urlscan.io logo urlscan.io
SecurityTrails logo

www.bakertilly.global Open in urlscan Pro
2620:1ec:46::45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.bakertillyinternational.com/
Effective URL: https://www.bakertilly.global/
Submission: On October 27 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 28 HTTP transactions. The main IP is 2620:1ec:46::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.bakertilly.global.
TLS certificate: Issued by GeoTrust RSA CA 2018 on November 10th 2021. Valid for: a year.
This is the only time www.bakertilly.global was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 62.233.121.5 20860 (IOMART-AS)
16 2620:1ec:46::45 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 2620:1ec:22::14 8068 (MICROSOFT...)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
28 10
1    62.233.121.5 (Camberley, United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: forward.easyspace.com
www.bakertillyinternational.com
16    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.bakertilly.global
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
Apex Domain
Subdomains		 Transfer
16 bakertilly.global
www.bakertilly.global
4 MB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
www.linkedin.com — Cisco Umbrella Rank: 591
px4.ads.linkedin.com — Cisco Umbrella Rank: 6090
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
4 KB
2 gstatic.com
fonts.gstatic.com
31 KB
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3174
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
450 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
43 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
1 bakertillyinternational.com
www.bakertillyinternational.com
212 B
28 11
Domain Requested by
16 www.bakertilly.global www.bakertilly.global
2 px.ads.linkedin.com 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 snap.licdn.com www.bakertilly.global
snap.licdn.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.co.uk www.bakertilly.global
1 www.google.com www.bakertilly.global
1 stats.g.doubleclick.net www.google-analytics.com
1 px4.ads.linkedin.com www.bakertilly.global
1 www.linkedin.com 1 redirects
1 www.googletagmanager.com www.bakertilly.global
1 fonts.googleapis.com www.bakertilly.global
1 www.bakertillyinternational.com 1 redirects
28 13
Subject Issuer Validity Valid
*.bakertilly.global
GeoTrust RSA CA 2018		 2021-11-10 -
2022-12-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.bakertilly.global/
Frame ID: D590FF5C313F00F29F50C951B31ABE4D
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Page URL History Show full URLs

  1. http://www.bakertillyinternational.com/ HTTP 301
    https://www.bakertilly.global/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

28
Requests

96 %
HTTPS

85 %
IPv6

11
Domains

13
Subdomains

10
IPs

4
Countries

4485 kB
Transfer

5223 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.bakertillyinternational.com/ HTTP 301
    https://www.bakertilly.global/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2216745&time=1666877922306&url=https%3A%2F%2Fwww.bakertilly.global%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2216745%26time%3D1666877922306%26url%3Dhttps%253A%252F%252Fwww.bakertilly.global%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2216745&time=1666877922306&url=https%3A%2F%2Fwww.bakertilly.global%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2216745&time=1666877922306&url=https%3A%2F%2Fwww.bakertilly.global%2F&liSync=true&e_ipv6=AQJNggNVROG1ZwAAAYQZqp8R2p_hrQ18APXMIYmF3mXk8jjKWmar0NrLYAIeLWRfG9Qp

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bakertilly.global/
Redirect Chain
  • http://www.bakertillyinternational.com/
  • https://www.bakertilly.global/
223 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6cec152a9a0be5f2d502caf18ec52a710cc1c29e8133d082fbef8a843f69270f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=1800
content-encoding
gzip
content-length
26550
content-type
text/html; charset=utf-8
date
Thu, 27 Oct 2022 13:38:41 GMT
last-modified
Thu, 27 Oct 2022 13:28:34 GMT
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
vary
Accept-Encoding
x-azure-ref
04YlaYwAAAADZELYWDzHgSLQ4PQHXkDx5TFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
x-azure-ref-originshield
0godaYwAAAAAJeXuJm5uxQKrp8t/7YNHETE9OMjFFREdFMTcxMQA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
x-cache
TCP_HIT

Redirect headers

Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Oct 2022 13:38:40 GMT
Location
https://www.bakertilly.global
Server
Apache/2.2.15 (CentOS)
Transfer-Encoding
chunked
all.css
www.bakertilly.global/Content/BTI/bundles/ 		146 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bakertilly.global/Content/BTI/bundles/all.css?v=IOfnzMQTRVaHTiA3nd2HQC6zT9nWcE2yM6_6k2a2RR81
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
152c3d1220896268982e74c74e292b54b7ab96494fdcf2a2acf2fccd8c7f7291

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 26 Oct 2023 07:41:47 GMT
date
Thu, 27 Oct 2022 13:38:41 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 07:41:47 GMT
x-azure-ref-originshield
0OiJZYwAAAABIqoWSK/r4TpzlZtV7LOXTTE9OMjFFREdFMTcxOAA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
vary
User-Agent,Accept-Encoding
x-cache
TCP_HIT
content-type
text/css; charset=utf-8
x-azure-ref
04YlaYwAAAAClRihzbK5eR7MGUQVKic5STFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
access-control-expose-headers
Request-Context
cache-control
public
content-length
33736
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Oct 2022 13:38:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 13:25:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Oct 2022 13:38:41 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-33340214-1
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c16fce196f16e8fd7c04d1bb25ba2b344522714d43c0a61f4476285041e11dd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:38:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43610
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Oct 2022 13:38:41 GMT
baker-tilly-international.png
www.bakertilly.global/media/1062/ 		219 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bakertilly.global/media/1062/baker-tilly-international.png
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
50c5d1c9104da713183e586ebade0e519719e070b29f1ba79ff89a7d697a5e36

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Tue, 24 Oct 2023 19:47:04 GMT
date
Thu, 27 Oct 2022 13:38:41 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0Iu9ZYwAAAAA7KzKVp/GGQLvMD3gxajD1TE9OMjFFREdFMTcwOQA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
image/png
x-azure-ref
04YlaYwAAAACcwkZUgbuoS796LPNp2ZKXTFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
access-control-expose-headers
Request-Context
cache-control
public, must-revalidate, max-age=31359320
accept-ranges
bytes
content-length
224111
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
sticky-logo.svg
www.bakertilly.global/Content/BTI/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bakertilly.global/Content/BTI/img/sticky-logo.svg
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
81a085a64e757d4cc392bf22355acbd4c527a4416e5de6ada49aecf94b7cf02b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:38:41 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 06:01:02 GMT
x-azure-ref-originshield
03fxYYwAAAADXq2YG7D4EQrrbFY8NTtzyTE9OMjFFREdFMTYxNAA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
etag
"0e3873e35a6d81:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
image/svg+xml
x-azure-ref
04YlaYwAAAAAd/pPpglHQTq9vSylZj9QeTFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
access-control-expose-headers
Request-Context
accept-ranges
bytes
content-length
1608
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
bti-logo-white.png
www.bakertilly.global/media/1127/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bakertilly.global/media/1127/bti-logo-white.png
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ec36b23b236a8a2b18d8b896c88cee80161d7cc7aff7766108f9702d116db275

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Sat, 21 Oct 2023 04:52:29 GMT
date
Thu, 27 Oct 2022 13:38:41 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
06yxZYwAAAAD7Tx5MZ8GDQ6Q8ARjyugQ3TE9OMjFFREdFMTgxNAA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
image/png
x-azure-ref
04YlaYwAAAAC9dnpYwrgPRpHbv+Ox+hSpTFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
access-control-expose-headers
Request-Context
cache-control
public, must-revalidate, max-age=31089878
accept-ranges
bytes
content-length
9312
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
scripts.js
www.bakertilly.global/Content/BTI/bundles/ 		522 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bakertilly.global/Content/BTI/bundles/scripts.js?v=VoejdxT47XBBaZX12KbMb_tiVlGy7VPOYs0ZtnNF6Fs1
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f79b240d7ab23a4750cf36e19529b0d4b04df1aa040cc5eaaef6ac23a59630ce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 26 Oct 2023 08:47:50 GMT
date
Thu, 27 Oct 2022 13:38:41 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 08:47:50 GMT
x-azure-ref-originshield
0D1xZYwAAAABHgI7wOFWyQILwuhGK13/dTE9OMjFFREdFMTcwOQA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
vary
User-Agent,Accept-Encoding
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
x-azure-ref
04YlaYwAAAACsEwfIf8E4QYjhLOTssrSfTFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
access-control-expose-headers
Request-Context
cache-control
public
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
CarnacRegular.woff
www.bakertilly.global/Content/BTI/fonts/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bakertilly.global/Content/BTI/fonts/CarnacRegular.woff
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/Content/BTI/bundles/all.css?v=IOfnzMQTRVaHTiA3nd2HQC6zT9nWcE2yM6_6k2a2RR81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
46cf397f559134e1260c2b379fc9f5c4db4e96c96b15bf627abb36c485839e01

Request headers

Referer
https://www.bakertilly.global/Content/BTI/bundles/all.css?v=IOfnzMQTRVaHTiA3nd2HQC6zT9nWcE2yM6_6k2a2RR81
Origin
https://www.bakertilly.global
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:38:41 GMT
last-modified
Tue, 02 Aug 2022 06:01:02 GMT
x-azure-ref-originshield
0sP5ZYwAAAADOEW9RM0YeSKRu9TFRF4KOTE9OMjFFREdFMTcxNQA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
etag
"0e3873e35a6d81:0"
x-azure-ref
04YlaYwAAAACFY++pKzKiSaWyt6YW4feETFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
x-cache
TCP_HIT
content-type
application/x-font-woff
access-control-expose-headers
Request-Context
accept-ranges
bytes
content-length
46056
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
icomoon.ttf
www.bakertilly.global/Content/BTI/fonts/ 		6 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bakertilly.global/Content/BTI/fonts/icomoon.ttf?subqva
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/Content/BTI/bundles/all.css?v=IOfnzMQTRVaHTiA3nd2HQC6zT9nWcE2yM6_6k2a2RR81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
17f153f263735db7009737373857f515c304e8dd9c149315878fef8157114369

Request headers

Referer
https://www.bakertilly.global/Content/BTI/bundles/all.css?v=IOfnzMQTRVaHTiA3nd2HQC6zT9nWcE2yM6_6k2a2RR81
Origin
https://www.bakertilly.global
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:38:41 GMT
content-encoding
br
last-modified
Tue, 02 Aug 2022 06:01:02 GMT
x-azure-ref-originshield
0qSRaYwAAAACIxQ7IZ8EHT5UDSAGi5FlgTE9OMjFFREdFMTgxOAA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
etag
"0e3873e35a6d81:0"
x-azure-ref
04YlaYwAAAADgaE3iAif7SpnuXw3XVvKiTFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
x-cache
TCP_HIT
content-type
application/octet-stream
access-control-expose-headers
Request-Context
accept-ranges
bytes
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bakertilly.global
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 13:14:53 GMT
x-content-type-options
nosniff
age
519828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 13:14:53 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		997 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3f01cb4e8bb564dfe1d558ba77bf9cda1712b8378f4c25223c44967ae8d5ea04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
647
date
Thu, 27 Oct 2022 13:38:41 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 22:31:50 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=32011
accept-ranges
bytes
content-length
471
road.jpg
www.bakertilly.global/media/15065/ 		344 KB
345 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bakertilly.global/media/15065/road.jpg
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
450c0d4fac697e755e6ef3d539dc6145ca6d0050e1f7338c7559db67e2d9c9a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 27 Oct 2023 03:44:48 GMT
date
Thu, 27 Oct 2022 13:38:41 GMT
x-azure-ref-originshield
0sP5ZYwAAAABMD/QLdRabTK5kJ81Uy2uKTE9OMjFFREdFMTYxNAA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
image/jpeg
x-azure-ref
04YlaYwAAAACPs3/RdfHwSa238X08Xy8UTFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
access-control-expose-headers
Request-Context
cache-control
public, must-revalidate, max-age=31536000
accept-ranges
bytes
content-length
352440
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
russia-and-belarus.jpg
www.bakertilly.global/media/14448/ 		276 KB
276 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bakertilly.global/media/14448/russia-and-belarus.jpg
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
72e553c614fd231dc87a6f2f7716483ca764a9f41b50e1d6046ba1b036a48031

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 26 Oct 2023 00:59:51 GMT
date
Thu, 27 Oct 2022 13:38:41 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0PiJZYwAAAACszCc8/0MHSpRQAkFk/jPqTE9OMjFFREdFMTgyMQA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
image/jpeg
x-azure-ref
04YlaYwAAAAAAm/V+DAYWQ5ktMT/1NE+DTFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
access-control-expose-headers
Request-Context
cache-control
public, must-revalidate, max-age=31500772
accept-ranges
bytes
content-length
282444
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
jakub-sejkora-utqjcneofjo-unsplash.jpg
www.bakertilly.global/media/15649/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bakertilly.global/media/15649/jakub-sejkora-utqjcneofjo-unsplash.jpg
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
64508b84cb257cc0971dd9252cbf2c28cbf0075cd2e0008e371e0f3ae643a558

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 26 Oct 2023 05:09:24 GMT
date
Thu, 27 Oct 2022 13:38:41 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0p1taYwAAAAA9f3LOFspORZxHoP8vTcmHTE9OMjFFREdFMTgxMAA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
image/jpeg
x-azure-ref
04YlaYwAAAACT4s0j+maASbuav7g/cN9uTFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
access-control-expose-headers
Request-Context
cache-control
public, must-revalidate, max-age=31531497
accept-ranges
bytes
content-length
1366665
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
gender-quotas.jpg
www.bakertilly.global/media/15372/ 		157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bakertilly.global/media/15372/gender-quotas.jpg
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fb751f1d34a66d3680993a6997d8e1900eb8849dc7a9c0a244db9f11940fd68d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 26 Oct 2023 05:23:01 GMT
date
Thu, 27 Oct 2022 13:38:41 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0Iu9ZYwAAAAAYOavxGyFjTqRaWl8kc8ObTE9OMjFFREdFMTgyMQA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
image/jpeg
x-azure-ref
04YlaYwAAAACzsUswiwW2Q41h/fqBhp+GTFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
access-control-expose-headers
Request-Context
cache-control
public, must-revalidate, max-age=31516563
accept-ranges
bytes
content-length
160264
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
vaccination.jpg
www.bakertilly.global/media/15479/ 		196 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bakertilly.global/media/15479/vaccination.jpg
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1a7811dfd1c8fe895c7330b0b1b09fe88aaa875c69af12d9d434f43be2efd99b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 20:20:21 GMT
date
Thu, 27 Oct 2022 13:38:41 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
03fxYYwAAAAD7qlhSaPhbSYVb0AlBggoFTE9OMjFFREdFMTYxNAA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
image/jpeg
x-azure-ref
04YlaYwAAAAD2lk9CUoUVTb3IvYauKBJyTFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
access-control-expose-headers
Request-Context
cache-control
public, must-revalidate, max-age=31488935
accept-ranges
bytes
content-length
201069
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
corporatefinance.png
www.bakertilly.global/media/1196/ 		662 KB
663 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bakertilly.global/media/1196/corporatefinance.png
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0dc86bddcd82a48fc3eea6d6dcaf6ffe327591b070be1a32dba960010e926417

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 19:46:32 GMT
date
Thu, 27 Oct 2022 13:38:41 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0D1xZYwAAAACo3vxCOydkSbZvACc3R1ZqTE9OMjFFREdFMTgxNQA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
image/png
x-azure-ref
04YlaYwAAAAC1raGqfOg7RqdkZjX+qiCgTFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
access-control-expose-headers
Request-Context
cache-control
public, must-revalidate, max-age=31481974
accept-ranges
bytes
content-length
677587
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
long_and_winding_road.jpg
www.bakertilly.global/media/7964/ 		833 KB
833 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bakertilly.global/media/7964/long_and_winding_road.jpg
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6998bbc090991687ffcdb6eba4afdaa5e0df4d074ba6cdf04b07faff57808968

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Sun, 22 Oct 2023 13:58:14 GMT
date
Thu, 27 Oct 2022 13:38:41 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0PyJZYwAAAADn1BoP1GdFRZu8TUqbE2bSTE9OMjFFREdFMTgwNQA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
image/jpeg
x-azure-ref
04YlaYwAAAAAnt+FAasdVTr/OgLilmw9GTFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
access-control-expose-headers
Request-Context
cache-control
public, must-revalidate, max-age=31201875
accept-ranges
bytes
content-length
852569
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bakertilly.global
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 20:22:20 GMT
x-content-type-options
nosniff
age
494181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 20:22:20 GMT
CarnacLight.woff
www.bakertilly.global/Content/BTI/fonts/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bakertilly.global/Content/BTI/fonts/CarnacLight.woff
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/Content/BTI/bundles/all.css?v=IOfnzMQTRVaHTiA3nd2HQC6zT9nWcE2yM6_6k2a2RR81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e5dd9265b9ba5d761fb496fc9ce3f679fe5557de58c0f53f590df1e90d37c209

Request headers

Referer
https://www.bakertilly.global/Content/BTI/bundles/all.css?v=IOfnzMQTRVaHTiA3nd2HQC6zT9nWcE2yM6_6k2a2RR81
Origin
https://www.bakertilly.global
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:38:41 GMT
last-modified
Tue, 02 Aug 2022 06:01:02 GMT
x-azure-ref-originshield
0sP5ZYwAAAAA2yQaDtq7XQJNLZwKKlszxTE9OMjFFREdFMTYxNwA1OGMzZjk5MS04N2E3LTQ5NjAtOWI2Zi0yNmM2M2VjNzBlZDk=
etag
"0e3873e35a6d81:0"
x-azure-ref
04YlaYwAAAABX99+J8NCJTZnESAj509owTFRTRURHRTEyMTMANThjM2Y5OTEtODdhNy00OTYwLTliNmYtMjZjNjNlYzcwZWQ5
x-cache
TCP_HIT
content-type
application/x-font-woff
access-control-expose-headers
Request-Context
accept-ranges
bytes
content-length
46340
request-context
appId=cid-v1:a6584faa-141b-4d2c-9cb7-b3ad0ee6a822
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:38:42 GMT
content-encoding
gzip
last-modified
Mon, 24 Oct 2022 21:02:26 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=9500
accept-ranges
bytes
content-length
3063
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33340214-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Oct 2022 13:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1368
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 27 Oct 2022 15:15:54 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2216745&time=1666877922306&url=https%3A%2F%2Fwww.bakertilly.global%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2216745%26time%3D1666877922306%26url%3Dhttps%253A%252F%252Fwww.bakertilly.global%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2216745&time=1666877922306&url=https%3A%2F%2Fwww.bakertilly.global%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2216745&time=1666877922306&url=https%3A%2F%2Fwww.bakertilly.global%2F&liSync=true&e_ipv6=AQJNggNVROG1ZwAAAYQZqp8R2p_hrQ18APXMIYmF3mXk8jjKWmar0NrL...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2216745&time=1666877922306&url=https%3A%2F%2Fwww.bakertilly.global%2F&liSync=true&e_ipv6=AQJNggNVROG1ZwAAAYQZqp8R2p_hrQ18APXMIYmF3mXk8jjKWmar0NrLYAIeLWRfG9Qp
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:38:42 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 494D9F16DFAA449E8EBC952C05C19300 Ref B: MAN30EDGE0915 Ref C: 2022-10-27T13:38:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXsBEKBybLcfUrwWeiGtQ==

Redirect headers

date
Thu, 27 Oct 2022 13:38:42 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: FE030BC99BD548149F4620E1F473A0A4 Ref B: LON212050705011 Ref C: 2022-10-27T13:38:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2216745&time=1666877922306&url=https%3A%2F%2Fwww.bakertilly.global%2F&liSync=true&e_ipv6=AQJNggNVROG1ZwAAAYQZqp8R2p_hrQ18APXMIYmF3mXk8jjKWmar0NrLYAIeLWRfG9Qp
x-li-proto
http/2
content-length
0
x-li-uuid
AAXsBEJ9KuFVCSU2XOpYiQ==
collect
www.google-analytics.com/j/ 		2 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=759867676&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bakertilly.global%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1048670183&gjid=1171233451&cid=1332386157.1666877923&tid=UA-33340214-1&_gid=1818899311.1666877923&_r=1&gtm=2ouaq0&z=1154555534
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bakertilly.global/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 13:38:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bakertilly.global
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-33340214-1&cid=1332386157.1666877923&jid=1048670183&gjid=1171233451&_gid=1818899311.1666877923&_u=YEBAAUAAAAAAACAAI~&z=137723879
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bakertilly.global/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 27 Oct 2022 13:38:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bakertilly.global
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-33340214-1&cid=1332386157.1666877923&jid=1048670183&_u=YEBAAUAAAAAAACAAI~&z=137200524
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 13:38:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-33340214-1&cid=1332386157.1666877923&jid=1048670183&_u=YEBAAUAAAAAAACAAI~&z=137200524
Requested by
Host: www.bakertilly.global
URL: https://www.bakertilly.global/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bakertilly.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 13:38:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk function| openClose function| showPassword function| menuDropHover function| menuMobile function| initSkickyHeader function| initLangDrop function| initLocationDrop function| initSearchContainer function| cookieMsg function| initSameHeight function| countryListInit function| listenCountryButtons function| addCountry function| removeCountry function| updateString function| updateCheckbox function| isSomeCountryChosen function| isSomeRegionChosen function| showGlobalDirectoryResults function| initNewsPage function| initNewsPagination function| reloadArticleContent function| getArticles function| initEventsPage function| initEventPagination function| reloadEventContent function| getEvents function| initInsightsPage function| initInsightsPagination function| reloadInsightsContent function| getInsights function| initSearchPage function| initSearchPagination function| getSearchResults function| initGuidesPage function| openPdfFile function| FileUploadControl object| globalDirectoryIndex function| $ function| jQuery function| Swiper object| app object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData

11 Cookies

Domain/Path Name / Value
.linkedin.com/ Name: UserMatchHistory
Value: AQJdB9DwNyZOEAAAAYQZqpz-WsIqOOKX_K90wSit1cAL25KrNBOgP1nkWA6NWe6A-nIcZ1-IX3PMcA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIOR6sbJEaaCgAAAYQZqpz-5sIJFjPr1qIlPvUffr4NsUjgWbWiogeXaNhVSZC-GupH8X2hL9RRA-Gfwo1naw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&38afd998-d4ba-469d-84ca-05123a6e89ab"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2825:u=1:x=1:i=1666877922:t=1666964322:v=2:sig=AQEU-LQ8-V9OL_KS4SyzmUnuuuQSIADk"
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&20221027133842ef1d51e2-a0af-425a-8bf6-b54cc08c890eAQF7JYsBUaScjU6RKQKz5MzrWPjoqide"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjY4Nzc5MjI7MjswMjE08Hroo6BZYoODAz6DvGlhe/i+HwkcZnkDaQNZPRfHBw==
.bakertilly.global/ Name: _ga
Value: GA1.2.1332386157.1666877923
.bakertilly.global/ Name: _gid
Value: GA1.2.1818899311.1666877923
.bakertilly.global/ Name: _gat_gtag_UA_33340214_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
www.bakertilly.global
www.bakertillyinternational.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.linkedin.com
13.107.42.14
2620:1ec:21::14
2620:1ec:22::14
2620:1ec:46::45
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200a
2a00:1450:400c:c0c::9d
2a02:26f0:3500:16::215:149b
62.233.121.5
0dc86bddcd82a48fc3eea6d6dcaf6ffe327591b070be1a32dba960010e926417
152c3d1220896268982e74c74e292b54b7ab96494fdcf2a2acf2fccd8c7f7291
17f153f263735db7009737373857f515c304e8dd9c149315878fef8157114369
1a7811dfd1c8fe895c7330b0b1b09fe88aaa875c69af12d9d434f43be2efd99b
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3f01cb4e8bb564dfe1d558ba77bf9cda1712b8378f4c25223c44967ae8d5ea04
450c0d4fac697e755e6ef3d539dc6145ca6d0050e1f7338c7559db67e2d9c9a1
46cf397f559134e1260c2b379fc9f5c4db4e96c96b15bf627abb36c485839e01
50c5d1c9104da713183e586ebade0e519719e070b29f1ba79ff89a7d697a5e36
64508b84cb257cc0971dd9252cbf2c28cbf0075cd2e0008e371e0f3ae643a558
6998bbc090991687ffcdb6eba4afdaa5e0df4d074ba6cdf04b07faff57808968
6cec152a9a0be5f2d502caf18ec52a710cc1c29e8133d082fbef8a843f69270f
72e553c614fd231dc87a6f2f7716483ca764a9f41b50e1d6046ba1b036a48031
81a085a64e757d4cc392bf22355acbd4c527a4416e5de6ada49aecf94b7cf02b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
c16fce196f16e8fd7c04d1bb25ba2b344522714d43c0a61f4476285041e11dd9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5dd9265b9ba5d761fb496fc9ce3f679fe5557de58c0f53f590df1e90d37c209
ec36b23b236a8a2b18d8b896c88cee80161d7cc7aff7766108f9702d116db275
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f79b240d7ab23a4750cf36e19529b0d4b04df1aa040cc5eaaef6ac23a59630ce
fb751f1d34a66d3680993a6997d8e1900eb8849dc7a9c0a244db9f11940fd68d