www.bakertilly.com Open in urlscan Pro
104.17.61.70 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl...
Submission: On August 21 via manual (August 21st 2024, 2:37:53 pm UTC) from US — Scanned from DE

Summary HTTP 85 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 22 domains to perform 85 HTTP transactions. The main IP is 104.17.61.70, located in and belongs to CLOUDFLARENET, US. The main domain is www.bakertilly.com.
TLS certificate: Issued by WE1 on August 13th 2024. Valid for: 3 months.

This is the only time www.bakertilly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	104.17.61.70 104.17.61.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1 2	95.101.111.153 95.101.111.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2a04:4e42:200... 2a04:4e42:200::720	54113 (FASTLY) (FASTLY)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
3	172.67.213.149 172.67.213.149	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:272... 2600:9000:2729:5600:6:ea06:d140:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4869	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.237.219.119 34.237.219.119	14618 (AMAZON-AES) (AMAZON-AES)
1	23.21.59.137 23.21.59.137	14618 (AMAZON-AES) (AMAZON-AES)
2	54.204.18.47 54.204.18.47	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 6	2600:9000:266... 2600:9000:2664:d400:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:10::210:a9a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	104.18.37.212 104.18.37.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	65.9.189.5 65.9.189.5	16509 (AMAZON-02) (AMAZON-02)
4	52.59.168.105 52.59.168.105	16509 (AMAZON-02) (AMAZON-02)
1	151.101.192.114 151.101.192.114	54113 (FASTLY) (FASTLY)
1	3.209.222.198 3.209.222.198	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
1	18.156.179.246 18.156.179.246	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.219.147.176 3.219.147.176	14618 (AMAZON-AES) (AMAZON-AES)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:63b8:5da2:7c60:d35c	16509 (AMAZON-02) (AMAZON-02)
2	104.16.118.43 104.16.118.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
85	30

21 104.17.61.70 (None, )

ASN13335 (CLOUDFLARENET, US)

www.bakertilly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.111.153 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-153.deploy.static.akamaitechnologies.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:200::720 (United States)

ASN54113 (FASTLY, US)

images.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.213.149 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.calibermind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e.calibermind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2729:5600:6:ea06:d140:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.cdn.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4869 (United States)

ASN13335 (CLOUDFLARENET, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.219.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-219-119.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.59.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-59-137.compute-1.amazonaws.com

baker-tilly-www.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.18.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-18-47.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2664:d400:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.37.212 (None, )

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.189.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-189-5.zag50.r.cloudfront.net

analytics-sm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.59.168.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-168-105.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.114 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.222.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-222-198.compute-1.amazonaws.com

px.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.179.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-179-246.eu-central-1.compute.amazonaws.com

35627.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.219.147.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-147-176.compute-1.amazonaws.com

bakertillyusllp.us-6.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:63b8:5da2:7c60:d35c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.118.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	bakertilly.com www.bakertilly.com	1 MB
12	prismic.io images.prismic.io — Cisco Umbrella Rank: 28555 static.cdn.prismic.io — Cisco Umbrella Rank: 57913 baker-tilly-www.prismic.io	85 KB
7	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 5194 d.adroll.com — Cisco Umbrella Rank: 2660	119 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	224 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	2 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 4688	10 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
3	analytics-sm.com analytics-sm.com — Cisco Umbrella Rank: 27077	2 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 15834	4 KB
3	salesloft.com scout-cdn.salesloft.com — Cisco Umbrella Rank: 28532 scout.salesloft.com — Cisco Umbrella Rank: 36652	4 KB
3	calibermind.com cdn.calibermind.com — Cisco Umbrella Rank: 102956 e.calibermind.com — Cisco Umbrella Rank: 122209	63 KB
2	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 10891	2 KB
2	evergage.com bakertillyusllp.us-6.evergage.com	1 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	16 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 12600	4 KB
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 4730	1 KB
1	siteimproveanalytics.io 35627.global.siteimproveanalytics.io	149 B
1	adentifi.com px.adentifi.com — Cisco Umbrella Rank: 16060	35 B
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 6528	48 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 8455	14 KB
1	gstatic.com fonts.gstatic.com	25 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	855 B
85	22

	Domain	Requested by
21	www.bakertilly.com	www.bakertilly.com
10	images.prismic.io	www.bakertilly.com
7	www.googletagmanager.com	www.bakertilly.com www.googletagmanager.com
6	s.adroll.com	1 redirects www.googletagmanager.com s.adroll.com
4	tags.srv.stackadapt.com	www.bakertilly.com tags.srv.stackadapt.com
3	px.ads.linkedin.com	1 redirects www.bakertilly.com
3	analytics-sm.com	www.bakertilly.com
3	js.zi-scripts.com	www.bakertilly.com
2	ws.zoominfo.com	www.bakertilly.com
2	bakertillyusllp.us-6.evergage.com	www.bakertilly.com cdn.evgnet.com
2	region1.google-analytics.com	www.bakertilly.com
2	snap.licdn.com	www.bakertilly.com snap.licdn.com
2	www.google-analytics.com	www.googletagmanager.com www.bakertilly.com
2	scout.salesloft.com	www.bakertilly.com
2	pi.pardot.com	www.bakertilly.com pi.pardot.com
2	cdn.calibermind.com	www.bakertilly.com
2	trkn.us	1 redirects www.bakertilly.com
1	d.adroll.com	s.adroll.com
1	px4.ads.linkedin.com
1	35627.global.siteimproveanalytics.io
1	px.adentifi.com
1	cdn.evgnet.com	www.googletagmanager.com
1	siteimproveanalytics.com	www.bakertilly.com
1	e.calibermind.com	www.bakertilly.com
1	baker-tilly-www.prismic.io	static.cdn.prismic.io
1	scout-cdn.salesloft.com	www.bakertilly.com
1	static.cdn.prismic.io	www.bakertilly.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.bakertilly.com
85	29

This site contains links to these domains. Also see Links.

Domain
connect.bakertilly.com
www.facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
bakertilly.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
images.prismic.io Certainly Intermediate R1	`2024-08-15` - `2024-09-14`	a month	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
calibermind.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
*.cdn.prismic.io Amazon RSA 2048 M02	`2024-07-30` - `2025-08-27`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-20` - `2025-04-19`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-05` - `2025-06-04`	a year	crt.sh
*.prismic.io Amazon RSA 2048 M02	`2024-06-25` - `2025-07-23`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
zi-scripts.com WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
siteimproveanalytics.com WE1	`2024-08-19` - `2024-11-17`	3 months	crt.sh
*.analytics-sm.com Amazon RSA 2048 M02	`2024-04-17` - `2025-05-16`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2024-08-09` - `2025-09-07`	a year	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-02-12`	a year	crt.sh
adentifi.com Amazon RSA 2048 M02	`2024-06-05` - `2025-07-03`	a year	crt.sh
*.global.r1.siteimproveanalytics.io Amazon RSA 2048 M03	`2023-10-26` - `2024-11-23`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
*.us-6.evergage.com Amazon RSA 2048 M02	`2023-11-12` - `2024-12-11`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
zoominfo.com E5	`2024-08-14` - `2024-11-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Frame ID: A38167CF6DFECA75077E3810CED1EB68
Requests: 82 HTTP requests in this frame

Frame: https://baker-tilly-www.prismic.io/prismic-toolbar/4.1.1/iframe.html
Frame ID: AFF2F4761FCDEE867E12BBDED665A691
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ransomware prevention guide - Baker Tilly

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

85
Requests

95 %
HTTPS

38 %
IPv6

22
Domains

29
Subdomains

30
IPs

5
Countries

1826 kB
Transfer

6844 kB
Size

33
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://connect.bakertilly.com/subscribe?utm_source=insight&utm_medium=web&utm_campaign=ransomware-prevention-guide
Title: Subscribe to newslettersarrowCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://connect.bakertilly.com/ransomware-prevention-guide?utm_source=ransomware-prevention-guide&utm_medium=web-insight-download
Title: Download the 10-page guide.arrowCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://connect.bakertilly.com/subscribe
Title: Subscribe to newslettersarrowCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bakertillyus
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bakertillyus/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bakertillyus/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/bakertillyus
Title: YouTube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://trkn.us/pixel/conv/ppt=15512;g=sitewide;gid=38260;ord=5073342076672.227 HTTP 302
https://trkn.us/pixel/conv/ppt=15512;g=sitewide;gid=38260;ord=5073342076672.227;ip=78.159.108.27;cuidchk=1

Request Chain 62

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1724251068174&url=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1724251068174&url=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august&e_ipv6=AQJc9eFbJgmjbAAAAZF1X1erS9TH5UTPv6yvKuQFYtkmRnP8DM8xRA6M4WAjNtVM_hWGt-yWew

Request Chain 73

https://s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

85 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request ransomware-prevention-guide Show response
www.bakertilly.com/insights/ 2 MB
176 KB 411ms
344ms Document
text/html 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 820becd2197590a087417f82cadbc9b204b8f3ed0af78aead0a031d59d63f362

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, must-revalidate, max-age=549, s-maxage=549, stale-while-revalidate=25
cf-cache-status: DYNAMIC
cf-ray: 8b6b5ce7ef84bb37-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 21 Aug 2024 14:37:45 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251065&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=E5YAA%2BpZ3TxCWTFzPuXJsoeQhEe66F9%2BMk2XqwdnrsM%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251065&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=E5YAA%2BpZ3TxCWTFzPuXJsoeQhEe66F9%2BMk2XqwdnrsM%3D
server: cloudflare
via: 1.1 vegur
x-cache-expired-at: 9m 9.2s
x-cache-status: HIT
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
855 B 286ms
185ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Sora:wght@400;600;700&display=swap

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a72e3a167735cc751715b73438679f069466f342ee91d11a7e6c11362e98998a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Aug 2024 14:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Aug 2024 14:37:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Aug 2024 14:37:46 GMT

GET
H3 200 insight.js Show response
www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/ 441 KB
208 KB 470ms
469ms Script
application/javascript 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/insight.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9549d3769190f3c3f3e5b90ae9036e8b7efa82f8567b969d275567c97b58da33

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251066&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=piRbs2kMMEByyQwVr8%2BykYiWXdykcmDXlFlmdGwZfGs%3D
last-modified: Thu, 25 Jul 2024 20:30:33 GMT
server: cloudflare
etag: W/"6e403-190eb969628"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251066&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=piRbs2kMMEByyQwVr8%2BykYiWXdykcmDXlFlmdGwZfGs%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 8b6b5ceacac3bb37-FRA
expires: Wed, 21 Aug 2024 18:37:46 GMT

GET
H3 200 _app.js Show response
www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/ 701 KB
192 KB 683ms
682ms Script
application/javascript 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 05719cb313f1fcee64e8ba1d15f25ec805d13ae54527f73d7f2d2659a866ca7d

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251066&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=piRbs2kMMEByyQwVr8%2BykYiWXdykcmDXlFlmdGwZfGs%3D
last-modified: Thu, 25 Jul 2024 20:30:33 GMT
server: cloudflare
etag: W/"af45b-190eb969628"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251066&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=piRbs2kMMEByyQwVr8%2BykYiWXdykcmDXlFlmdGwZfGs%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 8b6b5ceb7b84bb37-FRA
expires: Wed, 21 Aug 2024 18:37:46 GMT

GET
H3 200 webpack-f5e50b6b501ccea2a79b.js Show response
www.bakertilly.com/_next/static/runtime/ 1 KB
1 KB 216ms
215ms Script
application/javascript 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/runtime/webpack-f5e50b6b501ccea2a79b.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 404ae79ad9b03e63047736ebaf77df9a759b0add1fa42e02bd6a4f362d64098e

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 13893222
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710357844&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=tU6soAx0wj%2FCuNUgqwoapnfpKFDUxc0kjP7e2fe0fU4%3D
last-modified: Fri, 08 Mar 2024 15:26:44 GMT
server: cloudflare
etag: W/"5ce-18e1eac7b20"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710357844&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=tU6soAx0wj%2FCuNUgqwoapnfpKFDUxc0kjP7e2fe0fU4%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8b6b5ceb8bacbb37-FRA
expires: Thu, 21 Aug 2025 14:37:46 GMT

GET
H3 200 commons.0cdc3857ebbe195767a9.js Show response
www.bakertilly.com/_next/static/chunks/ 700 KB
214 KB 190ms
189ms Script
application/javascript 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/chunks/commons.0cdc3857ebbe195767a9.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 95f8c32b30571edb818d1eb4897b774adf052145ec4556855858fe707189b60d

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 3690386
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720560680&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Jxo9UjUUky8eQ%2FxgdGr%2BoB4ERhUlZe43%2F1Y5iCKj6bQ%3D
last-modified: Tue, 09 Jul 2024 21:02:13 GMT
server: cloudflare
etag: W/"aef46-190994dd408"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720560680&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Jxo9UjUUky8eQ%2FxgdGr%2BoB4ERhUlZe43%2F1Y5iCKj6bQ%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8b6b5ceb8bafbb37-FRA
expires: Thu, 21 Aug 2025 14:37:46 GMT

GET
H3 200 styles.f0b665749975c9827fef.js Show response
www.bakertilly.com/_next/static/chunks/ 72 KB
18 KB 893ms
892ms Script
application/javascript 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/chunks/styles.f0b665749975c9827fef.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d110f18f765e2f46d22d601c516224e892587e848a1179f62ddfc6036d7ed2ac

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 5951567
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1718299499&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=w3abYxCF7Zc%2Bzuw43ShoDnG%2F0CHjirlhdF2Jx6MS%2FJc%3D
last-modified: Thu, 13 Jun 2024 17:23:32 GMT
server: cloudflare
etag: W/"12062-19012a04620"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718299499&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=w3abYxCF7Zc%2Bzuw43ShoDnG%2F0CHjirlhdF2Jx6MS%2FJc%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8b6b5ceb8bb2bb37-FRA
expires: Thu, 21 Aug 2025 14:37:46 GMT

GET
H3 200 main-3c30a278dddde2fd1b61.js Show response
www.bakertilly.com/_next/static/runtime/ 30 KB
11 KB 894ms
892ms Script
application/javascript 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/runtime/main-3c30a278dddde2fd1b61.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3fc06ba8cad24bdea755d92f562d741555ddefcf4d9a2e31b62dc74a0c76b02d

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 13254118
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710996948&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=be157w9FFNq84jPK81DZ7VIbF1ZW60h%2F9L6juNw2KfQ%3D
last-modified: Fri, 08 Mar 2024 15:26:44 GMT
server: cloudflare
etag: W/"77b1-18e1eac7b20"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710996948&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=be157w9FFNq84jPK81DZ7VIbF1ZW60h%2F9L6juNw2KfQ%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8b6b5ceb8bb6bb37-FRA
expires: Thu, 21 Aug 2025 14:37:46 GMT

GET
H3 200 commons.2c485a45.chunk.css
www.bakertilly.com/_next/static/css/ 44 KB
6 KB 906ms
905ms Stylesheet
text/css 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/css/commons.2c485a45.chunk.css
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d81edf2c45c2bd7898d55ffd2a9fa5d56e5272235f212eb3cec03c3cfd4237f3

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251066&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=piRbs2kMMEByyQwVr8%2BykYiWXdykcmDXlFlmdGwZfGs%3D
last-modified: Thu, 25 Jul 2024 20:30:33 GMT
server: cloudflare
etag: W/"afd6-190eb969628"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251066&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=piRbs2kMMEByyQwVr8%2BykYiWXdykcmDXlFlmdGwZfGs%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 8b6b5ceb8bbabb37-FRA
expires: Wed, 21 Aug 2024 18:37:46 GMT

GET
H3 200 styles.b4232e92.chunk.css
www.bakertilly.com/_next/static/css/ 294 KB
41 KB 907ms
905ms Stylesheet
text/css 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/css/styles.b4232e92.chunk.css
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b9d57c011f5734dad11b6a8c11484ee4cef5c652b0697f327c7ffdc89ac17652

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251066&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=piRbs2kMMEByyQwVr8%2BykYiWXdykcmDXlFlmdGwZfGs%3D
last-modified: Thu, 25 Jul 2024 20:30:33 GMT
server: cloudflare
etag: W/"497cc-190eb969628"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251066&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=piRbs2kMMEByyQwVr8%2BykYiWXdykcmDXlFlmdGwZfGs%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 8b6b5ceb8bbfbb37-FRA
expires: Wed, 21 Aug 2024 18:37:46 GMT

GET
H3 200 _app.js.7bb98398.chunk.css
www.bakertilly.com/_next/static/css/static/PZatoyQxjUanQraOaCAr8/pages/ 3 KB
1 KB 938ms
937ms Stylesheet
text/css 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/css/static/PZatoyQxjUanQraOaCAr8/pages/_app.js.7bb98398.chunk.css
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c74cb95556f697e59eeb6814a2926e976cce99dbb5d3a9e1a66fb3cfd19ece90

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251066&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=piRbs2kMMEByyQwVr8%2BykYiWXdykcmDXlFlmdGwZfGs%3D
last-modified: Thu, 25 Jul 2024 20:30:33 GMT
server: cloudflare
etag: W/"a08-190eb969628"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251066&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=piRbs2kMMEByyQwVr8%2BykYiWXdykcmDXlFlmdGwZfGs%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 8b6b5ceb8bc1bb37-FRA
expires: Wed, 21 Aug 2024 18:37:46 GMT

GET
H/1.1

200
OK

ppt=15512;g=sitewide;gid=38260;ord=5073342076672.227;ip=78.159.108.27;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=15512;g=sitewide;gid=38260;ord=5073342076672.227
https://trkn.us/pixel/conv/ppt=15512;g=sitewide;gid=38260;ord=5073342076672.227;ip=78.159.108.27;cuidchk=1

42 B
721 B

19ms
18ms

Image
image/gif

95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=15512;g=sitewide;gid=38260;ord=5073342076672.227;ip=78.159.108.27;cuidchk=1

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

HTTP/1.1

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Aug 2024 14:37:46 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Location: /pixel/conv/ppt=15512;g=sitewide;gid=38260;ord=5073342076672.227;ip=78.159.108.27;cuidchk=1
Date: Wed, 21 Aug 2024 14:37:46 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 040b5472-009f-458e-8f74-4a00899c4f14_automation-software.jpg
images.prismic.io/baker-tilly-www/ 376 B
525 B 183ms
80ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/baker-tilly-www/040b5472-009f-458e-8f74-4a00899c4f14_automation-software.jpg?auto=format%2Ccompress&rect=0%2C420%2C2640%2C660&w=20&h=5

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

ffbf1077ec8b75ebef83407966e256d7a631a2853902730c5b313f28f18910bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
x-content-type-options: nosniff
age: 1907530
x-cache: HIT, HIT, HIT
x-imgix-id: 978da277141eeb5ea7244b7a52ed9544a9651abc
cross-origin-resource-policy: cross-origin
content-length: 376
x-served-by: cache-sjc10081-SJC, cache-fra-etou8220065-FRA, cache-mad2200132-MAD
last-modified: Tue, 30 Jul 2024 12:45:36 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cc6cce8b-ef94-45cb-9052-9e96e8a87715_digital-technology.jpg
images.prismic.io/baker-tilly-www/ 452 B
622 B 181ms
95ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/baker-tilly-www/cc6cce8b-ef94-45cb-9052-9e96e8a87715_digital-technology.jpg?auto=compress,format&rect=0,125,2500,1500&w=20&h=12

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

addd800aefd06c4e2dd67d3b7cb4624d82cfdfa488bb320911ac244e2a7db0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
x-content-type-options: nosniff
age: 2530245
x-cache: HIT, HIT, MISS
x-imgix-id: 3bd3c0ee773088968a558fd4e081e5bcce68e268
cross-origin-resource-policy: cross-origin
content-length: 452
x-served-by: cache-sjc10057-SJC, cache-fra-etou8220133-FRA, cache-mad2200132-MAD
last-modified: Tue, 23 Jul 2024 07:47:01 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 40782f70-69bd-4050-80ee-c67ab1ea5797_Abstract+digital+background.jpg
images.prismic.io/baker-tilly-www/ 368 B
520 B 167ms
81ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/baker-tilly-www/40782f70-69bd-4050-80ee-c67ab1ea5797_Abstract+digital+background.jpg?auto=compress,format&rect=367,0,1223,734&w=20&h=12

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

502a69eb9923c1a67636c6d602f83646b807f8bef594f86a265f1609328d08ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
x-content-type-options: nosniff
age: 3667144
x-cache: HIT, HIT, HIT
x-imgix-id: 37c3b5f1bb69dc8082ed24e3dc38029f1a652917
cross-origin-resource-policy: cross-origin
content-length: 368
x-served-by: cache-sjc1000121-SJC, cache-fra-eddf8230100-FRA, cache-mad2200132-MAD
last-modified: Wed, 10 Jul 2024 03:58:41 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ef8e5bd2-41ae-43e4-960e-37a70eca7e7d_ransomware-fort-aerial.jpg
images.prismic.io/baker-tilly-www/ 434 B
587 B 120ms
83ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/baker-tilly-www/ef8e5bd2-41ae-43e4-960e-37a70eca7e7d_ransomware-fort-aerial.jpg?auto=compress,format&rect=0,73,1468,881&w=20&h=12

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

ad3d105e4495108a70da8a2aec5c35b376f1da7a767529c59798fb7d63107a26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
x-content-type-options: nosniff
age: 2579394
x-cache: HIT, HIT, HIT
x-imgix-id: 735bb069697d80061e41a8cb3fefefd59bc3873d
cross-origin-resource-policy: cross-origin
content-length: 434
x-served-by: cache-sjc1000136-SJC, cache-fra-eddf8230095-FRA, cache-mad2200132-MAD
last-modified: Mon, 22 Jul 2024 18:07:51 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 baker-tilly-www%2F394e3da2-3487-4e43-b63c-df08edda3cbe_woman_computer_cybersecurity_general.jpg
images.prismic.io/ 387 B
541 B 141ms
105ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/baker-tilly-www%2F394e3da2-3487-4e43-b63c-df08edda3cbe_woman_computer_cybersecurity_general.jpg?auto=compress,format&rect=0,160,3200,1920&w=20&h=12

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

25f52925d0933d6b61490f505f916b1d789b0506c1d78c22ebc2c8402c729270

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
x-content-type-options: nosniff
age: 152474
x-cache: HIT, HIT, HIT
x-imgix-id: af6a2a6749aa95f9172b20976253d0d09e8fb62a
cross-origin-resource-policy: cross-origin
content-length: 387
x-served-by: cache-chi-kigq8000096-CHI, cache-fra-etou8220084-FRA, cache-mad2200132-MAD
last-modified: Mon, 19 Aug 2024 20:16:32 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 b6678ab0-b748-465a-8084-c49266bd87d4_cybersecurity-ransomware-computer.jpg
images.prismic.io/baker-tilly-www/ 440 B
774 B 115ms
79ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/baker-tilly-www/b6678ab0-b748-465a-8084-c49266bd87d4_cybersecurity-ransomware-computer.jpg?auto=compress,format&rect=0,106,2119,1271&w=20&h=12

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a4fd9346e058d82c9c4576df90acf252659e0798d090d3b9b2b7d28b616fe2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
x-content-type-options: nosniff
age: 1824936
x-cache: HIT, HIT, HIT
x-imgix-id: 90c4922fdb72fadd12016bf24982e3b382d58d6a
cross-origin-resource-policy: cross-origin
content-length: 440
x-served-by: cache-sjc1000101-SJC, cache-fra-etou8220150-FRA, cache-mad2200132-MAD
last-modified: Wed, 31 Jul 2024 11:42:10 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MTMyNzk1NmEtMDI2Yi00ZjZjLWI1MjQtZmU4YWJlNDIzNzQx_technology_header_web.jpg
images.prismic.io/baker-tilly-www/ 366 B
520 B 88ms
84ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/baker-tilly-www/MTMyNzk1NmEtMDI2Yi00ZjZjLWI1MjQtZmU4YWJlNDIzNzQx_technology_header_web.jpg?auto=compress,format&rect=0,100,2000,1200&w=20&h=12

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

4d7bd4ec78e4eb20c8817645c391480483854eaf4cf581f5e094d1da7b5db6cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
x-content-type-options: nosniff
age: 518966
x-cache: HIT, HIT, MISS
x-imgix-id: b066e157dc9aa2f71f4cb6fcbe9d814a4a6ae843
cross-origin-resource-policy: cross-origin
content-length: 366
x-served-by: cache-chi-kigq8000085-CHI, cache-fra-etou8220107-FRA, cache-mad2200132-MAD
last-modified: Thu, 15 Aug 2024 14:28:19 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 09fa9c38-1247-4191-8442-64021b81359a_gen-header_working-computer-data-night.jpg
images.prismic.io/baker-tilly-www/ 427 B
726 B 87ms
83ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/baker-tilly-www/09fa9c38-1247-4191-8442-64021b81359a_gen-header_working-computer-data-night.jpg?auto=compress,format&rect=90,0,1800,1080&w=20&h=12

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

0932328d57c563bc09dc837fdb68ec99eae460685c94901c24133719e83baf84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
x-content-type-options: nosniff
age: 2326636
x-cache: HIT, HIT, MISS
x-imgix-id: 3f3d427a38be299e66b7a9e3a5148e26f7887d3d
cross-origin-resource-policy: cross-origin
content-length: 427
x-served-by: cache-sjc1000132-SJC, cache-fra-eddf8230113-FRA, cache-mad2200132-MAD
last-modified: Thu, 25 Jul 2024 16:20:30 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 baker-tilly-www%2F343fd8ab-0ce2-41bb-adba-8093d7a18ea5_cl_gen_forest+tree.jpg
images.prismic.io/ 371 B
526 B 86ms
82ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/baker-tilly-www%2F343fd8ab-0ce2-41bb-adba-8093d7a18ea5_cl_gen_forest+tree.jpg?auto=compress,format&rect=0,1123,5616,1404&w=20&h=5

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

451b105c93a89c76370482f8fcf196fb18b9f1c7c136e4e1eddf9c39c96faa83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
x-content-type-options: nosniff
age: 692870
x-cache: HIT, HIT, MISS
x-imgix-id: 76ee2369d9f94ba6560a869656c8556ddde34f35
cross-origin-resource-policy: cross-origin
content-length: 371
x-served-by: cache-chi-klot8100120-CHI, cache-fra-etou8220129-FRA, cache-mad2200132-MAD
last-modified: Tue, 13 Aug 2024 14:09:56 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 rocket-loader.min.js Show response
www.bakertilly.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 462ms
462ms Script
application/javascript 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bakertilly.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2024 09:13:23 GMT
server: cloudflare
etag: W/"66c30cb3-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8b6b5cedce49bb37-FRA
expires: Fri, 23 Aug 2024 14:37:46 GMT

GET
H2 200 xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2
fonts.gstatic.com/s/sora/v12/ 24 KB
25 KB 387ms
34ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sora/v12/xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Sora:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

34f389410a7c00bca7ca2822478e236e1b5f388c49519ef8147bf035b2e20417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bakertilly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:08:01 GMT
x-content-type-options: nosniff
age: 88186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25064
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:16:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:08:01 GMT

GET
H3 200 footer-growth-symbol-61001e0f568e1bafc85e854056da7017.png
www.bakertilly.com/_next/static/images/ 28 KB
29 KB 210ms
209ms Image
image/png 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bakertilly.com/_next/static/images/footer-growth-symbol-61001e0f568e1bafc85e854056da7017.png
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dde21bacb6b7f5cdb1d620ea43681754fb22a9630f642175c70c3f2b492b3cd5

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:47 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 29148
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251067&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Dt5Xtt%2BRVraoeVqm9xCuGHUTVwJxIpIjf9TG%2B0YZmn0%3D
last-modified: Thu, 25 Jul 2024 20:30:33 GMT
server: cloudflare
etag: W/"71dc-190eb969628"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251067&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Dt5Xtt%2BRVraoeVqm9xCuGHUTVwJxIpIjf9TG%2B0YZmn0%3D"}]}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b6b5cf0bb04bb37-FRA
expires: Wed, 21 Aug 2024 18:37:47 GMT

GET
H3 404 footer-growth-symbol.png
www.bakertilly.com/assets/images/logos/ 4 KB
4 KB 66ms
65ms Image
text/html 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bakertilly.com/assets/images/logos/footer-growth-symbol.png
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/css/styles.b4232e92.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: e1e56de778bb0e6ab931bd871297a005b594fc05414cf8dedf3ddea7a34d0004

Request headers

Referer: https://www.bakertilly.com/_next/static/css/styles.b4232e92.chunk.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:47 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 27886
x-powered-by: Next.js
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724167405&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=a%2FD%2BUrc1NlcZE1851XHxCHpbHF23qCHC45WcZr9BMC0%3D
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724167405&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=a%2FD%2BUrc1NlcZE1851XHxCHpbHF23qCHC45WcZr9BMC0%3D"}]}
content-type: text/html; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 8b6b5cf0bb06bb37-FRA
expires: Wed, 21 Aug 2024 18:37:47 GMT

GET
H3 200 TradeGothicCondensed18-4759a488b379f1f6b88f733c1a9f644a.woff2
www.bakertilly.com/_next/static/fonts/ 22 KB
23 KB 509ms
509ms Font
application/font-woff2 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/fonts/TradeGothicCondensed18-4759a488b379f1f6b88f733c1a9f644a.woff2
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/css/static/PZatoyQxjUanQraOaCAr8/pages/_app.js.7bb98398.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 116e1a808fdc2ddec2210714314055ba86b77ca52b6e7d3e79d657901fa5093f

Request headers

Referer: https://www.bakertilly.com/_next/static/css/static/PZatoyQxjUanQraOaCAr8/pages/_app.js.7bb98398.chunk.css
Origin: https://www.bakertilly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:47 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 22504
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251067&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Dt5Xtt%2BRVraoeVqm9xCuGHUTVwJxIpIjf9TG%2B0YZmn0%3D
last-modified: Thu, 25 Jul 2024 20:30:33 GMT
server: cloudflare
etag: W/"57e8-190eb969628"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251067&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Dt5Xtt%2BRVraoeVqm9xCuGHUTVwJxIpIjf9TG%2B0YZmn0%3D"}]}
content-type: application/font-woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b6b5cf0cb16bb37-FRA
expires: Wed, 21 Aug 2024 18:37:47 GMT

GET
H3 200 TradeGothicBoldCondensed20-bf96150782f82ae11611a641711d5d53.woff2
www.bakertilly.com/_next/static/fonts/ 22 KB
23 KB 524ms
524ms Font
application/font-woff2 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/fonts/TradeGothicBoldCondensed20-bf96150782f82ae11611a641711d5d53.woff2
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/css/static/PZatoyQxjUanQraOaCAr8/pages/_app.js.7bb98398.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 894f4b26a5a3eb51179aa7e7ab27494c959890d074a28a93aee2f8aebad23e85

Request headers

Referer: https://www.bakertilly.com/_next/static/css/static/PZatoyQxjUanQraOaCAr8/pages/_app.js.7bb98398.chunk.css
Origin: https://www.bakertilly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:47 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 22824
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251067&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Dt5Xtt%2BRVraoeVqm9xCuGHUTVwJxIpIjf9TG%2B0YZmn0%3D
last-modified: Thu, 25 Jul 2024 20:30:33 GMT
server: cloudflare
etag: W/"5928-190eb969628"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251067&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Dt5Xtt%2BRVraoeVqm9xCuGHUTVwJxIpIjf9TG%2B0YZmn0%3D"}]}
content-type: application/font-woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b6b5cf0cb19bb37-FRA
expires: Wed, 21 Aug 2024 18:37:47 GMT

GET
H3 200 identifyEmail.latest.js Show response
cdn.calibermind.com/js/ 838 B
1 KB 129ms
76ms Script
application/javascript 172.67.213.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calibermind.com/js/identifyEmail.latest.js

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda851ced6071adcde40501c1c09e21fd48be1594567337f82711a6371b9779c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:47 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 55011
content-encoding: zstd
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Jul 2024 21:32:10 GMT
server: cloudflare
etag: W/"668efdda-346"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JMeOyx8CZsh1k2wkIK6srSj9ELHUuJevm5E7KQpQeoVxlkpxD9Inc0EWouC7h8%2BVv%2BUQzL4%2BUF%2BiFzUFQYWuTy%2B28KttRPmwmSIkLfE8ifVzeWcOzJLlKSh3wziVcOciMf2Cy8%2BV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400, stale-if-error=3600
cf-ray: 8b6b5cf14c689be9-FRA
priority: u=1,i=?0

GET
H2 200 prismic.js Show response
static.cdn.prismic.io/ 29 KB
10 KB 171ms
47ms Script
application/javascript 2600:9000:2729:5600:6:ea06:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.prismic.io/prismic.js?new=true&repo=baker-tilly-www
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2729:5600:6:ea06:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ec5c5b61fd648ca8fb1ef4264967b218ecc950355d22810fd62122b9f8edfde

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 03:31:44 GMT
content-encoding: gzip
via: 1.1 02c449380fa13ec995b76e5d0585e472.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jun 2024 13:07:44 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P3
age: 39967
x-amz-server-side-encryption: AES256
etag: W/"dc20b78f902d78e0f0500d5b1e20b53c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: JdvxhsWyq5VL__Ef4Guljtz2JiQWdd0rbvDdH61_YHD8HrsB54nxEg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 331 KB
108 KB 185ms
87ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37b2bee2c9062873ff6a0958b5031530be49d545328f10663f3a34b148a32a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109826
x-xss-protection: 0
last-modified: Wed, 21 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Aug 2024 14:37:47 GMT

GET
H3 200 a.js Show response
cdn.calibermind.com/ 213 KB
61 KB 35ms
35ms Script
application/javascript 172.67.213.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calibermind.com/a.js

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0647d8975d5c92ea700e635befca523c5aac18754b8454d954909fe070e68cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:47 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 59755
content-encoding: zstd
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Jul 2024 21:30:20 GMT
server: cloudflare
etag: W/"668efd6c-354c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yFK1BzjmDekZiVLQ%2BxuSGsL3oKE78mb6Q8hnE6MBkDUB%2FRma%2FHMY4N1v8AlAAPcjEeveWxrPkM03S8fHDhDV1rmUU3pg%2FP9r38XV2V6zxcpq1X8nbDIGTEpT3JAffsCDog%2FD8OND"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400, stale-if-error=3600
cf-ray: 8b6b5cf44f8d9be9-FRA
priority: u=3,i=?0

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 185ms
90ms Script
application/javascript 2606:4700::6810:4869
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scout-cdn.salesloft.com/sl.js

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4869 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:47 GMT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: EZPGEPEQRJ835T56
age: 1935
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vj/H9CfyiKNwtvLJrelCw6CtXo93qB0KDTwbomYs8Kf/kZA94jYHXVgMqek/RNtsa+9eO7BrPxA=
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: cloudflare
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8b6b5cf51fa636df-FRA
expires: Wed, 21 Aug 2024 18:37:47 GMT

POST
H3 200 search Show response
www.bakertilly.com/api/algolia/ 21 KB
4 KB 156ms
155ms Fetch
application/json 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/api/algolia/search
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dd594fed90ba1b79d5c10828979d9b29eb1c35003735339ba7bd494249ca5d21

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Aug 2024 14:37:47 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"5408-pxFDu4GePzY0jFlmYYIU1jIaljQ"
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251067&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Dt5Xtt%2BRVraoeVqm9xCuGHUTVwJxIpIjf9TG%2B0YZmn0%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8b6b5cf63a99bb37-FRA
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251067&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Dt5Xtt%2BRVraoeVqm9xCuGHUTVwJxIpIjf9TG%2B0YZmn0%3D

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 447ms
115ms Script
application/javascript 34.237.219.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-219-119.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 14:37:48 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Wed, 21 Aug 2024 05:31:33 GMT
etag: "15f4-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1988
expires: Fri, 21 Aug 2026 14:37:48 GMT

GET
H2 200 040b5472-009f-458e-8f74-4a00899c4f14_automation-software.jpg
images.prismic.io/baker-tilly-www/ 69 KB
70 KB 71ms
70ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/baker-tilly-www/040b5472-009f-458e-8f74-4a00899c4f14_automation-software.jpg?auto=format%2Ccompress&rect=0%2C416%2C2640%2C667&w=1670&h=422

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

2109f2e4477f399537deba5bc22976ef549745cefd7f1480714681bfb0a7db8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:47 GMT
x-content-type-options: nosniff
age: 1885198
x-cache: HIT, HIT, HIT
x-imgix-id: 890c6f3d39ff7d0bffd65d12be94d75bad9b919c
cross-origin-resource-policy: cross-origin
content-length: 71122
x-served-by: cache-sjc10032-SJC, cache-fra-eddf8230049-FRA, cache-mad2200132-MAD
last-modified: Tue, 30 Jul 2024 18:57:49 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 index.js Show response
www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/ 134 KB
38 KB 540ms
539ms Script
application/javascript 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/index.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/runtime/main-3c30a278dddde2fd1b61.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f70153655961009a5b2ac8407f340bc9273c1688988c97b4c45255508eb956e3

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251068&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MpZuMVUoOGEE6dCTh%2FcGuzkUYJsjHLnzaLwM8K03b9c%3D
last-modified: Thu, 25 Jul 2024 20:30:33 GMT
server: cloudflare
etag: W/"21953-190eb969628"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251068&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MpZuMVUoOGEE6dCTh%2FcGuzkUYJsjHLnzaLwM8K03b9c%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 8b6b5cf63aa0bb37-FRA
expires: Wed, 21 Aug 2024 18:37:48 GMT

GET
H3 200 leave-a-message.js Show response
www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/contact/ 26 KB
10 KB 237ms
236ms Script
application/javascript 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/contact/leave-a-message.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/runtime/main-3c30a278dddde2fd1b61.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7caf36b55355e578e5feabaf323570f02ea44186d19a1373667e6c89e4b7b8a8

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251067&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Dt5Xtt%2BRVraoeVqm9xCuGHUTVwJxIpIjf9TG%2B0YZmn0%3D
last-modified: Thu, 25 Jul 2024 20:30:33 GMT
server: cloudflare
etag: W/"6801-190eb969628"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251067&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Dt5Xtt%2BRVraoeVqm9xCuGHUTVwJxIpIjf9TG%2B0YZmn0%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 8b6b5cf63aa2bb37-FRA
expires: Wed, 21 Aug 2024 18:37:47 GMT

GET
H3 200 service.js Show response
www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/ 287 KB
82 KB 361ms
360ms Script
application/javascript 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/service.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/runtime/main-3c30a278dddde2fd1b61.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 129290876303b730f5d14f6346381a5dbcca3bae755815192a9f8e2fe1b692c9

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251067&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Dt5Xtt%2BRVraoeVqm9xCuGHUTVwJxIpIjf9TG%2B0YZmn0%3D
last-modified: Thu, 25 Jul 2024 20:30:33 GMT
server: cloudflare
etag: W/"47d5b-190eb969628"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251067&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Dt5Xtt%2BRVraoeVqm9xCuGHUTVwJxIpIjf9TG%2B0YZmn0%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 8b6b5cf63aa3bb37-FRA
expires: Wed, 21 Aug 2024 18:37:48 GMT

GET
H3 200 industry.js Show response
www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/ 288 KB
82 KB 705ms
705ms Script
application/javascript 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/industry.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/runtime/main-3c30a278dddde2fd1b61.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cb6a0754dd34dd3f13d2ecc0e161d37b5665af640a88d378fb786ec1747dcc7b

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251068&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MpZuMVUoOGEE6dCTh%2FcGuzkUYJsjHLnzaLwM8K03b9c%3D
last-modified: Thu, 25 Jul 2024 20:30:33 GMT
server: cloudflare
etag: W/"47ee4-190eb969628"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251068&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MpZuMVUoOGEE6dCTh%2FcGuzkUYJsjHLnzaLwM8K03b9c%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 8b6b5cf63aa4bb37-FRA
expires: Wed, 21 Aug 2024 18:37:48 GMT

GET
H2 200 iframe.html
baker-tilly-www.prismic.io/prismic-toolbar/4.1.1/ Frame AFF2 0
0 378ms
137ms Document
text/html 23.21.59.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://baker-tilly-www.prismic.io/prismic-toolbar/4.1.1/iframe.html
Requested by: Host: static.cdn.prismic.io
URL: https://static.cdn.prismic.io/prismic.js?new=true&repo=baker-tilly-www
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.59.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-59-137.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.bakertilly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 21 Aug 2024 14:37:48 GMT
etag: W/"003ac4812b9c042ca6c8a9dd9e4cbe83"
last-modified: Mon, 17 Jun 2024 13:07:44 GMT

GET
H3 200 favicon-0a415994dedc68b0effaae422749e54a.png
www.bakertilly.com/_next/static/images/ 16 KB
16 KB 512ms
512ms Other
image/png 104.17.61.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bakertilly.com/_next/static/images/favicon-0a415994dedc68b0effaae422749e54a.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.61.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9844579f0a3a300c6002161472944a2d3005207da025d56c3d13d7f0f0f102c5

Request headers

Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 15980
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724251068&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MpZuMVUoOGEE6dCTh%2FcGuzkUYJsjHLnzaLwM8K03b9c%3D
last-modified: Thu, 25 Jul 2024 20:30:32 GMT
server: cloudflare
etag: W/"3e6c-190eb969240"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724251068&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MpZuMVUoOGEE6dCTh%2FcGuzkUYJsjHLnzaLwM8K03b9c%3D"}]}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b6b5cf63aa5bb37-FRA
expires: Wed, 21 Aug 2024 18:37:48 GMT

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
360 B 406ms
102ms XHR
application/json 54.204.18.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMTA5MDB9.wrY035VQPZwhcpuyn6UVGrVbtYeTgE4xfvnyHE-QpeQ

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.204.18.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-204-18-47.compute-1.amazonaws.com

Software

Resource Hash

b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bakertilly.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: bcb6309a3c91d868b882c77f8aa4828d

POST
H3 200 p Show response
e.calibermind.com/v1/ 16 B
593 B 182ms
151ms Fetch
application/json 172.67.213.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://e.calibermind.com/v1/p

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 16
x-request-id: adc7813f-e738-4540-9807-fe58a8f1762b
server: cloudflare
access-control-max-age: 900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=up6eHSmywMnSRPbSMgCDs%2BHEoLM4Ux%2F5%2BrUDNxahiMWwktHwNAuWXMmI7aXMZAZWlii1YltGuZvjwwJ7%2BmRLU84i1l45nungnD20Ndm5EmeRt0PZtvMC0XcOOkefZthjm4FF9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8b6b5cf6bf4d18d9-FRA
access-control-allow-headers: Content-Type,Authorization
priority: u=1,i

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 353 KB
116 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DDHH2G7ZCE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4b64ecd49f8aa480488079645a9ffb132446c753a2603451ca60e999d0e4835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 118703
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Aug 2024 14:37:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 140ms
20ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Aug 2024 13:15:05 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4963
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 21 Aug 2024 15:15:05 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 88 KB
28 KB 541ms
388ms Script
text/javascript 2600:9000:2664:d400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2664:d400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e7cf5423996cb33fa1d00f046eb950cd15eca51e98b542bb9f067ab7e68d4f6

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: vaMaFgNI58.aX6sQsheWGlDPyJGZAACY
Content-Encoding: gzip
Via: 1.1 6c6f45ebc0144bf0624643e88a527f16.cloudfront.net (CloudFront)
Date: Wed, 21 Aug 2024 14:02:21 GMT
Age: 2128
X-Amz-Cf-Pop: CDG55-P2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 20 Aug 2024 20:00:33 GMT
Server: AmazonS3
Etag: W/"8477adc58c3f773d12fe1e360fd6ff0c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: hhhAwuX5UxeQgypUwE8a5TPB3mATk0X5_FO50KszIarFzqGEre73Zg==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
1 KB 104ms
17ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1e898342f996200ceb14753e5829a6ff91de9ba3bc8114240e22e1c4d859bf2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 534, 534
date: Wed, 21 Aug 2024 14:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2024 07:32:21 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 0, 0
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=61680
accept-ranges: bytes
content-length: 755

GET
H3 200 zi-tag.js Show response
js.zi-scripts.com/ 9 KB
3 KB 168ms
71ms Script
application/javascript 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
x-amz-version-id: PTl7rnF_EEhUwyN5J882FhdYw1E0brGf
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 9ac192ffc1203361ea1141b56df84966.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 42728
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jul 2024 08:13:46 GMT
server: cloudflare
etag: W/"b2877da906a3216c4f3fc4030b205e54"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8b6b5cf74a199b67-FRA
x-amz-cf-id: NIo_T7wh1BA44iL9fRnZTLjnpz0tfIIg5CiBjKMNNhLr3n-qCMtbgA==

GET
H3 200 siteanalyze_35627.js Show response
siteimproveanalytics.com/js/ 51 KB
14 KB 90ms
51ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_35627.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4dacab7a08f29be07f9ab5848da3524f1de375c3d2a57577bd2aff6eb225f0c

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: T1Z9GV34DCS27SFA
age: 1835
alt-svc: h3=":443"; ma=86400
content-length: 14155
x-amz-id-2: qfw6HTPMEAeCasFx4p2ObcXGl+nYYvh0T2e+CBHVvS4INSiF02WI8Nu/h3BOhK182x0WIXyV5DU=
last-modified: Sat, 15 Jun 2024 11:08:25 GMT
server: cloudflare
etag: "7ab236bdc91fb62be1b99fe642087329"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fRjOYY1rCv5Ct%2Fy1XrLcKpLLr5y90YzG3vcrhinCa2HLN1hJUKH3dw2iwyTI07wjqvy0SwlYNiWVe0R72ekb12a8NDYD0fpnqhUXnPW6jPvXYm1EuXEofYMjJKgkLX7zrWjLtZJIVI2i8dY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 8b6b5cf6ec021968-FRA

GET
H2 200 beacon.js Show response
analytics-sm.com/js/v1/ 2 KB
2 KB 174ms
29ms Script
application/javascript 65.9.189.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-sm.com/js/v1/beacon.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.189.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-189-5.zag50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 133b0a1570d26f9e1beeecaeb4587a8f449c65bff8c87895cdd7e98879644ba6

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:29:39 GMT
content-encoding: gzip
via: 1.1 76991fdca074ecae847653e013587ff8.cloudfront.net (CloudFront)
last-modified: Mon, 18 Nov 2019 20:56:58 GMT
server: AmazonS3
x-amz-cf-pop: ZAG50-C1
age: 514
etag: W/"ab9f4a2518b1913f8a45b16f69d1c7a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600, no-transform, public
x-amz-cf-id: nGbbwQLuh_pj75krkhamFstsHSCGFQ7xqfQU60lSdS-aka2qqieqgA==

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
7 KB 221ms
112ms Script
text/javascript 52.59.168.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.59.168.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-168-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 49ae9566a5e89b4eb9fb245d9181d334b33209b7db0835306a429bcedf608836

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 14:37:48 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/bakertillyusllp/engage/scripts/ 189 KB
48 KB 274ms
130ms Script
application/javascript 151.101.192.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/bakertillyusllp/engage/scripts/evergage.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.114 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 353c4150a08e0ce7066f23607482ac1aeda82b2c759587ddec021c749eeac62b

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: paeoAGq2A7_vkRU5Uzyien912uHZtrl.
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Aug 2024 14:37:48 GMT
x-amz-request-id: 3XXWJCYDY1HXBB1P
age: 85
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
content-length: 48410
x-amz-id-2: +9tcYUU3m40xbEKb6YTu/cSctKiHQpMpDwMXjjUSpXcL906vhij+b3ps+BilpDV+TzlAJwhHUZFJndeiivsV/Q==
x-served-by: cache-iad-kjyo7100067-IAD, cache-mad22066-MAD
x-amz-meta-evergage-sum: eb552dc446b7524815110991f50f7319ccfda525
last-modified: Thu, 18 Jul 2024 18:34:34 GMT
server: AmazonS3
x-timer: S1724251068.107969,VS0,VE89
etag: "8044aa92cc1ba95e5a6d4bb533f5e681"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 140485, 0

GET
H2 204 Pixels
px.adentifi.com/ 0
35 B 345ms
107ms Image
text/plain 3.209.222.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adentifi.com/Pixels?a_id=15760;p_url=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august;uq=4736170125390.049
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.222.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-222-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 17ms
16ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

759bb13ca8d3bf157ea00880f75525c5cf9852d2afb83046a08bd01d0754e0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 18 Aug 2024 09:01:55 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=24104
accept-ranges: bytes
content-length: 14628

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 116ms
38ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DDHH2G7ZCE&gtm=45je48j0v873697793z86503953za200zb6503953&_p=1724251067536&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=586720297.1724251068&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724251068&sct=1&seg=0&dl=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august&dt=Ransomware%20prevention%20guide%20-%20Baker%20Tilly&en=page_view&_fv=1&_nsi=1&_ss=2&ep.content_group=Insights&tfd=2624
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 14:37:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bakertilly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 24ms
24ms Image
text/html 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-DDHH2G7ZCE&v=3&t=t&pid=1112335004&cv=2&rv=48j0&tc=25&tag_exp=0&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAg&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 26ms
25ms Image
text/html 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-DDHH2G7ZCE&v=3&t=t&pid=1112335004&cv=2&rv=48j0&tc=25&tag_exp=0&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAg&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaadslink.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ccdadsfirst.1ccdautoredact.1ccdpreautopii.1ccdgalast.1ccdadslast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ccdadsfirst.2ccdautoredact.2ccdpreautopii.2ccdgalast.2ccdadslast&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 34ms
34ms Image
text/html 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-DDHH2G7ZCE&v=3&t=t&pid=1112335004&cv=2&rv=48j0&tc=25&tag_exp=0&es=1&e=*&eid=1&u=AAAAAAAIAAAAACAg&ut=Ag&h=Ag&epr=1G.2G.1AW.1G.2G&tr=1gct.1rep&ti=1gct.1rep&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 35ms
35ms Image
text/html 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-DDHH2G7ZCE&v=3&t=t&pid=1112335004&cv=2&rv=48j0&tc=25&tag_exp=0&es=1&e=gtm.dom&eid=4&u=AAAAAAAIAAAAACAg&ut=Ag&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 38ms
37ms Image
text/html 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-DDHH2G7ZCE&v=3&t=t&pid=1112335004&cv=2&rv=48j0&tc=25&tag_exp=0&es=1&e=gtm.load&eid=6&u=AAAAAAAIAAAAACAg&ut=Ag&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 image.aspx
35627.global.siteimproveanalytics.io/ 34 B
149 B 79ms
17ms Image
image/gif 18.156.179.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://35627.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august&title=Ransomware%20prevention%20guide%20-%20Baker%20Tilly&res=1600x1200&accountid=35627&rt=2659&prev=9016a330-4205-3f19-e65e-dbb3bf4faa23&luid=ee76bbf4-506b-03f9-0303-fb57703aa613&rnd=58626
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.179.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-179-246.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Wed, 21 Aug 2024 14:37:48 UTC
date: Wed, 21 Aug 2024 14:37:48 GMT
cache-control: max-age=0
content-length: 34
content-type: image/gif

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 25ms
24ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=115223029&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august&ul=de-de&de=UTF-8&dt=Ransomware%20prevention%20guide%20-%20Baker%20Tilly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2061357319&gjid=1996609045&cid=586720297.1724251068&tid=UA-9130791-1&_gid=1978523332.1724251068&_r=1&_slc=1&gtm=45He48j0n7154NKV2v6503953za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=349730123

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 14:37:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bakertilly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
815 B 238ms
170ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=30525&time=1724251068174&url=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:47 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FA7FD29C188C418EB35B850DFB5BDC14 Ref B: DUS30EDGE0916 Ref C: 2024-08-21T14:37:48Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYgMnxuTTALCTcifnQ0zg==
x-fs-uuid: 000620327c6e4d300b0937227e7434ce

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1724251068174&url=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26ut...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1724251068174&url=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26u...

0
265 B

188ms
158ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1724251068174&url=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august&e_ipv6=AQJc9eFbJgmjbAAAAZF1X1erS9TH5UTPv6yvKuQFYtkmRnP8DM8xRA6M4WAjNtVM_hWGt-yWew
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:47 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A3EF67A573FE49B4B259CA186841E431 Ref B: FRAEDGE2021 Ref C: 2024-08-21T14:37:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYgMnxxQ3oKGQfgyNtAVg==

Redirect headers

date: Wed, 21 Aug 2024 14:37:48 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9C3AAD58E90F48C68E25E19FB1502765 Ref B: DUS30EDGE0418 Ref C: 2024-08-21T14:37:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1724251068174&url=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august&e_ipv6=AQJc9eFbJgmjbAAAAZF1X1erS9TH5UTPv6yvKuQFYtkmRnP8DM8xRA6M4WAjNtVM_hWGt-yWew
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYgMnxuXXEnnc0X0PK9Ug==

GET
H2 200 /
analytics-sm.com/ 68 B
388 B 30ms
26ms Image
image/png 65.9.189.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics-sm.com/?bid=10a28e2c-7096-450e-bdb9-2a977d6102b6&smuid=1724251863418&bt=1724251068182&btz=-120&url=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august&url_path=%2Finsights%2Fransomware-prevention-guide&title=Ransomware%20prevention%20guide%20-%20Baker%20Tilly
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.189.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-189-5.zag50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:49:01 GMT
via: 1.1 76991fdca074ecae847653e013587ff8.cloudfront.net (CloudFront)
last-modified: Mon, 15 Oct 2018 15:03:36 GMT
server: AmazonS3
x-amz-cf-pop: ZAG50-C1
age: 17430528
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache
content-length: 68
x-amz-cf-id: 4rjnlryspymDq3ZeEfOjCyRR41TLInOLfzDDRdf1tNzRreeX11a9HA==

GET
H2 200 /
analytics-sm.com/ 68 B
389 B 47ms
46ms Image
image/png 65.9.189.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics-sm.com/?bid=10a28e2c-7096-450e-bdb9-2a977d6102b6&smuid=1724251863418&bt=1724251068183&btz=-120&url=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august&url_path=%2Finsights%2Fransomware-prevention-guide&title=Ransomware%20prevention%20guide%20-%20Baker%20Tilly
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.189.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-189-5.zag50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:49:01 GMT
via: 1.1 76991fdca074ecae847653e013587ff8.cloudfront.net (CloudFront)
last-modified: Mon, 15 Oct 2018 15:03:36 GMT
server: AmazonS3
x-amz-cf-pop: ZAG50-C1
age: 17430528
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache
content-length: 68
x-amz-cf-id: 8TeyYuHrTXMpSaV19HWO4ZCixw_QxlM_1JhdB5u4jM9XJPKLDfikmQ==

GET
H3 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 146 B
546 B 189ms
189ms Fetch
application/json 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 292f36014e3870808fdb11e803672c7084a6b098486ea35a0ac456e61ee98732

Request headers

Content-Type: application/json
Referer: https://www.bakertilly.com/
Authorization: Bearer 158d84a7071679921759
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
visited_url: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
via: 1.1 702b555619c53ec5f8f56dfeed61c334.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: AMS58-P3
x-powered-by: Express
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
apigw-requestid: c3RFgiFNvHcEPRA=
server: cloudflare
etag: W/"92-tLyVyUWdlFbdnCjAAMc2yo1cGkY"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bakertilly.com
cf-ray: 8b6b5cf99c8f996e-FRA
x-amz-cf-id: nUIcP8Jn521P7JSzt3-Vau6_FdbiQFoJ7pmxbmTa7R1btAsavmKt-A==

OPTIONS
H3 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 211ms
186ms Preflight 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.bakertilly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,X-Amp-Device-Id,X-Amp-Session-Id,visited_url,_zitok,forwarded,x-ziaccesstoken
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE, PUT
access-control-allow-origin: https://www.bakertilly.com
alt-svc: h3=":443"; ma=86400
apigw-requestid: c3RFeiAwvHcEM5Q=
cf-cache-status: DYNAMIC
cf-ray: 8b6b5cf85b1c996e-FRA
date: Wed, 21 Aug 2024 14:37:48 GMT
server: cloudflare
vary: Origin
via: 1.1 70d3812e62d49cd4dca6f1dcec98b050.cloudfront.net (CloudFront)
x-amz-cf-id: 4Dks73EmPXIbraSRSjLKn5YRMNytqXphtcrFRYD4wVDw4MXyuQjqbQ==
x-amz-cf-pop: AMS58-P3
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 108ms
106ms Stylesheet
text/css 52.59.168.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.59.168.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-168-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 536cc254aafb1849284052cb295ee42c475f12bff884dec372b15be59c50fd89

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 14:37:48 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 142ms
116ms Fetch
image/jpeg 52.59.168.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.59.168.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-168-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 14:37:48 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
468 B 110ms
110ms XHR
application/json 54.204.18.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.204.18.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-204-18-47.compute-1.amazonaws.com

Software

Resource Hash

da577d7d78165ce2f54856a3ded2082853c01921427bb7c11beaa59dd8e60c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bakertilly.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 91bc3a858132eb959974aa77a589dd68

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 2 KB
2 KB 193ms
193ms Script
text/javascript 34.237.219.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=50965&account_id=871811&title=Ransomware%20prevention%20guide%20-%20Baker%20Tilly&url=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august&referrer=&utm_campaign=fy25-banking-nl-august&utm_medium=email&utm_source=nl

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-219-119.compute-1.amazonaws.com

Software

Resource Hash

73cc63bb03dcd45fb88da44aab94ebcd0b587fe595a0259353875a72b1d33ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 21 Aug 2024 14:37:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 940
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
335 B 100ms
99ms XHR
text/plain 52.59.168.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=9GgM8L9xeiwGdNE8ry312A&is_js=true&landing_url=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august&t=Ransomware%20prevention%20guide%20-%20Baker%20Tilly&tip=Hl2qaGMurM7xfMLbKKhTOctmGu71On0i99Jrt--HIfM&host=https%3A%2F%2Fwww.bakertilly.com&sa_conv_data_css_value=%270-9ec10430-4071-5daf-6ed6-3c7accb1865f%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd99ec1043040715daf6ed63c7accb1865f4e9f6c1b&l_src=&l_src_d=&u_src=nl&u_src_d=2024-08-21T14%3A37%3A48.193Z&shop=false&sa-user-id-v3=s%253AAQAKIL7O9VehU5uS_Bwq_GMIHIVYZTr5E_S_ZpaaY5slj2r5ENYBGAQgvPeXtgYwAToEFPvsiUIEt58Gfw.kvqgnhuEHnKu7aXotJ%252FjtDDRn0sXk%252F6yobGW%252BYet9C4&sa-user-id-v2=s%253AnsEEMEBxXa9u1jx6zLGGX06fbBs.uzhLqncxzDGkjUaWPKTrK9DgjY1BvlqR0K0s8k85qXY&sa-user-id=s%253A0-9ec10430-4071-5daf-6ed6-3c7accb1865f.iAmTD8O1HaWopdejV4B0buMz7IB74jzqSG64%252FkuKrHM
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.59.168.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-168-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a7a37e22429d5e6fff2d78cbe7dd6a268d61111a8031a273b0fc1565f163518e

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.bakertilly.com
date: Wed, 21 Aug 2024 14:37:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 138
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

POST
H2 200 engage Show response
bakertillyusllp.us-6.evergage.com/api2/event/ 137 B
815 B 391ms
139ms XHR
application/json 3.219.147.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bakertillyusllp.us-6.evergage.com/api2/event/engage

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.219.147.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-219-147-176.compute-1.amazonaws.com

Software

Resource Hash

482f777735cf7638c9af49560edd4b3f9d660a352466a76478c104881c928186

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bakertilly.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
733 B

86ms
62ms

Script
application/javascript

2600:9000:2664:d400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:2664:d400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 02:47:17 GMT
X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 99ba7d06b066167926f290b38218435e.cloudfront.net (CloudFront)
Age: 42632
X-Amz-Cf-Pop: CDG55-P2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: lTvoCkKS3vxddGvJGrR2v2bf4FhJRJY9K5_Oo5f2EeOsmHeEvVeh2g==

Redirect headers

Date: Wed, 21 Aug 2024 05:01:13 GMT
Via: 1.1 6c6f45ebc0144bf0624643e88a527f16.cloudfront.net (CloudFront)
Age: 34594
X-Amz-Cf-Pop: CDG55-P2
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 0OIkO4vrNZ382mNZhb8aTCxaTQuLb4Huxx1SDK3B6DoLieb_Z9fIiw==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/ 9 KB
4 KB 139ms
88ms Script
text/javascript 2600:9000:2664:d400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2664:d400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: 88tGmevg3..Rq8ZbJxFwj8JQpncOFlIt
Content-Encoding: gzip
Via: 1.1 6c6f45ebc0144bf0624643e88a527f16.cloudfront.net (CloudFront)
Date: Wed, 21 Aug 2024 14:25:57 GMT
Age: 1073
X-Amz-Cf-Pop: CDG55-P2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 20 Aug 2024 12:42:16 GMT
Server: AmazonS3
Etag: W/"706be4fd28aeb971d2ff83a528c2073a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: HbxFbHvDJVpU7kmsTlUFnMupw0uuBtMT0SWHo6Y7EEODF4tTUEbUOw==

GET
H2 200 ZIA6BVWR65BBXJT4LUM5OD Show response
d.adroll.com/consent/check/ 559 B
652 B 138ms
44ms Script
application/javascript 2a05:d018:cc3:fe04:63b8:5da2:7c60:d35c
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/ZIA6BVWR65BBXJT4LUM5OD?pv=4798226587.85003&arrfrr=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august&_s=44049bdc4aa99c9b1940705413d59576&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:63b8:5da2:7c60:d35c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 383cc6e8e8b4d6604f72a592128acfd2758ec84760e68fac21fb5d3e4dcba125

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
server: nginx/1.22.1
content-length: 559
content-type: application/javascript

GET
H3 200 / Show response
ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3/ 3 KB
2 KB 245ms
215ms Fetch
text/javascript 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3/?iszitag=true

Requested by

Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

899299025b6aec903bdc2a6e8ef406d1c54d10c5e86dcb327f1dd4bf3952ada3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

visited-url: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
Referer: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august
_vtok: NzguMTU5LjEwOC4yNw==
_zitok: 532b926e2a2a4027c2e11724251068
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/javascript

Response headers

date: Wed, 21 Aug 2024 14:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.bakertilly.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 8b6b5cfc2e291919-FRA

OPTIONS
H3 200 /
ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3/ Frame 0
0 184ms
157ms Preflight
text/html 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3/?iszitag=true

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://www.bakertilly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://www.bakertilly.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b6b5cfaed0b91ff-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 21 Aug 2024 14:37:48 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
199 B 180ms
180ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Aug 2024 14:37:48 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: CF4533C88D8E4174B1C9027D11B12340 Ref B: DUS30EDGE0418 Ref C: 2024-08-21T14:37:48Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.bakertilly.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYgMnxzyPM+DuoWIuppqg==

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 413 KB
84 KB 90ms
90ms Script
text/javascript 2600:9000:2664:d400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2664:d400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b8671f08b1e11ff97209c38ae055192065f256c7ce760c715fe05c5482d2e81

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: VrseeXkYhawqUTA9Fww4aopzp4PLNITS
Content-Encoding: gzip
Via: 1.1 6c6f45ebc0144bf0624643e88a527f16.cloudfront.net (CloudFront)
Date: Wed, 21 Aug 2024 14:34:31 GMT
Age: 198
X-Amz-Cf-Pop: CDG55-P2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 25 Jun 2024 18:52:35 GMT
Server: AmazonS3
Etag: W/"e5a8f1a23546815681b8bee9100b5eac"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: bgVJMwyYadWGHcf6DkzXzpuX_tChExVed3NkF_kN41eFwdbx0a1rpQ==

POST
H2 204 pr
bakertillyusllp.us-6.evergage.com/ 0
536 B 120ms
119ms Ping
text/plain 3.219.147.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bakertillyusllp.us-6.evergage.com/pr?.top=514&item=%7B%22type%22%3A%22Insight%22%2C%22_id%22%3A%22ransomware-prevention-guide%22%2C%22dimensions%22%3A%7B%22InsightMedium%22%3A%5B%22Resource%22%5D%7D%7D&action=View%20Catalog%20Object&.tt=394&.dt=1502&.lt=2044&.bv=16&_ak=bakertillyusllp&_ds=engage&.scv=2&channel=Web&_r=345920&.anonId=85aa26d641c09f6b&_anon=true

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/bakertillyusllp/engage/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.219.147.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-219-147-176.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bakertilly.com
date: Wed, 21 Aug 2024 14:37:48 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 34ms
33ms Image
image/png 2600:9000:2664:d400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2664:d400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Wed, 21 Aug 2024 05:40:30 GMT
Via: 1.1 6c6f45ebc0144bf0624643e88a527f16.cloudfront.net (CloudFront)
Age: 32238
X-Amz-Cf-Pop: CDG55-P2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: P4weJM6LnBVjJPIMKbr-EORpcy0ZeNrYjzozvnCcEOSi7z1fNdR70w==

GET
BLOB 200
OK de53f807-64d7-4745-a921-550b2b48dd4c Show response
https://www.bakertilly.com/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bakertilly.com/de53f807-64d7-4745-a921-550b2b48dd4c
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 899299025b6aec903bdc2a6e8ef406d1c54d10c5e86dcb327f1dd4bf3952ada3

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 3029
Content-Type: text/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 47ms
46ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DDHH2G7ZCE&gtm=45je48j0v873697793z86503953za200zb6503953&_p=1724251067536&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=586720297.1724251068&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1724251068&sct=1&seg=0&dl=https%3A%2F%2Fwww.bakertilly.com%2Finsights%2Fransomware-prevention-guide%3Futm_source%3Dnl%26utm_medium%3Demail%26utm_campaign%3Dfy25-banking-nl-august&dt=Ransomware%20prevention%20guide%20-%20Baker%20Tilly&en=GA4%20Page%20View&ep.content_group=Insights&_et=12&tfd=7642
Requested by: Host: www.bakertilly.com
URL: https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/_app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.bakertilly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 14:37:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bakertilly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bakertilly.com/	1969-12-31 23:59:59	Name: sid Value: 78d3cbe8-06d0-441a-823f-6def409bd021
.trkn.us/	1970-01-21 07:43:07	Name: barometric[cuid] Value: cuid_66c5fbba-9cd0-4170-8229-c03ad2204867
.bakertilly.com/	1970-01-21 07:43:07	Name: ajs_anonymous_id Value: f2744a2c-f22b-4f6a-9f23-417f06626a8d
.bakertilly.com/	1970-01-21 01:07:07	Name: _gcl_au Value: 1.1.548219252.1724251068
.bakertilly.com/	1970-01-21 08:33:31	Name: _ga_DDHH2G7ZCE Value: GS1.1.1724251068.1.0.1724251068.0.0.0
.bakertilly.com/	1970-01-21 08:33:31	Name: nmstat Value: 9016a330-4205-3f19-e65e-dbb3bf4faa23
tags.srv.stackadapt.com/	1970-01-21 07:43:07	Name: sa-user-id Value: s%3A0-9ec10430-4071-5daf-6ed6-3c7accb1865f.iAmTD8O1HaWopdejV4B0buMz7IB74jzqSG64%2FkuKrHM
.srv.stackadapt.com/	1970-01-21 07:43:07	Name: sa-user-id Value: s%3A0-9ec10430-4071-5daf-6ed6-3c7accb1865f.iAmTD8O1HaWopdejV4B0buMz7IB74jzqSG64%2FkuKrHM
tags.srv.stackadapt.com/	1970-01-21 07:43:07	Name: sa-user-id-v2 Value: s%3AnsEEMEBxXa9u1jx6zLGGX06fbBs.uzhLqncxzDGkjUaWPKTrK9DgjY1BvlqR0K0s8k85qXY
.srv.stackadapt.com/	1970-01-21 07:43:07	Name: sa-user-id-v2 Value: s%3AnsEEMEBxXa9u1jx6zLGGX06fbBs.uzhLqncxzDGkjUaWPKTrK9DgjY1BvlqR0K0s8k85qXY
tags.srv.stackadapt.com/	1970-01-21 07:43:07	Name: sa-user-id-v3 Value: s%3AAQAKIL7O9VehU5uS_Bwq_GMIHIVYZTr5E_S_ZpaaY5slj2r5ENYBGAQgvPeXtgYwAToEFPvsiUIEt58Gfw.kvqgnhuEHnKu7aXotJ%2FjtDDRn0sXk%2F6yobGW%2BYet9C4
.srv.stackadapt.com/	1970-01-21 07:43:07	Name: sa-user-id-v3 Value: s%3AAQAKIL7O9VehU5uS_Bwq_GMIHIVYZTr5E_S_ZpaaY5slj2r5ENYBGAQgvPeXtgYwAToEFPvsiUIEt58Gfw.kvqgnhuEHnKu7aXotJ%2FjtDDRn0sXk%2F6yobGW%2BYet9C4
.bakertilly.com/	1970-01-21 08:33:31	Name: _ga Value: GA1.2.586720297.1724251068
.bakertilly.com/	1970-01-20 22:58:57	Name: _gid Value: GA1.2.1978523332.1724251068
.bakertilly.com/	1970-01-20 22:57:31	Name: _gat_UA-9130791-1 Value: 1
.bakertilly.com/	1970-01-21 08:33:31	Name: sm_uuid Value: 1724251863418
www.bakertilly.com/	1970-01-20 23:40:43	Name: sa-u-source Value: nl
www.bakertilly.com/	1970-01-20 23:40:43	Name: sa-u-date Value: 2024-08-21T14:37:48.193Z
www.bakertilly.com/	1970-01-21 07:43:07	Name: sa-user-id Value: s%253A0-9ec10430-4071-5daf-6ed6-3c7accb1865f.iAmTD8O1HaWopdejV4B0buMz7IB74jzqSG64%252FkuKrHM
www.bakertilly.com/	1970-01-21 07:43:07	Name: sa-user-id-v2 Value: s%253AnsEEMEBxXa9u1jx6zLGGX06fbBs.uzhLqncxzDGkjUaWPKTrK9DgjY1BvlqR0K0s8k85qXY
www.bakertilly.com/	1970-01-21 07:43:07	Name: sa-user-id-v3 Value: s%253AAQAKIL7O9VehU5uS_Bwq_GMIHIVYZTr5E_S_ZpaaY5slj2r5ENYBGAQgvPeXtgYwAToEFPvsiUIEt58Gfw.kvqgnhuEHnKu7aXotJ%252FjtDDRn0sXk%252F6yobGW%252BYet9C4
www.bakertilly.com/	1970-01-20 23:07:35	Name: slireg Value: https://scout.us4.salesloft.com
.bakertilly.com/	1970-01-21 08:33:31	Name: _evga_c023 Value: {%22uuid%22:%2285aa26d641c09f6b%22}
www.bakertilly.com/	1970-01-21 07:43:07	Name: sliguid Value: cad67ec7-072d-47f7-b11b-7aa5f9c697d1
www.bakertilly.com/	1970-01-21 07:43:07	Name: slirequested Value: true
.bakertilly.com/	1970-01-21 08:33:31	Name: _sfid_2dc0 Value: {%22anonymousId%22:%2285aa26d641c09f6b%22%2C%22consents%22:[]}
.linkedin.com/	1970-01-21 07:43:07	Name: bcookie Value: "v=2&d48dcf79-0e24-43df-82c0-06bdff310fef"
.linkedin.com/	1970-01-21 03:16:43	Name: li_gc Value: MTswOzE3MjQyNTEwNjg7MjswMjHNKwJqIy8BVlOejM1yXSwWf8pPp9pULAcixaMoDRf9UA==
.linkedin.com/	1970-01-20 22:58:57	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2983:u=1:x=1:i=1724251068:t=1724337468:v=2:sig=AQHrBK19ROWBAAv-NgrMYO7Akdf1S8nV"
.www.bakertilly.com/	1970-01-21 07:43:07	Name: _zitok Value: 532b926e2a2a4027c2e11724251068
bakertillyusllp.us-6.evergage.com/	1970-01-20 23:07:35	Name: AWSALBTGCORS Value: B/e+bprFwi0xN5YJ82qeXAzYTn7vDP8mPs5oTbhKTPRBONQIfsoMDz08ekn9PIO3aXBA5BTS5IpuiyX/m2XwYy0ESuQ/dqeeRsrU5R+UC12ussXOmdxVSgjvqj0lIs2/rxzSqmz+9/635fk22Y33T8e572XXaunJFOLQtxX/1/g1CbUfP7s=
.zoominfo.com/	1970-01-20 22:57:32	Name: __cf_bm Value: ama6L0RRGqrOYh7.9ewy16sjgAodOVFI1aXqxMQWWKw-1724251069-1.0.1.1-TlLVAoTyPMqAO_h44wCZjmGPE70teZXBXDnR98sQYu4Dyqsah.pz5WlnAJfbgFjApmN2JZ9irphm7NDIiNEvOg
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: NScism9svmQpFyFpNelY1pSuBEo5DBwMO88XpK3CgeE-1724251069010-0.0.1.1-604800000

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.bakertilly.com/assets/images/logos/footer-growth-symbol.png Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august Message: The resource https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/index.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august Message: The resource https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/contact/leave-a-message.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august Message: The resource https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/industry.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.bakertilly.com/insights/ransomware-prevention-guide?utm_source=nl&utm_medium=email&utm_campaign=fy25-banking-nl-august Message: The resource https://www.bakertilly.com/_next/static/PZatoyQxjUanQraOaCAr8/pages/service.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

35627.global.siteimproveanalytics.io
analytics-sm.com
baker-tilly-www.prismic.io
bakertillyusllp.us-6.evergage.com
cdn.calibermind.com
cdn.evgnet.com
d.adroll.com
e.calibermind.com
fonts.googleapis.com
fonts.gstatic.com
images.prismic.io
js.zi-scripts.com
pi.pardot.com
px.adentifi.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s.adroll.com
scout-cdn.salesloft.com
scout.salesloft.com
siteimproveanalytics.com
snap.licdn.com
static.cdn.prismic.io
tags.srv.stackadapt.com
trkn.us
ws.zoominfo.com
www.bakertilly.com
www.google-analytics.com
www.googletagmanager.com
104.16.118.43
104.17.61.70
104.18.37.212
13.107.42.14
142.250.184.232
142.250.186.67
151.101.192.114
172.67.213.149
18.156.179.246
188.114.96.3
2001:4860:4802:32::36
23.21.59.137
2600:9000:2664:d400:6:9280:1080:93a1
2600:9000:2729:5600:6:ea06:d140:93a1
2606:4700::6810:4869
2620:1ec:21::14
2a00:1450:4001:803::2008
2a00:1450:4001:813::200a
2a00:1450:4001:82f::200e
2a02:26f0:3500:10::210:a9a
2a04:4e42:200::720
2a05:d018:cc3:fe04:63b8:5da2:7c60:d35c
3.209.222.198
3.219.147.176
34.237.219.119
52.59.168.105
54.204.18.47
65.9.189.5
95.101.111.153
05719cb313f1fcee64e8ba1d15f25ec805d13ae54527f73d7f2d2659a866ca7d
0932328d57c563bc09dc837fdb68ec99eae460685c94901c24133719e83baf84
116e1a808fdc2ddec2210714314055ba86b77ca52b6e7d3e79d657901fa5093f
129290876303b730f5d14f6346381a5dbcca3bae755815192a9f8e2fe1b692c9
133b0a1570d26f9e1beeecaeb4587a8f449c65bff8c87895cdd7e98879644ba6
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1e898342f996200ceb14753e5829a6ff91de9ba3bc8114240e22e1c4d859bf2b
2109f2e4477f399537deba5bc22976ef549745cefd7f1480714681bfb0a7db8e
25f52925d0933d6b61490f505f916b1d789b0506c1d78c22ebc2c8402c729270
292f36014e3870808fdb11e803672c7084a6b098486ea35a0ac456e61ee98732
34f389410a7c00bca7ca2822478e236e1b5f388c49519ef8147bf035b2e20417
353c4150a08e0ce7066f23607482ac1aeda82b2c759587ddec021c749eeac62b
37b2bee2c9062873ff6a0958b5031530be49d545328f10663f3a34b148a32a61
383cc6e8e8b4d6604f72a592128acfd2758ec84760e68fac21fb5d3e4dcba125
3fc06ba8cad24bdea755d92f562d741555ddefcf4d9a2e31b62dc74a0c76b02d
404ae79ad9b03e63047736ebaf77df9a759b0add1fa42e02bd6a4f362d64098e
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
451b105c93a89c76370482f8fcf196fb18b9f1c7c136e4e1eddf9c39c96faa83
482f777735cf7638c9af49560edd4b3f9d660a352466a76478c104881c928186
49ae9566a5e89b4eb9fb245d9181d334b33209b7db0835306a429bcedf608836
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4b8671f08b1e11ff97209c38ae055192065f256c7ce760c715fe05c5482d2e81
4d7bd4ec78e4eb20c8817645c391480483854eaf4cf581f5e094d1da7b5db6cc
502a69eb9923c1a67636c6d602f83646b807f8bef594f86a265f1609328d08ba
536cc254aafb1849284052cb295ee42c475f12bff884dec372b15be59c50fd89
73cc63bb03dcd45fb88da44aab94ebcd0b587fe595a0259353875a72b1d33ae5
759bb13ca8d3bf157ea00880f75525c5cf9852d2afb83046a08bd01d0754e0af
7caf36b55355e578e5feabaf323570f02ea44186d19a1373667e6c89e4b7b8a8
7e7cf5423996cb33fa1d00f046eb950cd15eca51e98b542bb9f067ab7e68d4f6
820becd2197590a087417f82cadbc9b204b8f3ed0af78aead0a031d59d63f362
894f4b26a5a3eb51179aa7e7ab27494c959890d074a28a93aee2f8aebad23e85
899299025b6aec903bdc2a6e8ef406d1c54d10c5e86dcb327f1dd4bf3952ada3
9549d3769190f3c3f3e5b90ae9036e8b7efa82f8567b969d275567c97b58da33
95f8c32b30571edb818d1eb4897b774adf052145ec4556855858fe707189b60d
9844579f0a3a300c6002161472944a2d3005207da025d56c3d13d7f0f0f102c5
9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f
9ec5c5b61fd648ca8fb1ef4264967b218ecc950355d22810fd62122b9f8edfde
a4b64ecd49f8aa480488079645a9ffb132446c753a2603451ca60e999d0e4835
a4fd9346e058d82c9c4576df90acf252659e0798d090d3b9b2b7d28b616fe2ff
a72e3a167735cc751715b73438679f069466f342ee91d11a7e6c11362e98998a
a7a37e22429d5e6fff2d78cbe7dd6a268d61111a8031a273b0fc1565f163518e
ad3d105e4495108a70da8a2aec5c35b376f1da7a767529c59798fb7d63107a26
addd800aefd06c4e2dd67d3b7cb4624d82cfdfa488bb320911ac244e2a7db0c7
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
b4dacab7a08f29be07f9ab5848da3524f1de375c3d2a57577bd2aff6eb225f0c
b9d57c011f5734dad11b6a8c11484ee4cef5c652b0697f327c7ffdc89ac17652
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c74cb95556f697e59eeb6814a2926e976cce99dbb5d3a9e1a66fb3cfd19ece90
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb6a0754dd34dd3f13d2ecc0e161d37b5665af640a88d378fb786ec1747dcc7b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda851ced6071adcde40501c1c09e21fd48be1594567337f82711a6371b9779c
d0647d8975d5c92ea700e635befca523c5aac18754b8454d954909fe070e68cc
d110f18f765e2f46d22d601c516224e892587e848a1179f62ddfc6036d7ed2ac
d81edf2c45c2bd7898d55ffd2a9fa5d56e5272235f212eb3cec03c3cfd4237f3
da577d7d78165ce2f54856a3ded2082853c01921427bb7c11beaa59dd8e60c57
dd594fed90ba1b79d5c10828979d9b29eb1c35003735339ba7bd494249ca5d21
dde21bacb6b7f5cdb1d620ea43681754fb22a9630f642175c70c3f2b492b3cd5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1e56de778bb0e6ab931bd871297a005b594fc05414cf8dedf3ddea7a34d0004
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f70153655961009a5b2ac8407f340bc9273c1688988c97b4c45255508eb956e3
ffbf1077ec8b75ebef83407966e256d7a631a2853902730c5b313f28f18910bd

www.bakertilly.com Open in urlscan Pro 104.17.61.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

95 %HTTPS

38 %IPv6

22 Domains

29 Subdomains

30 IPs

5 Countries

1826 kBTransfer

6844 kBSize

33 Cookies

7 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bakertilly.com Open in urlscan Pro
104.17.61.70 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

95 %
HTTPS

38 %
IPv6

22
Domains

29
Subdomains

30
IPs

5
Countries

1826 kB
Transfer

6844 kB
Size

33
Cookies

85 HTTP transactions
0 data transactions