 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bdo.com/getmedia/b6a80c61-04b9-400c-9f03-005b5c4a565d/HC-Healthcare-Stability-Outlook-2024-Insight-Image.jpg?width=1201&height=796&ext=.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

552107af5dd7d1881daa76698ed2240f82c8b32be06292875723e421c758e659

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-security-policy: img-src * data:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
content-disposition: inline; filename=HC-Healthcare-Stability-Outlook-2024-Insight-Image.jpg
content-length: 114948
cf-bgj: h2pri
last-modified: Thu, 04 Jan 2024 01:58:05 GMT
server: cloudflare
etag: "638399122858994183"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989db821c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 TAX-TAXAI-The-Future-of-AI-Is-Now-Is-Tax-Ready-Insight-Image.jpg
www.bdo.com/getmedia/c5c47b7f-b4c6-4bad-b6ee-e08a03cfdba1/ 203 KB
204 KB 479ms
478ms Image
image/jpeg 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bdo.com/getmedia/c5c47b7f-b4c6-4bad-b6ee-e08a03cfdba1/TAX-TAXAI-The-Future-of-AI-Is-Now-Is-Tax-Ready-Insight-Image.jpg?width=1201&height=796&ext=.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

44c3d380521239fab1e3451a9be0858d5e1fb6dc867fe9940c41b9018bcf76be

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-security-policy: img-src * data:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
content-disposition: inline; filename=TAX-TAXAI-The-Future-of-AI-Is-Now-Is-Tax-Ready-Insight-Image.jpg
content-length: 208045
cf-bgj: h2pri
last-modified: Mon, 04 Dec 2023 20:37:54 GMT
server: cloudflare
etag: "638373010747971451"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989db831c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 TAX-GES-ESOP-2024-Insight.jpg
www.bdo.com/getmedia/8f91ef1f-3a35-4d1b-be20-db0315d83903/ 118 KB
118 KB 47ms
46ms Image
image/jpeg 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bdo.com/getmedia/8f91ef1f-3a35-4d1b-be20-db0315d83903/TAX-GES-ESOP-2024-Insight.jpg?width=1200&height=795&ext=.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c322d6f6575c7b4d8b34cb1254b601f377da86ef7600988f0d2fd585508fe070

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-security-policy: img-src * data:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 6559
x-powered-by: ASP.NET
content-disposition: inline; filename=TAX-GES-ESOP-2024-Insight.jpg
content-length: 120454
cf-bgj: h2pri
last-modified: Tue, 13 Feb 2024 20:51:30 GMT
server: cloudflare
etag: "638434362909758615"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989db841c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 Thriving-People-Insight_1.jpg
www.bdo.com/getmedia/59e51dff-7d5a-4489-8977-cd0004114ac0/ 271 KB
272 KB 505ms
504ms Image
image/jpeg 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bdo.com/getmedia/59e51dff-7d5a-4489-8977-cd0004114ac0/Thriving-People-Insight_1.jpg?width=1200&height=795&ext=.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

96b34dac915bbf51919a34cafeb9a5cc578fcd8464a74ea878c04b4227ea1ceb

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-security-policy: img-src * data:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
content-disposition: inline; filename=Thriving-People-Insight_1.jpg
content-length: 277567
cf-bgj: h2pri
last-modified: Sun, 13 Aug 2023 14:10:36 GMT
server: cloudflare
etag: "638275182363291986"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989db861c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 DEI-Workplace-Diversity-Award-Assets.jpg
www.bdo.com/getmedia/53e4c5be-4752-4906-9552-4e0efe0478bb/ 99 KB
100 KB 497ms
497ms Image
image/jpeg 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bdo.com/getmedia/53e4c5be-4752-4906-9552-4e0efe0478bb/DEI-Workplace-Diversity-Award-Assets.jpg?width=1200&height=795&ext=.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

84f192a848000ad2e3f62d43f5d160f03a81ce7d1a8286d483c990b519465509

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-security-policy: img-src * data:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
content-disposition: inline; filename=DEI-Workplace-Diversity-Award-Assets.jpg
content-length: 101684
cf-bgj: h2pri
last-modified: Fri, 23 Feb 2024 18:54:16 GMT
server: cloudflare
etag: "638442932560797830"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989db871c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 MKTG-BDO-Counts-Insight-Image.jpg
www.bdo.com/getmedia/7e47bfca-b4b6-4494-bc85-ba435fa91c1a/ 540 KB
541 KB 509ms
509ms Image
image/jpeg 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bdo.com/getmedia/7e47bfca-b4b6-4494-bc85-ba435fa91c1a/MKTG-BDO-Counts-Insight-Image.jpg?width=1200&height=795&ext=.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

844d9b8db160f0bcf5dd9ab5673ecdf57b99f23d7c772e0d964f2fd89f018a1f

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-security-policy: img-src * data:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
content-disposition: inline; filename=MKTG-BDO-Counts-Insight-Image.jpg
content-length: 553158
cf-bgj: h2pri
last-modified: Mon, 21 Aug 2023 14:58:52 GMT
server: cloudflare
etag: "638282123324160596"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989db8c1c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 cpe_logo.gif
www.bdo.com/getmedia/d9ff8b5e-a089-4bf0-b95c-efca9ae8bc85/ 2 KB
2 KB 495ms
495ms Image
image/gif 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bdo.com/getmedia/d9ff8b5e-a089-4bf0-b95c-efca9ae8bc85/cpe_logo.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

44d91dc3c58e0b6d66040f8dc05a2a49dfa6957f8cfa8b6abe6185a147557cd3

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: img-src * data:
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
content-disposition: inline; filename=cpe_logo.gif
content-length: 1913
last-modified: Tue, 08 Nov 2022 15:33:52 GMT
server: cloudflare
etag: "638035004329461668"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989db8d1c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 90170fbdd3dad451d44d.woff2
www.bdo.com/dist/assets/fonts/ 119 KB
119 KB 35ms
34ms Font
font/woff2 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/dist/assets/fonts/90170fbdd3dad451d44d.woff2

Requested by

Host: www.bdo.com
URL: https://www.bdo.com/dist/master.css?v=k7cGYTMzaAAy4Wz2jDR0-rOe4Oe6TmL496VAT0ChMs0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/dist/master.css?v=k7cGYTMzaAAy4Wz2jDR0-rOe4Oe6TmL496VAT0ChMs0
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: img-src * data:
cf-cache-status: HIT
age: 6743
x-powered-by: ASP.NET
content-length: 121784
last-modified: Wed, 01 May 2024 14:39:04 GMT
server: cloudflare
etag: "1da9bd55064efb8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://www.bdo.com
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989eb941c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 l
use.typekit.net/af/8738d8/00000000000000007735e611/30/ 16 KB
17 KB 19ms
18ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?subset_id=2&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yvu8ahf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://use.typekit.net/yvu8ahf.css
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
server: nginx
etag: "b104e817dea8b2a2bec04efdbe3f94cc937adda4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16880

GET
H2 200 l
use.typekit.net/af/3322cc/00000000000000007735e616/30/ 31 KB
31 KB 18ms
18ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yvu8ahf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 19be36b532c3147a005317cbc940c69b7137c7980a462525055393d3cfd20b30

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://use.typekit.net/yvu8ahf.css
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
server: nginx
etag: "45b6acdd85bc39b5dfc108ace1ad2dbe5fca28ba"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31620

GET
H2 200 l
use.typekit.net/af/4de20a/00000000000000007735e604/30/ 32 KB
32 KB 28ms
27ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4de20a/00000000000000007735e604/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yvu8ahf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9e68a48da384399ceeff9848067071cd266d829ae02bd9ca97f3f5f3d6a9fa3c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://use.typekit.net/yvu8ahf.css
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
server: nginx
etag: "59a4b2c03f9b7609599aab6c503269f21dd7d06e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32312

GET
H2 200 c32fc86b5d23fdcfcd4d.woff2
www.bdo.com/dist/assets/fonts/ 145 KB
145 KB 37ms
37ms Font
font/woff2 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/dist/assets/fonts/c32fc86b5d23fdcfcd4d.woff2

Requested by

Host: www.bdo.com
URL: https://www.bdo.com/dist/master.css?v=k7cGYTMzaAAy4Wz2jDR0-rOe4Oe6TmL496VAT0ChMs0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a74248b4bc5ce591888d507154626d15fe35b034169ef4a6f2457f137a6b9b53

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/dist/master.css?v=k7cGYTMzaAAy4Wz2jDR0-rOe4Oe6TmL496VAT0ChMs0
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: img-src * data:
cf-cache-status: HIT
age: 544
x-powered-by: ASP.NET
content-length: 148392
last-modified: Wed, 01 May 2024 14:39:04 GMT
server: cloudflare
etag: "1da9bd5506777a8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://www.bdo.com
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989eb991c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 6a4c20876fce645f0442.woff2
www.bdo.com/dist/assets/fonts/ 1 KB
2 KB 36ms
36ms Font
font/woff2 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/dist/assets/fonts/6a4c20876fce645f0442.woff2?sirxjp

Requested by

Host: www.bdo.com
URL: https://www.bdo.com/dist/master.css?v=k7cGYTMzaAAy4Wz2jDR0-rOe4Oe6TmL496VAT0ChMs0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ca27c127f9ffe7a47097c3079edcbd140dddd091fb75b11cb51268e65ddd4432

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/dist/master.css?v=k7cGYTMzaAAy4Wz2jDR0-rOe4Oe6TmL496VAT0ChMs0
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: img-src * data:
cf-cache-status: HIT
age: 544
x-powered-by: ASP.NET
content-length: 1520
last-modified: Wed, 01 May 2024 14:39:04 GMT
server: cloudflare
etag: "1da9bd5506531f0"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://www.bdo.com
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88889989eb9c1c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
98 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EGTR7RN261&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HMTPX3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70272122407a85b5102503f22930c4147bb4aec9480a083464d86051aab9f0c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100597
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 May 2024 22:49:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HMTPX3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 May 2024 22:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1224
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 24 May 2024 00:29:08 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 71ms
33ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.bdo.com
URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 22:49:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/6494e482-3121-41ca-8766-cd379cbe9079/ 24 KB
5 KB 68ms
50ms Script
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6494e482-3121-41ca-8766-cd379cbe9079/OtAutoBlock.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddfb8f8d286d8ba21872dcf0cb1b0e0510e07136b40a45ce95f30e7c580ff2cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6561
content-md5: yFtGs4QSQGWabKMPgN8GMA==
content-length: 4754
x-ms-lease-status: unlocked
last-modified: Thu, 23 May 2024 19:46:13 GMT
server: cloudflare
etag: 0x8DC7B6100A99175
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6ba70e8a-101e-001f-2e49-ad9a79000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8888998aadf24d6e-FRA
expires: Fri, 24 May 2024 22:49:32 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/6494e482-3121-41ca-8766-cd379cbe9079/ 20 KB
7 KB 66ms
49ms Script
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6494e482-3121-41ca-8766-cd379cbe9079/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea14b302d2386504b249b182fac6bdeff4b77b71921945c4cf70e73550ab503d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10969
content-md5: pbJJi2bi48pCi90v1avuPA==
content-length: 6924
x-ms-lease-status: unlocked
last-modified: Thu, 23 May 2024 19:46:13 GMT
server: cloudflare
etag: 0x8DC7B6100FE8255
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5b7939b0-001e-0029-5c49-ad372b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8888998aadf04d6e-FRA
expires: Fri, 24 May 2024 22:49:32 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 220 KB
80 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-860388076&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HMTPX3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae7bac9985ca725c29251c2f9504ab95f70af0c75b7de4a63761437ec6725dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81705
x-xss-protection: 0
last-modified: Thu, 23 May 2024 21:57:01 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 May 2024 22:49:32 GMT

GET
H2 200 7620.js Show response
script.crazyegg.com/pages/scripts/0011/ 6 KB
2 KB 71ms
28ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0011/7620.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HMTPX3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2da2d64555fd27795efed673cc7e46754b65dc50f2a80d467504edea93843e68

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 758
cf-polished: origSize=6229
ce-version: 11.5.214
cf-bgj: minify
last-modified: Thu, 23 May 2024 22:36:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8888998adf559f33-FRA

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 60ms
28ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.bdo.com
URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220126-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 29ms
11ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 May 2024 22:49:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2767, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: jIJhebFlht+aVV+Msg5zyVh2J2SV0YNnqo7NpmDgjfsug3sTHMv0+rxAFyTu2Yq36cEDHYyprhYI4ZgJUz7VuQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 51 KB
18 KB 60ms
28ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: www.bdo.com
URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 99142e3048ff980fa6ac618f8f99305efdf4bd1afa17aa842ae535a59716936d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Mon, 15 Apr 2024 18:01:26 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 750
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"661d6b76-cc60"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: b99b4bb34c950f70fa0f8b7bb991678e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 email-decode.min.js Show response
www.bdo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
837 B 11ms
10ms Script
application/javascript 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 May 2024 10:29:22 GMT
server: cloudflare
content-encoding: gzip
etag: W/"664b2602-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8888998a9c201c19-FRA
expires: Sat, 25 May 2024 22:49:32 GMT

GET
H2 200 jquery-3.5.1.js Show response
www.bdo.com/_content/Kentico.Content.Web.Rcl/Scripts/ 105 KB
43 KB 36ms
34ms Script
application/javascript 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/_content/Kentico.Content.Web.Rcl/Scripts/jquery-3.5.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e2075dacbcf097ebf6ca41703bc5d835515a440e994e3b48a824c4613c671337

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-security-policy: img-src * data:
age: 544
x-powered-by: ASP.NET
last-modified: Thu, 29 Feb 2024 14:01:46 GMT
server: cloudflare
etag: "1da6b17d4d4a5e2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8888998a9c231c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 jquery.unobtrusive-ajax.js Show response
www.bdo.com/_content/Kentico.Content.Web.Rcl/Scripts/ 4 KB
2 KB 52ms
50ms Script
application/javascript 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/_content/Kentico.Content.Web.Rcl/Scripts/jquery.unobtrusive-ajax.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

755f82e7a0f8a0c0ea3ed5806e77b6e4eb0a5e4b96d739f09602b51274e75461

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-security-policy: img-src * data:
age: 2987
x-powered-by: ASP.NET
last-modified: Thu, 29 Feb 2024 14:01:46 GMT
server: cloudflare
etag: "1da6b17d4d50f46"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8888998a9c241c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 systemFormComponents.min.js Show response
www.bdo.com/_content/Kentico.Content.Web.Rcl/Content/Bundles/Public/ 110 KB
44 KB 47ms
45ms Script
application/javascript 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/_content/Kentico.Content.Web.Rcl/Content/Bundles/Public/systemFormComponents.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0b46d66baaeb2bb16617e609ef881b151218c7a20a25a10c9065f396c74155a7

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-security-policy: img-src * data:
age: 544
x-powered-by: ASP.NET
last-modified: Thu, 29 Feb 2024 14:01:46 GMT
server: cloudflare
etag: "1da6b17d4d4b74a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8888998a9c261c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 runtime.bundle.js Show response
www.bdo.com/dist/ 1 KB
1 KB 53ms
52ms Script
application/javascript 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/dist/runtime.bundle.js?v=NAGLf2oiLnsbMuGpFtEXIH_bSSss7WXIRmQBQ2nnUA0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

34018b7f6a222e7b1b32e1a916d117207fdb492b2ced65c84664014369e7500d

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-security-policy: img-src * data:
age: 2986
x-powered-by: ASP.NET
last-modified: Wed, 01 May 2024 14:39:04 GMT
server: cloudflare
etag: "1da9bd5506531bd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8888998a9c291c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 vendor.bundle.js Show response
www.bdo.com/dist/ 229 KB
97 KB 32ms
31ms Script
application/javascript 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/dist/vendor.bundle.js?v=mGZaspCycPNpUUq-NkDd0u-2OtVhqjNqTthcgAiq45E

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

98665ab290b270f369514abe3640ddd2efb63ad561aa336a4ed85c8008aae391

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-security-policy: img-src * data:
age: 544
x-powered-by: ASP.NET
last-modified: Wed, 01 May 2024 14:39:04 GMT
server: cloudflare
etag: "1da9bd55066a645"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8888998a9c2b1c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 master.bundle.js Show response
www.bdo.com/dist/ 983 KB
369 KB 38ms
37ms Script
application/javascript 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/dist/master.bundle.js?v=ItT2F7SQIAw91Wy-7lrItSynfP4wYBQjSdS55O7-7J4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

22d4f617b490200c3dd56cbeee5ac8b52ca77cfe3060142349d4b9e4eefeec9e

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-security-policy: img-src * data:
age: 5702
x-powered-by: ASP.NET
last-modified: Wed, 01 May 2024 14:39:04 GMT
server: cloudflare
etag: "1da9bd5506a6f52"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8888998a9c2d1c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 local-nav.bundle.js Show response
www.bdo.com/dist/ 21 KB
10 KB 37ms
36ms Script
application/javascript 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/dist/local-nav.bundle.js?v=H5EAvcgg36VL9YlNem2MluTLuxMlk9bJlvUMgfeidv0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

1f9100bdc820dfa54bf5894d7a6d8c96e4cbbb132593d6c996f50c81f7a276fd

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-security-policy: img-src * data:
age: 544
x-powered-by: ASP.NET
last-modified: Wed, 01 May 2024 14:39:04 GMT
server: cloudflare
etag: "1da9bd550656008"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8888998a9c2e1c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 sendsafely.bundle.js Show response
www.bdo.com/dist/ 699 B
759 B 30ms
29ms Script
application/javascript 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/dist/sendsafely.bundle.js?v=JtI8y0gpQ_2EjZ1Lqot4AI7dtQaYasZKfVP55sU2v_w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

26d23ccb482943fd848d9d4baa8b78008eddb506986ac64a7d53f9e6c536bffc

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-security-policy: img-src * data:
age: 544
x-powered-by: ASP.NET
last-modified: Wed, 01 May 2024 14:39:04 GMT
server: cloudflare
etag: "1da9bd5506536bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8888998a9c301c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 SendSafelyDropzone.min.js Show response
app.sendsafely.com/js/external/ 15 KB
5 KB 900ms
604ms Script
text/javascript 3.214.207.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sendsafely.com/js/external/SendSafelyDropzone.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.214.207.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-207-123.compute-1.amazonaws.com

Software

Apache /

Resource Hash

ffd0ad0a2388a1b6c38a1d0a6302cc2c8e261f34597863656926ab9a4e9627d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 21 May 2024 15:21:18 GMT
server: Apache
x-permitted-cross-domain-policies: master-only
etag: "3dff-618f85e945780-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5060
x-xss-protection: 1; mode=block
service-worker-allowed: /

GET
H2 200 recaptcha-enterprise.bundle.js Show response
www.bdo.com/dist/ 18 KB
9 KB 49ms
48ms Script
application/javascript 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/dist/recaptcha-enterprise.bundle.js?v=nBKzBtmGGNvcHDJTyLxUTO9HBAOnJVC0v_hKzxQnYyc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9c12b306d98618dbdc1c3253c8bc544cef470403a72550b4bff84acf14276327

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-security-policy: img-src * data:
age: 544
x-powered-by: ASP.NET
last-modified: Wed, 01 May 2024 14:39:04 GMT
server: cloudflare
etag: "1da9bd550657de2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8888998a9c311c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 utm-cookies.bundle.js Show response
www.bdo.com/dist/ 5 KB
3 KB 52ms
51ms Script
application/javascript 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/dist/utm-cookies.bundle.js?v=-Wz5NWD0iYKnnWX5BJZ1yo3qJBcDVQK5swD2UNRmxRw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f96cf93560f48982a79d65f9049675ca8dea2417035502b9b300f650d466c51c

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-security-policy: img-src * data:
age: 5702
x-powered-by: ASP.NET
last-modified: Wed, 01 May 2024 14:39:04 GMT
server: cloudflare
etag: "1da9bd550652628"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8888998a9c321c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 conversionlogger.js Show response
www.bdo.com/kentico.resource/abtest/kenticoabtestlogger/en-us/ 343 B
340 B 49ms
48ms Script
application/javascript 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/kentico.resource/abtest/kenticoabtestlogger/en-us/conversionlogger.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2265b24c6c664adb0a0e0b6aa4c48253baa63fea987e99f539b9d2817934540a

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: img-src * data:
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 22:40:28 GMT
server: cloudflare
age: 544
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 8888998a9c331c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
H2 200 logger.js Show response
www.bdo.com/kentico.resource/activities/kenticoactivitylogger/ 700 B
490 B 31ms
30ms Script
application/javascript 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/kentico.resource/activities/kenticoactivitylogger/logger.js?pageIdentifier=11379

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4bae8dae26000308521445864ba402549ed0093d8edbc4ef96ffc4a6a81ae1c9

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: img-src * data:
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 22:44:07 GMT
server: cloudflare
age: 325
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 8888998a9c341c19-FRA
expires: Fri, 24 May 2024 02:49:32 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 a.js Show response
cdn.calibermind.com/ 213 KB
59 KB 204ms
153ms Script
application/javascript 172.67.213.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calibermind.com/a.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0647d8975d5c92ea700e635befca523c5aac18754b8454d954909fe070e68cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7418
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Oct 2023 19:21:52 GMT
server: cloudflare
etag: W/"651dbb50-354c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I14%2BrQ7PMfreVLX1zSSkmuQXCHKd2b060RbyCXu%2FM4h4fnVeeaYbceByThEFgOxTqAHN%2BgnjVWIRDcF5zgH0kQyyNor4e%2B9qp9GAzikt0IkrnC%2BDX819LAE8zGgEWUMD8sybg7Fr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400, stale-if-error=3600
cf-ray: 8888998bcf391947-FRA
priority: u=3,i=?0

GET
H3 200 identifyEmail.latest.js Show response
cdn.calibermind.com/js/ 838 B
1005 B 188ms
149ms Script
application/javascript 172.67.213.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calibermind.com/js/identifyEmail.latest.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda851ced6071adcde40501c1c09e21fd48be1594567337f82711a6371b9779c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3072
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Oct 2023 19:24:01 GMT
server: cloudflare
etag: W/"651dbbd1-346"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ur274WtB342EiJ3f73WUOrkruX9f%2BaSlO24THYboHYLwdgh3IpOM6fsqrZ76GEXKUp%2BgNAGi4JvwsOc%2B7L8ADqSfpevKew9%2FcSnrhFr7R2cfQoaF2XGJoSRYugw2A%2BsCsBjit%2BZV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400, stale-if-error=3600
cf-ray: 8888998bcf3b1947-FRA
priority: u=3,i=?0

GET
H2 200 74z3vuwb7nuy.js Show response
js.driftt.com/include/1716504600000/ 221 KB
62 KB 493ms
332ms Script
application/javascript 13.227.219.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1716504600000/74z3vuwb7nuy.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-48.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7b54a059ccb33e9823af3f640e25038d5f5d816edf8dff3454f1904c91326b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: XYnjHdjtoHL3LHbO4aoVXXJc8JG50RFv
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 23 May 2024 22:49:33 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Wed, 22 May 2024 13:34:06 GMT
server: istio-envoy
etag: W/"7c4c8a7061350329f108e3f92f2b6acc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UP0Xp0NjlL62it-_HerZcYbuEsqQvgcMoE1uzeyA19IviuBqGYea3A==

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:15:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 May 2024 23:15:13 GMT

GET
H2 200 6494e482-3121-41ca-8766-cd379cbe9079.json Show response
cdn.cookielaw.org/consent/6494e482-3121-41ca-8766-cd379cbe9079/ 5 KB
2 KB 190ms
27ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6494e482-3121-41ca-8766-cd379cbe9079/6494e482-3121-41ca-8766-cd379cbe9079.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/6494e482-3121-41ca-8766-cd379cbe9079/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1345b697b0b26e85b0f35eb0993239b2ad7938e2a55c666f5e7d5b2bcc92a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10968
content-md5: khA1Z0H3tuS3P1Cd/Uemhw==
content-length: 1742
x-ms-lease-status: unlocked
last-modified: Thu, 23 May 2024 19:46:13 GMT
server: cloudflare
etag: 0x8DC7B6100E8B3BC
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ed771c8d-901e-0005-6d49-adb516000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8888998c0eb830fa-FRA
expires: Fri, 24 May 2024 22:49:32 GMT

GET
H2 200 adsct
t.co/i/ 43 B
205 B 361ms
201ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=ffa4aa54-71bd-4763-b0c5-f37ff86c0a67&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0fxp&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 194
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0b63963a62842f2b
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: ef9c035fd131699c5ea8ae353b7ad418f3b9a6724c2cfec2b6bea26b16169f00
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 274ms
114ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=ffa4aa54-71bd-4763-b0c5-f37ff86c0a67&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0fxp&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 107
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 479f7b67ed93b7db
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: bb552b006152db49d4c0f1f243e26e0916e4c72162e0f3dc6f92941e35b88fcd
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
202 B 340ms
180ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=612e6ddb-a369-4ff2-ba3c-5f5d9de29f9c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0z2u&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 172
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 1c39bfaf0ef106b2
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: ef9c035fd131699c5ea8ae353b7ad418f3b9a6724c2cfec2b6bea26b16169f00
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 352ms
194ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=612e6ddb-a369-4ff2-ba3c-5f5d9de29f9c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0z2u&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 186
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: d2595a081baf84a3
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: bb552b006152db49d4c0f1f243e26e0916e4c72162e0f3dc6f92941e35b88fcd
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
205 B 338ms
181ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=2442c1e8-46f3-4aca-a1e9-d86d8d04a556&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0z2w&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 173
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2460f3c68733087b
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: ef9c035fd131699c5ea8ae353b7ad418f3b9a6724c2cfec2b6bea26b16169f00
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 147ms
120ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=2442c1e8-46f3-4aca-a1e9-d86d8d04a556&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0z2w&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 110
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 6968475f53fa0da5
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: bb552b006152db49d4c0f1f243e26e0916e4c72162e0f3dc6f92941e35b88fcd
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
205 B 191ms
182ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=0a643199-12fa-44f4-98f8-7b43a9c63be8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o139e&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 175
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 043728d5342031fc
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: ef9c035fd131699c5ea8ae353b7ad418f3b9a6724c2cfec2b6bea26b16169f00
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 119ms
118ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=0a643199-12fa-44f4-98f8-7b43a9c63be8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o139e&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 105
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: af894a597ed60d8d
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: bb552b006152db49d4c0f1f243e26e0916e4c72162e0f3dc6f92941e35b88fcd
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
376 B 122ms
121ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=c908db3f-b165-4b16-b1c9-ca847a36c007&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o27h4&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 109
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 093d938befc8c7e0
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: ef9c035fd131699c5ea8ae353b7ad418f3b9a6724c2cfec2b6bea26b16169f00
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 125ms
125ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=c908db3f-b165-4b16-b1c9-ca847a36c007&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o27h4&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 111
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 8f84b1eb473407aa
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: bb552b006152db49d4c0f1f243e26e0916e4c72162e0f3dc6f92941e35b88fcd
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
203 B 123ms
122ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6fa0cc69-2208-42ed-b872-0c3a7685d41c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2bd9&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 110
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c625eb14295798ec
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: ef9c035fd131699c5ea8ae353b7ad418f3b9a6724c2cfec2b6bea26b16169f00
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
211 B 125ms
124ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6fa0cc69-2208-42ed-b872-0c3a7685d41c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2bd9&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 110
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: ff6f24da30f828ad
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: bb552b006152db49d4c0f1f243e26e0916e4c72162e0f3dc6f92941e35b88fcd
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
200 B 124ms
123ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=5e26818a-5aa6-4480-8fe9-547b360a8038&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o20it&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 110
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a5327ccc62446941
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: ef9c035fd131699c5ea8ae353b7ad418f3b9a6724c2cfec2b6bea26b16169f00
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 117ms
117ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=5e26818a-5aa6-4480-8fe9-547b360a8038&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o20it&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 103
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 6252ea0d354a2049
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: bb552b006152db49d4c0f1f243e26e0916e4c72162e0f3dc6f92941e35b88fcd
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
205 B 188ms
187ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=5d698fa0-e0c2-4b59-a8f1-f5883a2f0483&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0z2t&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 179
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2bb6649b1fa7e72e
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: ef9c035fd131699c5ea8ae353b7ad418f3b9a6724c2cfec2b6bea26b16169f00
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
214 B 133ms
133ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=5d698fa0-e0c2-4b59-a8f1-f5883a2f0483&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f7725426-eec2-42e4-9f42-0c8080850b68&tw_document_href=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0z2t&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 116
date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a71e5a26e2c4dd08
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: bb552b006152db49d4c0f1f243e26e0916e4c72162e0f3dc6f92941e35b88fcd
content-length: 43

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 139ms
139ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1140752372&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&ul=de-de&de=UTF-8&dt=Are%20Sanctions%20and%20Export%20Controls%20the%20New%20FCPA%3F%20%7C%20BDO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACAAjBAAAACAAI~&jid=1378822723&gjid=240548312&cid=1745471482.1716504573&tid=UA-12945834-1&_gid=1369679079.1716504573&_r=1&_slc=1&gtm=45He45m0n815HMTPX3v76253963za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=505715645

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 May 2024 22:49:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bdo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www.bdo.com.json Show response
script.crazyegg.com/pages/data-scripts/0011/7620/site/ 8 KB
2 KB 135ms
26ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0011/7620/site/www.bdo.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0011/7620.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1f06541d1aec8d0a44787b2a0c28dfc1f5db63fb7313bbdf7849569197ad43

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 325
ce-version: 11.5.214
content-length: 2145
last-modified: Thu, 23 May 2024 22:44:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8888998c0bd4bbf8-FRA

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 10ms
9ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 22:49:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sat, 31 Aug 2024 22:49:32 GMT

GET
H2 200 554931514952334 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/554931514952334?v=2.9.156&r=stable&domain=www.bdo.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

978a68265771e9e88eb187dc4bd9423af3bf55e75b7c5f5c29acaca50b54a271

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 May 2024 22:49:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14122
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=1, c=36, mss=1294, tbw=63367, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: zQn0LvUtFnGGmCCDhG2yAGRy95OlWneuehS8OOYfrt9jn6F2Lq1u/j2qZus+NjlEw82TUrbhCo8TdwLSqcyheg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 55ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EGTR7RN261&gtm=45je45m0v882960778z876253963za200zb76253963&_p=1716504572420&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1745471482.1716504573&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716504572&sct=1&seg=0&dl=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&dt=Are%20Sanctions%20and%20Export%20Controls%20the%20New%20FCPA%3F%20%7C%20BDO&en=page_view&_fv=1&_ss=1&tfd=2839
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EGTR7RN261&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 22:49:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bdo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 26ms
25ms Ping
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EGTR7RN261&cid=1745471482.1716504573&gtm=45je45m0v882960778z876253963za200zb76253963&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EGTR7RN261&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 22:49:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bdo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 33ms
17ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EGTR7RN261&cid=1745471482.1716504573&gtm=45je45m0v882960778z876253963za200zb76253963&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1061054358

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 22:49:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
343 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-12945834-1&cid=1745471482.1716504573&jid=1378822723&gjid=240548312&_gid=1369679079.1716504573&npa=1&_u=aGBACAAiBAAAACAAI~&z=1923413341

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 May 2024 22:49:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bdo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 7ms
7ms Stylesheet
text/css 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 0d47dbbac748871e5314dc3f196d618bd32e3f102be480b8dc6fdfe2690d676e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-664
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Mon, 15 Apr 2024 18:02:32 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"661d6bb8-2644"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 431c9c7496e59bcf4b86d42bc5a0c6c4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 98191 Show response
api.omappapi.com/v2/embed/ 131 KB
21 KB 222ms
201ms XHR
application/json 2606:4700:3108::ac42:2af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/98191?d=bdo.com
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dea1782dae49ebbbe472200475fbb5a596abe0fa08d55906aabc85b44524acf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: gzip
via: 1.1 9b253b6508bd634345864697c48abb50.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-cache-config: 0 0
x-amz-cf-pop: FRA60-P10
x-cache-status: HIT
x-cache: Miss from cloudfront
x-optinmonster-account: 109597
x-user-agent: standard--
last-modified: Tue, 21 May 2024 17:11:44 GMT
server: cloudflare
etag: W/"95d262a6f8736f6db43426b46844a32d"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
cf-ray: 8888998c4f4c9162-FRA
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: YaaRTALzuAgnBbLRec6WTV_LvLOIHMwCXb6pp-qPJ-HtHvKkUrHmKw==
expires: Thu, 23 May 2024 22:36:11 GMT

POST
H2 200 log Show response
www.bdo.com/kentico.abtest/pagevisitconversionlogger/ 0
831 B 152ms
152ms XHR
text/plain 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/kentico.abtest/pagevisitconversionlogger/log

Requested by

Host: www.bdo.com
URL: https://www.bdo.com/kentico.resource/abtest/kenticoabtestlogger/en-us/conversionlogger.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy: img-src * data:
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=8Kx8w7ElM9KdjeoxzLKd4etiH0efmagQhJLfHZ18fMw-1716504572-1.0.1.1-ZOqylPzu3pUWb.y.XjywmvjNn3J9r1dmumLDnw28YkCw3B9DRYcrft_fYwTztrUuoeKUlSSXx4_XqxnP1_uTCsID6C8X44SsGzNd59dUMw4F0EYHnGHvAimBjxQxZk0EP5..DPh7DJz6hrAkFpuQQQ"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: text/plain
access-control-allow-origin: https://www.bdo.com
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=8Kx8w7ElM9KdjeoxzLKd4etiH0efmagQhJLfHZ18fMw-1716504572-1.0.1.1-ZOqylPzu3pUWb.y.XjywmvjNn3J9r1dmumLDnw28YkCw3B9DRYcrft_fYwTztrUuoeKUlSSXx4_XqxnP1_uTCsID6C8X44SsGzNd59dUMw4F0EYHnGHvAimBjxQxZk0EP5..DPh7DJz6hrAkFpuQQQ; report-to cf-csp-endpoint
cf-ray: 8888998c2d9e1c19-FRA

POST
H2 200 log Show response
www.bdo.com/kentico.activities/kenticoactivitylogger/ 0
351 B 494ms
493ms XHR
text/plain 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/kentico.activities/kenticoactivitylogger/log

Requested by

Host: www.bdo.com
URL: https://www.bdo.com/kentico.resource/activities/kenticoactivitylogger/logger.js?pageIdentifier=11379

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy: img-src * data:
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.bdo.com
cf-ray: 8888998c2d9f1c19-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/ 526 KB
209 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LcK1iEhAAAAAOUWpJHl7ErErYeZfEEKKJKAXCDk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4689d94dc41ea32f15bc7f216bf276e4cc0dd5125057ecd3d793b4d1daee8a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 213445
x-xss-protection: 0
last-modified: Mon, 20 May 2024 04:00:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 May 2025 22:49:26 GMT

GET
H2 200 e5507cc921bdb5250cc380247d78c91a.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 95 KB
31 KB 21ms
20ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0011/7620.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fce3dd79f6439614bd0067fdb4747883bb1a414133f1d33cc75c3f43afdeb4f9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 May 2024 17:35:00 GMT
server: cloudflare
age: 117035
cf-polished: origSize=97322
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 8888998c48859f33-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 58ms
40ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/6494e482-3121-41ca-8766-cd379cbe9079/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept: application/json
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8888998c6b5d71b8-FRA
access-control-allow-headers: Content-Type

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 52ms
17ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=554931514952334&ev=PageView&dl=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&rl=&if=false&ts=1716504572854&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716504572853.1193729484&cs_est=true&ler=empty&cdl=API_unavailable&it=1716504572784&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1294, tbw=2793, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 May 2024 22:49:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 214ms
179ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=554931514952334&ev=PageView&dl=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&rl=&if=false&ts=1716504572854&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716504572853.1193729484&cs_est=true&ler=empty&cdl=API_unavailable&it=1716504572784&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x65aee893a927d4ac","source_keys":["1","2"]},{"key_piece":"0x7d17cc01c019cfb0","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 23 May 2024 22:49:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=12, mss=1294, tbw=3110, tp=-1, tpl=-1, uplat=171, ullat=0
pragma: no-cache
x-fb-debug: LYlIzIUZf9Rwx7OFEt3UjDF6rUi2G75OAVnmyH1q1gogzV4WGY8dw+M2PmzGYIE4Q8VY4JkKFI3VrbpGF1Q9Mw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/23e139/00000000000000007735e605/30/ 16 KB
17 KB 7ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/23e139/00000000000000007735e605/30/l?subset_id=2&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yvu8ahf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 58dc2f9ecbfa85accf8b5b67e283ba5b32fafc4769e6244a271ebb80d8a2efcf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://use.typekit.net/yvu8ahf.css
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
server: nginx
etag: "e14b3e1c538ef57e7a1dbd33c45600ad6ff14122"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16720

POST
H/1.1 200
OK visitWebPage
116-edp-270.mktoresp.com/webevents/ 2 B
318 B 854ms
154ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://116-edp-270.mktoresp.com/webevents/visitWebPage?_mchNc=1716504572877&_mchCn=&_mchId=116-EDP-270&_mchTk=_mch-bdo.com-1716504572877-26850&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&_mchWs=j1RQ&_mchHo=www.bdo.com&_mchPo=&_mchRu=%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_medium%3DEmail__-__utm_source%3DOutlook__-__utm_campaign%3DForensicsInvestigations__-__utm_content%3DAdvisory__-__utm_term%3D6468__-__mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 22:49:33 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 2bd53823-6e7b-4b77-bbc9-2c72de05cca3

POST
H3 200 p Show response
e.calibermind.com/v1/ 16 B
597 B 384ms
357ms Fetch
application/json 172.67.213.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://e.calibermind.com/v1/p

Requested by

Host: cdn.calibermind.com
URL: https://cdn.calibermind.com/a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 16
x-request-id: 8cdf4e2a-4ae2-49ef-8247-6cae8215b29a
server: cloudflare
access-control-max-age: 900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r1eVTLw4eHed%2Bn1hddO8yMLkNZ%2B1BUZTX7sF%2F5Er%2B9MIeFZOpIao74XZvZ4bcnuOWtX4GwuIg7cAWsq8DCBTPXkTQP564x%2FLjVDRXxv8AyjI%2F99utNlQvsrgIFUrnzRDJSgVAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8888998cbcba1907-FRA
access-control-allow-headers: Content-Type,Authorization
priority: u=1,i

GET
H2 200 www.bdo.com.json Show response
script.crazyegg.com/pages/data-scripts/0011/7620/sampling/ 150 B
208 B 22ms
22ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0011/7620/sampling/www.bdo.com.json?t=476806
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95767f9dca6f2d36a3a85b7bcdf52f61482214c6cf66e783f7cbb8caa74d5553

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 325
ce-version: 11.5.214
content-length: 143
last-modified: Thu, 23 May 2024 22:44:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8888998cac84bbf8-FRA

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/ 450 KB
109 KB 17ms
17ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/6494e482-3121-41ca-8766-cd379cbe9079/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1efbc0b6cbcc4cd357af84f294673258064a1d7cd74dcbd46c49d4a06fddcb9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 May 2024 22:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pbkzFb84/2JLGlYwK3wr3Q==
age: 53664
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 111556
x-ms-lease-status: unlocked
last-modified: Thu, 23 May 2024 02:34:22 GMT
server: cloudflare
etag: 0x8DC7AD0DAF0E6CF
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c87f7724-501e-0075-2bd7-acc6d2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8888998cafc84d6e-FRA

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
463 B 66ms
7ms XHR
application/json 54.230.228.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-49.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Sep 2023 01:43:28 GMT
via: 1.1 e876a7ec501bf47e275a943cac96c3fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 21330366
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: OPHR4iXLxIckrsBWi_oMb1VEGzMg_rONWZNwQRngaM4NDuFztW04Vg==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
461 B 38ms
7ms XHR
application/json 54.230.228.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Dec 2023 01:23:29 GMT
via: 1.1 4b3ef7616dbf62f98d54524f0218face.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 13469164
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: bHh8p3KUks6j6yPf_52cupZQKOhhP_L74hsi--p1AG-AsqptiiXy2w==

GET
BLOB 200
OK d25aaf55-8096-4290-be3a-9104a9dcec58
https://www.bdo.com/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bdo.com/d25aaf55-8096-4290-be3a-9104a9dcec58
Requested by: Host: www.bdo.com
URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame A2CA 0
0 42ms
29ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcK1iEhAAAAAOUWpJHl7ErErYeZfEEKKJKAXCDk&co=aHR0cHM6Ly93d3cuYmRvLmNvbTo0NDM.&hl=de&v=joHA60MeME-PNviL59xVH9zs&size=invisible&cb=qbe28fz39q21

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rw9AgSllbfv1KelAHVsJVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rw9AgSllbfv1KelAHVsJVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 May 2024 22:49:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6494e482-3121-41ca-8766-cd379cbe9079/018fa539-7f15-7e12-8e3a-afbdfdfd1e3e/ 90 KB
18 KB 29ms
29ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6494e482-3121-41ca-8766-cd379cbe9079/018fa539-7f15-7e12-8e3a-afbdfdfd1e3e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5caf31d45e80b79d40379e266462a3619908ef95588aef07c36d115b24e8bda7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10969
content-md5: hLKjpEExsodcKUiBjFZAeg==
content-length: 17939
x-ms-lease-status: unlocked
last-modified: Thu, 23 May 2024 19:46:21 GMT
server: cloudflare
etag: 0x8DC7B610590028D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 94e395e3-401e-000c-6549-adaf98000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8888998d884b30fa-FRA
expires: Fri, 24 May 2024 22:49:33 GMT

GET
H2 200 5.ad5ae419.min.js Show response
a.omappapi.com/app/js/ 16 KB
6 KB 8ms
8ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/5.ad5ae419.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 5fd85023d4b7e68daa580930db825421c34ce8a005748eca44c2396922b2402e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Tue, 12 Mar 2024 17:21:07 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 750
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65f08f03-418b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 04d39089cfae36d0bfdf9bbb6dc326f6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 clock Show response
tracking.crazyegg.com/ 36 B
144 B 118ms
49ms XHR
text/plain 54.171.19.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1716504573069&tk=1238ca6d9effc81c624a1bea543dd5da&s=183532&p=%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa&u=117620&v=e340917e460c49ea5d48c74f88cdac5f95267e8e&f=bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa&ul=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.19.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-19-13.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 4e9307cd21bd5b563a00e0ec47bac283388d882aa58d4e9ddb22dc3ef407eb13

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 23 May 2024 22:49:33 GMT
cache-control: no-store
server: awselb/2.0
content-length: 36
content-type: text/plain

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/assets/ 10 KB
3 KB 20ms
20ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5tfs05yjQMzlUuVW6hLHww==
age: 10969
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2627
x-ms-lease-status: unlocked
last-modified: Thu, 23 May 2024 06:07:29 GMT
server: cloudflare
etag: 0x8DC7AEEA0AA78E0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 56d27695-b01e-003b-6e07-ad0337000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8888998dd87530fa-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/assets/v2/ 62 KB
13 KB 18ms
18ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3acd5c9271c2cd33f5135df43ae4c574e4d524282e5322137b77cdb4a5524bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kHs66ktJMW9DAuolrRZTDA==
age: 10969
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12755
x-ms-lease-status: unlocked
last-modified: Thu, 23 May 2024 06:07:30 GMT
server: cloudflare
etag: 0x8DC7AEEA10869BA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c9216133-501e-0075-6b07-adc6d2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8888998dd87630fa-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/assets/ 24 KB
4 KB 21ms
21ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 May 2024 22:49:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 9eusssrwoAzVOVsIadvhfQ==
age: 9290
x-ms-lease-status: unlocked
last-modified: Thu, 23 May 2024 06:07:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 3f885f5e-e01e-00a0-7107-ad8e0f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8888998dd87830fa-FRA

GET
H2 200 4.d8754c5b.min.js Show response
a.omappapi.com/app/js/ 48 KB
14 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/4.d8754c5b.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 0419af108684c7be468d5b2e8813d0f8c6a8dfe6e903f321fb5fb94b538f3f41

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1079
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Thu, 11 Apr 2024 22:05:28 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 382
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"66185ea8-c05a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 75120e03eaa6fc6950df769ae573d03e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 25.b7fe6deb.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/25.b7fe6deb.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 616ca4f301dd5a066c2f6f188adfb74659bce3ef8f5eab324578a0fd0e98bf18

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-679
cdn-cachedat: 05/23/2024 18:47:18
cdn-pullzone: 293267
last-modified: Tue, 12 Mar 2024 17:02:35 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 382
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65f08aab-d0a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 466b1f4384e75db06cb1a52a06ddfecb
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 20.41293cba.min.js Show response
a.omappapi.com/app/js/ 4 KB
2 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/20.41293cba.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 9f4951170f17592fd277fcf1fb466699c0c6b653648f48e75f7b9be459eb68fb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-664
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Tue, 12 Mar 2024 17:02:36 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 750
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65f08aac-1062"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 4ba8b722c2403fc74fd83598bf21ba09
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 13.e8c894f8.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/13.e8c894f8.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 0ba898ffa07be7a7bbf859950bfa5c8214829033187f04ea071f09f917066ff1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-661
cdn-cachedat: 05/23/2024 18:47:18
cdn-pullzone: 293267
last-modified: Fri, 12 Apr 2024 21:36:10 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 750
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6619a94a-ac2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 388823433c03d7ad9a50f7107dfd3ae6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
624 B 27ms
26ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 May 2024 22:49:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 26129
x-ms-lease-status: unlocked
last-modified: Thu, 23 May 2024 02:34:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 7b1b8c58-901e-00a4-69c0-ac7b8d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8888998e18f84d6e-FRA

GET
H2 200 l
use.typekit.net/af/78aca8/00000000000000007735e60d/30/ 16 KB
17 KB 15ms
15ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?subset_id=2&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yvu8ahf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5c9f600b175a870a39e534669ba425e642b0e3b79946273b04f36278fb14c89d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://use.typekit.net/yvu8ahf.css
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
server: nginx
etag: "f7ba7c34d63f92790ab459c7b134839b4c87ad09"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16744

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 35ms
35ms Fetch
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 May 2024 22:49:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 82687
x-ms-lease-status: unlocked
last-modified: Wed, 22 May 2024 06:33:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 0f5dcfaf-601e-0093-1d54-acd722000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8888998e18a730fa-FRA

GET
H2 200 bdo-usa_logo_color_low-res_120x60_jpg.jpg
cdn.cookielaw.org/logos/71029cbf-63c9-4f27-8dcf-bb2c0437b446/3c1f9fda-0a23-4e6a-9319-27d9aa2229e8/c2757630-0fee-4438-8cd0-a104cd48df4a/ 10 KB
10 KB 33ms
33ms Image
image/jpeg 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/71029cbf-63c9-4f27-8dcf-bb2c0437b446/3c1f9fda-0a23-4e6a-9319-27d9aa2229e8/c2757630-0fee-4438-8cd0-a104cd48df4a/bdo-usa_logo_color_low-res_120x60_jpg.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f750058960e669eabe8d8566e64df216a607d878b853314f9bf0f7e77a4b0f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 May 2024 22:49:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ZgrB4dyUXDToQ0EHld+bqQ==
age: 30241
content-length: 10053
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Tue, 13 Dec 2022 16:37:39 GMT
server: cloudflare
etag: 0x8DADD28595AFA14
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 41c25308-501e-006f-19e6-1d3370000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8888998e19054d6e-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 32ms
32ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 May 2024 22:49:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 81090
x-ms-lease-status: unlocked
last-modified: Wed, 22 May 2024 06:33:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f0eb4628-d01e-008a-3c7b-acfb4a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8888998e19074d6e-FRA

GET
H2 200 19.b4e5b44b.min.js Show response
a.omappapi.com/app/js/ 4 KB
3 KB 15ms
15ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/19.b4e5b44b.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 753fb193306c662fa5918a839c29e6ac2aa6f6bc9067897914f7f88cb0b7b13a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1079
perma-cache: HIT
cdn-storageserver: DE-661
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Tue, 12 Mar 2024 17:02:36 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 750
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65f08aac-10b0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: fcadda641b2071ed8b89fdbe4d6c0b10
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 27.b5b10bd4.min.js Show response
a.omappapi.com/app/js/ 6 KB
3 KB 16ms
16ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/27.b5b10bd4.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 76e0cb78cc3495b6f1d43ce22fcd3b86eb896c36449130fa6f57d5d78d24f326

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1079
perma-cache: HIT
cdn-storageserver: DE-663
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Fri, 12 Apr 2024 21:36:07 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6619a947-1991"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 7419ba1edd9f0790c6d42ddef596e5c6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 32.b9065693.min.js Show response
a.omappapi.com/app/js/ 11 KB
5 KB 24ms
24ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/32.b9065693.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:33 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f25-2c41"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 94411f14889c37d0390842e15e76ea86
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.d6ea746c.min.js Show response
a.omappapi.com/app/js/ 33 KB
10 KB 20ms
20ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/10.d6ea746c.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: dd46cd5b40060d4af54ab1826b49823e50e5765743b99854f649cd3328df54fd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Tue, 12 Mar 2024 17:10:35 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65f08c8b-8515"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 30096766921b0b72b434c3225cf1309f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.3271ac0a.min.js Show response
a.omappapi.com/app/js/ 7 KB
3 KB 16ms
16ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/0.3271ac0a.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 7ce730c88c3e9b94213f122d60df45837854975bb99a738f5a1c6890dd897fa5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Tue, 12 Mar 2024 17:10:35 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65f08c8b-1d49"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: ecf4fe404584fc5f625c3645398ce7b9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.09463684.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 17ms
17ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/9.09463684.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 85ac85413190c43521f591c1a6396da00ca53691e1f5efa474b98eb19355864e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1079
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Tue, 12 Mar 2024 17:10:35 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65f08c8b-879"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 1c188727125e11f1a78b9cc4b7fc6c84
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 11.f24aae20.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 18ms
18ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/11.f24aae20.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: a8e8b78aa3a03c4da90595ae6701a7354f96b39eb7c2bfe8d48eea3c598a900e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Tue, 12 Mar 2024 17:02:35 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65f08aab-a40"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f86e81c683c94e36be3d78736c0d10df
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 28.b1a68bf1.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 19ms
18ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/28.b1a68bf1.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 7145f523095f6104f82d9dbd26409181378e073eecfa04beec262ae8e99fc02f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-664
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Tue, 12 Mar 2024 17:10:35 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65f08c8b-d7b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 5c7d3d8fcda91f12049b11d9e7fcb7ad
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 26.ece538f7.min.js Show response
a.omappapi.com/app/js/ 2 KB
1 KB 22ms
22ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/26.ece538f7.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 40f5fcdf443b5777b6c40b7bcfb16ffb819fb166c7fb03dc4d3051f298b3a0c5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Tue, 12 Mar 2024 17:10:35 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65f08c8b-6b6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 0ae5f7903ebe1dfc46f4c7e9b6405d68
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 16.f8b2cea4.min.js Show response
a.omappapi.com/app/js/ 1 KB
1 KB 21ms
21ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/16.f8b2cea4.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: a6117ff5cc0820717586d0f2ca8695cad42bf4194bcd64bcfb089c868dd9f292

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-661
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Tue, 12 Mar 2024 17:10:35 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65f08c8b-51f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f3a98c787f3e26e18f8db6a355da4410
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.b1faf420.min.js Show response
a.omappapi.com/app/js/ 11 KB
3 KB 29ms
29ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/1.b1faf420.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 8bea43a9ea37aa3cb1e00bdb138fb4d55b2f3b469914a3e6920b77d1eb114954

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Mon, 15 Apr 2024 18:01:20 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 750
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"661d6b70-2b87"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: e97e0bda258aacd256f623e45b647020
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.40afa0f2.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 30ms
30ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/21.40afa0f2.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: dc5d4b967ffff9726af04edc42a6fd8c0d270e5d3cf4585ce67ddb2e63848935

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1079
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 05/23/2024 18:47:17
cdn-pullzone: 293267
last-modified: Tue, 12 Mar 2024 17:02:36 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 750
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65f08aac-81f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 15b2003fac94b68c1231b11dcd2e7d71
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 7.f43e8452.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 32ms
32ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/7.f43e8452.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 17fd7c48777dae1911a79c32f97e9e4bd20b54ff18b775a53f60467b77587ce2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-383
cdn-cachedat: 05/23/2024 18:47:18
cdn-pullzone: 293267
last-modified: Tue, 12 Mar 2024 17:02:35 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 382
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65f08aab-d6a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 63a82441a6d5bc71d3394c5489db5834
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
BLOB 200
OK 17763326-487e-43d3-815b-ee8c9decd4b0
https://www.bdo.com/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bdo.com/17763326-487e-43d3-815b-ee8c9decd4b0
Requested by: Host: www.bdo.com
URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 275154b0a4aeea0253e28402a34f5572b58fd5d34a0cb04b9ec335409ec9bb7f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
2 KB 43ms
20ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400&family=Montserrat%3Aital%2Cwght%400%2C400&display=swap

Requested by

Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/4.d8754c5b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdaa3f6aa427fd291288f7047c2fa837dee6a7c804ba465e5732ef6fbbf2ec41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 May 2024 22:49:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 May 2024 22:49:33 GMT

GET
H2 200 swatch
fast.wistia.com/embed/medias/tp23evf7s1/ 5 KB
5 KB 31ms
8ms Image
image/jpeg 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/tp23evf7s1/swatch

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5cd47fcefcd2e66dfa4f51a006eed4f38077351cd36dcdd768d3a0fc8d00c8ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
access-control-request-method: *
via: 1.1 8348c06ca24c7faf1ae00ad6facc20b2.cloudfront.net (CloudFront), 1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, IAD89-C3
age: 1311142
edge-cache-tag: 44805ef2dc4b88943998676d76fde4710b3db10d
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 29
content-disposition: inline
content-length: 4654
x-served-by: cache-iad-kcgs7200067-IAD, cache-fra-etou8220072-FRA
x-browser-version: 125
last-modified: Thu, 01 Apr 2021 15:42:33 UTC
server: envoy
x-timer: S1716504573.260336,VS0,VE1
etag: DvHmiv3sr7ejI6acwGDTHX18DVc=
content-type: image/jpeg
access-control-allow-origin: *,*
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: EJ3E0ozv3ToUVnOJ3EFl088hk4RSEZxhvI-qzaCYhVWNz50T9y_TQQ==
x-cache-hits: 9610, 0

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 32ms
11ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400&family=Montserrat%3Aital%2Cwght%400%2C400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:53:03 GMT
x-content-type-options: nosniff
age: 71790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:53:03 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 29ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400&family=Montserrat%3Aital%2Cwght%400%2C400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.bdo.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 19:28:44 GMT
x-content-type-options: nosniff
age: 98449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14940
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 May 2025 19:28:44 GMT

GET
H2 200 core
js.driftt.com/ Frame CDCE 0
0 134ms
109ms Document
text/html 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=74z3vuwb7nuy&eId=74z3vuwb7nuy&region=US&forceShow=false&skipCampaigns=false&sessionId=2030efb9-3514-4aa8-a387-20359bb7c20d&sessionStarted=1716504573.482&campaignRefreshToken=3f19c033-a83f-40ca-be84-638186c6e2b3&hideController=false&pageLoadStartTime=1716504572541&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1716504600000/74z3vuwb7nuy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 23 May 2024 22:49:33 GMT
etag: W/"994158c9401b7ef401678606fe49ef49"
last-modified: Wed, 22 May 2024 13:33:49 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 edd6d90087c4f2b49e182778a2273adc.cloudfront.net (CloudFront)
x-amz-cf-id: bPEp-UdKU6WWdJm-de7lb6Sf2lBw0DWrtdq_D1RvsLWKNtEFZLceWw==
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: i.vF5EvXCF8G43FXFwL_TDmTZbh53d6C
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 17

GET
H2 200 chat
js.driftt.com/core/ Frame 997B 0
0 131ms
108ms Document
text/html 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1716504572541

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1716504600000/74z3vuwb7nuy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 23 May 2024 22:49:33 GMT
etag: W/"994158c9401b7ef401678606fe49ef49"
last-modified: Wed, 22 May 2024 13:33:49 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 edd6d90087c4f2b49e182778a2273adc.cloudfront.net (CloudFront)
x-amz-cf-id: SeJrKOUPZI3g5b90BaFPxrn_UFm_PUr4Iojv7uvEefp71EsG5YbG3A==
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: i.vF5EvXCF8G43FXFwL_TDmTZbh53d6C
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 22

GET
H3 200 siteanalyze_2393.js Show response
siteimproveanalytics.com/js/ 14 KB
6 KB 39ms
27ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_2393.js
Requested by: Host: www.bdo.com
URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21c716afb8ba391f500165e86bed722c2c40ab2a37e3e436df6ec7fe91bc8348

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 99N7KHB0M6762CM6
age: 2963
alt-svc: h3=":443"; ma=86400
content-length: 5126
x-amz-id-2: rYWOswCFfMqA3FGu09AWKEyZJv9iAFM6Mp2BFniDouiqM9m0y8GFx21ot8bb1wVywwg+vl/Qe9g=
last-modified: Mon, 16 May 2022 09:18:43 GMT
server: cloudflare
etag: "d76dc9f3fa07ad44062498c4aae20425"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eNQ%2BEieRcZ%2B8J%2B94ru4XlJ0Hp47NuewxACcBUjylRW%2F1fc3eXqnNcy1fXmfJ2EMSx1Zo4nuGSKFsGmCvcnfcogexw1r%2BUc1w3UoNkgnlDSUphXO1y24dMZO0gYNFBDWYz3TzsMrlzIROAmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 88889990784c8f41-FRA

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ 787 KB
134 KB 25ms
6ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7258a107f58b2305fb6f04c5f5f1ac8eae0daa7d6dacec9a88f2571307c80393

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:33 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 573
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 136564
x-served-by: cache-iad-kiad7000070-IAD, cache-fra-etou8220036-FRA
x-browser-version: 125
last-modified: Thu, 23 May 2024 18:39:15 GMT
server: AmazonS3
x-timer: S1716504574.518824,VS0,VE0
etag: "7d97fe78667873614e50ada9e24225ca"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 4aa0df7d54b202698699bee58540b7af85c80c92
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27, 9

GET
H2 200 image.aspx
2393.global.siteimproveanalytics.io/ 34 B
151 B 56ms
5ms Image
image/gif 18.159.167.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2393.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&title=Are%20Sanctions%20and%20Export%20Controls%20the%20New%20FCPA%3F%20%7C%20BDO&res=1600x1200&accountid=2393&rt=3645&prev=87016cf7-059c-7a02-f016-85a8f44ddaa8&luid=d05cbb0e-fea3-5172-3959-40c31c69aa70&rnd=42256
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.167.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-167-47.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
date: Thu, 23 May 2024 22:49:33 GMT
cache-control: max-age=0
content-length: 34
expires: Thu, 23 May 2024 22:49:33 UTC

GET
H2 200 favicon.ico
www.bdo.com/ 1 KB
392 B 483ms
482ms Other
image/x-icon 2606:4700:4400::ac40:91ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bdo.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2c842015f2d60d91654a5175eeb72a1feaab41caa9baae6f8a81dbcf71d5d845

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:49:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: img-src * data:
last-modified: Wed, 01 May 2024 14:32:44 GMT
server: cloudflare
cf-cache-status: REVALIDATED
content-encoding: gzip
etag: W/"1da9bd46de5cb7e"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=14400
cf-ray: 888899927a601c19-FRA
expires: Fri, 24 May 2024 02:49:34 GMT

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.engage.nortonrosefulbright.com/	1970-01-21 05:34:00	Name: vx-email-guid Value: d72ddd15-6967-4c54-b27d-630ec0c2008d
.nortonrosefulbright.vuturevx.com/	1970-01-21 05:34:00	Name: vx-email-guid Value: d72ddd15-6967-4c54-b27d-630ec0c2008d
www.bdo.com/	1969-12-31 23:59:59	Name: X-CSRF-TOKEN Value: CfDJ8PU6DrqcWPNCp6fnLc3R656g901yT4Ob1gqY7_0-tQVViHHmY-F5FMLJ9NHm0HyWvPNGTfH77XYObnk4cwPz7plXVMLqG3q1runvXGEc3fhemdfxkgCADcG0BGii6-tk7NxDqfOZRtzkShqbzt-CETw
.www.bdo.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 921fde596badeeac31f8017ab62e7761b901cce895773207dafa2a31a5236964
.www.bdo.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 921fde596badeeac31f8017ab62e7761b901cce895773207dafa2a31a5236964
.bdo.com/	1970-01-20 20:48:26	Name: __cf_bm Value: rDOc_G3xqRzs0yQ1z55CGjk06VUdryygomlir5CONSk-1716504572-1.0.1.1-0GvMnWeXl.zo7cQ1wtM7Tizs0RMvqIJ__pbkhR8OCLuOBzjVAUQaJiP9Fl8JkLTakYHl411UiOuLZdUeeEf8mA
.bdo.com/	1970-01-20 22:58:00	Name: _gcl_au Value: 1.1.388932036.1716504573
.bdo.com/	1970-01-20 20:49:50	Name: _gid Value: GA1.2.1369679079.1716504573
.bdo.com/	1970-01-20 20:48:24	Name: _gat_UA-12945834-1 Value: 1
.bdo.com/	1970-01-21 06:24:24	Name: _ga Value: GA1.1.1745471482.1716504573
www.bdo.com/	1970-01-21 06:24:24	Name: _omappvp Value: ICMqB7BY5H7j479CUBtyDOlrzAbsi8jAd5L381YedHj5Hjk0o08NViXOcIxN5NgHD0iKEBe8zbav6bpC4eq8vgsULTSA3rwM
www.bdo.com/	1970-01-20 20:48:25	Name: _omappvs Value: 1716504572823
.bdo.com/	1970-01-20 22:58:00	Name: _fbp Value: fb.1.1716504572853.1193729484
.bdo.com/	1970-01-21 05:34:00	Name: ajs_anonymous_id Value: 160e30ad-986b-42d6-9c7a-2c5b5c8c5f1c
.bdo.com/	1970-01-21 06:24:24	Name: _mkto_trk Value: id:116-EDP-270&token:_mch-bdo.com-1716504572877-26850
.bdo.com/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.bdo.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.twitter.com/	1970-01-21 06:24:24	Name: personalization_id Value: "v1_vc1Gpt6V7oclWBaCtTMPLw=="
.t.co/	1970-01-21 06:24:24	Name: muc_ads Value: 63f137d7-9e12-49d7-8f0c-9b6140817c10
.bdo.com/	1970-01-20 20:49:50	Name: _ce.clock_event Value: 1
.bdo.com/	1970-01-21 05:34:00	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+May+24+2024+00%3A49%3A33+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202405.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.bdo.com%2Fevents%2Fare-sanctions-and-export-controls-the-new-fcpa%3Futm_medium%3DEmail%26utm_source%3DOutlook%26utm_campaign%3DForensicsInvestigations%26utm_content%3DAdvisory%26utm_term%3D6468%26mkt_tok%3DMTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_&groups=C0001%3A1%2CC0003%3A1%2CSSPD_BG%3A0%2CC0004%3A0%2CC0002%3A0
.bdo.com/	1970-01-20 20:49:50	Name: _ce.clock_data Value: 44%2C81.95.5.36%2C1%2Cc92baae71318dc81de51a663df2f8b4f%2CChrome%2CDE
.bdo.com/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.bdo.com/	1970-01-21 05:34:00	Name: _ce.s Value: v~e340917e460c49ea5d48c74f88cdac5f95267e8e~lcw~1716504573215~lva~1716504572939~vpv~0~v11.fhb~1716504573212~v11.lhb~1716504573212~v11.cs~183532~v11.s~b8ec4af0-1956-11ef-aa33-fbf3eb9f7e8c~lcw~1716504573216
www.bdo.com/	1970-01-21 06:24:24	Name: CurrentContact Value: 49ed3cf1-572b-43b7-876d-3559970f8b08
www.bdo.com/	1970-01-20 20:48:25	Name: CMSLandingPageLoaded Value: true
www.bdo.com/	1970-01-20 20:48:26	Name: drift_campaign_refresh Value: 3f19c033-a83f-40ca-be84-638186c6e2b3
.bdo.com/	1970-01-21 05:34:00	Name: utm_medium_ft Value: Email
.bdo.com/	1969-12-31 23:59:59	Name: utm_medium Value: Email
.bdo.com/	1970-01-21 05:34:00	Name: utm_source_ft Value: Outlook
.bdo.com/	1969-12-31 23:59:59	Name: utm_source Value: Outlook
.bdo.com/	1970-01-21 05:34:00	Name: utm_campaign_ft Value: ForensicsInvestigations
.bdo.com/	1969-12-31 23:59:59	Name: utm_campaign Value: ForensicsInvestigations
.bdo.com/	1970-01-21 05:34:00	Name: utm_content_ft Value: Advisory
.bdo.com/	1969-12-31 23:59:59	Name: utm_content Value: Advisory
.bdo.com/	1970-01-21 05:34:00	Name: utm_term_ft Value: 6468
.bdo.com/	1969-12-31 23:59:59	Name: utm_term Value: 6468
.bdo.com/	1970-01-21 06:24:24	Name: _ga_EGTR7RN261 Value: GS1.1.1716504572.1.0.1716504573.59.0.0
.bdo.com/	1970-01-21 06:24:24	Name: nmstat Value: 87016cf7-059c-7a02-f016-85a8f44ddaa8
www.bdo.com/	1970-01-21 06:24:24	Name: drift_aid Value: c9cd828a-5f64-414b-8e46-6e647f58e7dc
www.bdo.com/	1970-01-21 06:24:24	Name: driftt_aid Value: c9cd828a-5f64-414b-8e46-6e647f58e7dc

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bdo.com/events/are-sanctions-and-export-controls-the-new-fcpa?utm_medium=Email&utm_source=Outlook&utm_campaign=ForensicsInvestigations&utm_content=Advisory&utm_term=6468&mkt_tok=MTE2LUVEUC0yNzAAAAGSgQHG_SF0EcJ_CoxqS37q2tkurzxJ4XC2mbnID5pdwkYm_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://js.driftt.com/include/1716504600000/74z3vuwb7nuy.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

116-edp-270.mktoresp.com
2393.global.siteimproveanalytics.io
a.omappapi.com
analytics.twitter.com
api.omappapi.com
app.sendsafely.com
assets-tracking.crazyegg.com
cdn.calibermind.com
cdn.cookielaw.org
connect.facebook.net
e.calibermind.com
engage.nortonrosefulbright.com
fast.wistia.com
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
js.driftt.com
munchkin.marketo.net
nortonrosefulbright.vuturevx.com
p.typekit.net
pagestates-tracking.crazyegg.com
region1.analytics.google.com
script.crazyegg.com
siteimproveanalytics.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tracking.crazyegg.com
use.typekit.net
www.bdo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.244.42.195
104.244.42.69
13.227.219.48
13.227.219.60
13.42.182.217
142.250.186.36
146.75.120.157
172.217.16.195
172.67.213.149
18.159.167.47
18.239.50.56
188.114.97.3
192.28.147.68
2001:4860:4802:34::36
2400:52e0:1e00::1079:1
2606:4700:3108::ac42:2af8
2606:4700:4400::ac40:91ea
2606:4700:4400::ac40:9b77
2606:4700::6813:9408
2606:4700::6813:b234
2a00:1450:4001:80f::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:830::200a
2a00:1450:400c:c0d::9c
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:400::644
2a04:4e42:600::644
3.214.207.123
54.171.19.13
54.230.228.27
54.230.228.49
88.221.60.75
0419af108684c7be468d5b2e8813d0f8c6a8dfe6e903f321fb5fb94b538f3f41
05d0e5d19e4b7c933d1f5ee5b25b5cf2d3fe3457a66b62691ddfa16a6033c220
09160d5464e4b0e3bfc3a0c8ba10a56f75c6426582b8f799f41e62024d165c08
0b46d66baaeb2bb16617e609ef881b151218c7a20a25a10c9065f396c74155a7
0b578f64835da3c6ac3e617280d4ba62f78fc2af4a98dc722e106319b270ec38
0ba898ffa07be7a7bbf859950bfa5c8214829033187f04ea071f09f917066ff1
0d47dbbac748871e5314dc3f196d618bd32e3f102be480b8dc6fdfe2690d676e
16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725
17fd7c48777dae1911a79c32f97e9e4bd20b54ff18b775a53f60467b77587ce2
19be36b532c3147a005317cbc940c69b7137c7980a462525055393d3cfd20b30
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1dea1782dae49ebbbe472200475fbb5a596abe0fa08d55906aabc85b44524acf
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1efbc0b6cbcc4cd357af84f294673258064a1d7cd74dcbd46c49d4a06fddcb9a
1f9100bdc820dfa54bf5894d7a6d8c96e4cbbb132593d6c996f50c81f7a276fd
21c716afb8ba391f500165e86bed722c2c40ab2a37e3e436df6ec7fe91bc8348
2265b24c6c664adb0a0e0b6aa4c48253baa63fea987e99f539b9d2817934540a
22d4f617b490200c3dd56cbeee5ac8b52ca77cfe3060142349d4b9e4eefeec9e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25a6614ce0317b0786d80606fd19be551ca740fa48af4f3a000cf6a0485c0ef1
26d23ccb482943fd848d9d4baa8b78008eddb506986ac64a7d53f9e6c536bffc
275154b0a4aeea0253e28402a34f5572b58fd5d34a0cb04b9ec335409ec9bb7f
2a85ef8beb60f11cbdfd74551269726156aa0b5d710dafe09cad5e999667a6b1
2c842015f2d60d91654a5175eeb72a1feaab41caa9baae6f8a81dbcf71d5d845
2da2d64555fd27795efed673cc7e46754b65dc50f2a80d467504edea93843e68
34018b7f6a222e7b1b32e1a916d117207fdb492b2ced65c84664014369e7500d
3acd5c9271c2cd33f5135df43ae4c574e4d524282e5322137b77cdb4a5524bb4
3adacad7e7f128965b4db0caf081934239acbdaabc7fdf96895e66ad103343aa
3bb06fc5aeada2f41bb37745fd380e446ed1428895c0ba0fd5b6bf7ca2fd68db
3c1f06541d1aec8d0a44787b2a0c28dfc1f5db63fb7313bbdf7849569197ad43
40d80a904882613dbdd56665b9dfbc844352e8eceaa7595a0aa612207e780ee0
40f5fcdf443b5777b6c40b7bcfb16ffb819fb166c7fb03dc4d3051f298b3a0c5
44c3d380521239fab1e3451a9be0858d5e1fb6dc867fe9940c41b9018bcf76be
44d91dc3c58e0b6d66040f8dc05a2a49dfa6957f8cfa8b6abe6185a147557cd3
4689d94dc41ea32f15bc7f216bf276e4cc0dd5125057ecd3d793b4d1daee8a4f
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4bae8dae26000308521445864ba402549ed0093d8edbc4ef96ffc4a6a81ae1c9
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e9307cd21bd5b563a00e0ec47bac283388d882aa58d4e9ddb22dc3ef407eb13
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
552107af5dd7d1881daa76698ed2240f82c8b32be06292875723e421c758e659
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58dc2f9ecbfa85accf8b5b67e283ba5b32fafc4769e6244a271ebb80d8a2efcf
5c9f600b175a870a39e534669ba425e642b0e3b79946273b04f36278fb14c89d
5caf31d45e80b79d40379e266462a3619908ef95588aef07c36d115b24e8bda7
5cd47fcefcd2e66dfa4f51a006eed4f38077351cd36dcdd768d3a0fc8d00c8ae
5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fd85023d4b7e68daa580930db825421c34ce8a005748eca44c2396922b2402e
616ca4f301dd5a066c2f6f188adfb74659bce3ef8f5eab324578a0fd0e98bf18
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70272122407a85b5102503f22930c4147bb4aec9480a083464d86051aab9f0c4
7145f523095f6104f82d9dbd26409181378e073eecfa04beec262ae8e99fc02f
7258a107f58b2305fb6f04c5f5f1ac8eae0daa7d6dacec9a88f2571307c80393
753fb193306c662fa5918a839c29e6ac2aa6f6bc9067897914f7f88cb0b7b13a
755f82e7a0f8a0c0ea3ed5806e77b6e4eb0a5e4b96d739f09602b51274e75461
76e0cb78cc3495b6f1d43ce22fcd3b86eb896c36449130fa6f57d5d78d24f326
7b54a059ccb33e9823af3f640e25038d5f5d816edf8dff3454f1904c91326b56
7ce730c88c3e9b94213f122d60df45837854975bb99a738f5a1c6890dd897fa5
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
844d9b8db160f0bcf5dd9ab5673ecdf57b99f23d7c772e0d964f2fd89f018a1f
84f192a848000ad2e3f62d43f5d160f03a81ce7d1a8286d483c990b519465509
85ac85413190c43521f591c1a6396da00ca53691e1f5efa474b98eb19355864e
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
8bea43a9ea37aa3cb1e00bdb138fb4d55b2f3b469914a3e6920b77d1eb114954
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93b706613333680032e16cf68c3474fab39ee0e7ba4e62f8f7a5404f40a132cd
95767f9dca6f2d36a3a85b7bcdf52f61482214c6cf66e783f7cbb8caa74d5553
96b34dac915bbf51919a34cafeb9a5cc578fcd8464a74ea878c04b4227ea1ceb
978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a
978a68265771e9e88eb187dc4bd9423af3bf55e75b7c5f5c29acaca50b54a271
98665ab290b270f369514abe3640ddd2efb63ad561aa336a4ed85c8008aae391
99142e3048ff980fa6ac618f8f99305efdf4bd1afa17aa842ae535a59716936d
9c12b306d98618dbdc1c3253c8bc544cef470403a72550b4bff84acf14276327
9e68a48da384399ceeff9848067071cd266d829ae02bd9ca97f3f5f3d6a9fa3c
9f4951170f17592fd277fcf1fb466699c0c6b653648f48e75f7b9be459eb68fb
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423
a6117ff5cc0820717586d0f2ca8695cad42bf4194bcd64bcfb089c868dd9f292
a74248b4bc5ce591888d507154626d15fe35b034169ef4a6f2457f137a6b9b53
a8e8b78aa3a03c4da90595ae6701a7354f96b39eb7c2bfe8d48eea3c598a900e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae7bac9985ca725c29251c2f9504ab95f70af0c75b7de4a63761437ec6725dda
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af75f516f4bd6bd68f526815c8e898760c627367aa4c3f65acaea62246702e17
b1345b697b0b26e85b0f35eb0993239b2ad7938e2a55c666f5e7d5b2bcc92a52
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c322d6f6575c7b4d8b34cb1254b601f377da86ef7600988f0d2fd585508fe070
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7
c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca27c127f9ffe7a47097c3079edcbd140dddd091fb75b11cb51268e65ddd4432
cda851ced6071adcde40501c1c09e21fd48be1594567337f82711a6371b9779c
cdaa3f6aa427fd291288f7047c2fa837dee6a7c804ba465e5732ef6fbbf2ec41
d0647d8975d5c92ea700e635befca523c5aac18754b8454d954909fe070e68cc
dc1d2a36aa4a42bebe82616956c7aeceb8495d79a5ac1bea63af4bea96e85841
dc5d4b967ffff9726af04edc42a6fd8c0d270e5d3cf4585ce67ddb2e63848935
dd46cd5b40060d4af54ab1826b49823e50e5765743b99854f649cd3328df54fd
ddfb8f8d286d8ba21872dcf0cb1b0e0510e07136b40a45ce95f30e7c580ff2cc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2075dacbcf097ebf6ca41703bc5d835515a440e994e3b48a824c4613c671337
e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ea14b302d2386504b249b182fac6bdeff4b77b71921945c4cf70e73550ab503d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f750058960e669eabe8d8566e64df216a607d878b853314f9bf0f7e77a4b0f29
f844427a508646fad1cdee193c2d57ea8ab60efe830cedbf0fe9297865492721
f96cf93560f48982a79d65f9049675ca8dea2417035502b9b300f650d466c51c
fce3dd79f6439614bd0067fdb4747883bb1a414133f1d33cc75c3f43afdeb4f9
ffd0ad0a2388a1b6c38a1d0a6302cc2c8e261f34597863656926ab9a4e9627d7

www.bdo.com Open in urlscan Pro 2606:4700:4400::ac40:91ea Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

99 %HTTPS

51 %IPv6

29 Domains

37 Subdomains

36 IPs

6 Countries

4611 kBTransfer

9192 kBSize

41 Cookies

14 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bdo.com Open in urlscan Pro
2606:4700:4400::ac40:91ea Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

99 %
HTTPS

51 %
IPv6

29
Domains

37
Subdomains

36
IPs

6
Countries

4611 kB
Transfer

9192 kB
Size

41
Cookies

138 HTTP transactions
1 data transactions