connect.bakertilly.com Open in urlscan Pro
18.208.125.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://connect.bakertilly.com/e/870811/fs-mortgage-compliance-contact/7mqs7v/829643623?h=KjsPuNBTrhg9E77KDOPubwAD8EASqkiEJg1aV...
Effective URL:
https://connect.bakertilly.com/fs-mortgage-compliance-contact
Submission: On February 01 via api (February 1st 2023, 6:31:21 pm UTC) from US — Scanned from DE

Summary HTTP 52 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 22 domains to perform 52 HTTP transactions. The main IP is 18.208.125.13, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is connect.bakertilly.com. The Cisco Umbrella rank of the primary domain is 473150.
TLS certificate: Issued by R3 on January 10th 2023. Valid for: 3 months.

This is the only time connect.bakertilly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9 11	18.208.125.13 18.208.125.13	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2600:9000:211... 2600:9000:211e:4600:d:7e9b:1200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.75 13.32.27.75	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3031::ac43:d595	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:220... 2600:9000:2204:a00:13:5e7f:45c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:4400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.127.99.93 3.127.99.93	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
2 8	2600:9000:211... 2600:9000:211e:1a00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4832	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:e2:... 2606:4700:e2::ac40:8e22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.32.27.38 13.32.27.38	16509 (AMAZON-02) (AMAZON-02)
2	35.225.249.69 35.225.249.69	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:206... 2600:9000:206f:6400:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.156.255.87 35.156.255.87	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:c584:26de:9418:fab	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.215.172.219 3.215.172.219	14618 (AMAZON-AES) (AMAZON-AES)
52	27

11 18.208.125.13 (Ashburn, United States) 9 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com

connect.bakertilly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:211e:4600:d:7e9b:1200:93a1 (United States)

ASN16509 (AMAZON-02, US)

storage.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-75.fra56.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:d595 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.calibermind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:a00:13:5e7f:45c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.metarouter.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.99.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-99-93.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:211e:1a00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8e22 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-38.fra56.r.cloudfront.net

analytics-sm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.225.249.69 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.249.225.35.bc.googleusercontent.com

e.metarouter.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:6400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.255.87 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-255-87.eu-central-1.compute.amazonaws.com

35627.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:c584:26de:9418:fab (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.215.172.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-172-219.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	bakertilly.com 9 redirects connect.bakertilly.com — Cisco Umbrella Rank: 473150	117 KB
10	pardot.com storage.pardot.com — Cisco Umbrella Rank: 8721 pi.pardot.com — Cisco Umbrella Rank: 3601	159 KB
9	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2416 d.adroll.com — Cisco Umbrella Rank: 1473	82 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353 www.linkedin.com — Cisco Umbrella Rank: 575 px4.ads.linkedin.com — Cisco Umbrella Rank: 6074	3 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 295 fonts.googleapis.com — Cisco Umbrella Rank: 34	156 KB
3	analytics-sm.com analytics-sm.com — Cisco Umbrella Rank: 15364	2 KB
3	metarouter.io cdn.metarouter.io — Cisco Umbrella Rank: 44391 e.metarouter.io — Cisco Umbrella Rank: 57447	87 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4428 buttons-config.sharethis.com — Cisco Umbrella Rank: 5738 l.sharethis.com — Cisco Umbrella Rank: 4655	46 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 359	72 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4504	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5986	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	354 B
1	siteimproveanalytics.io 35627.global.siteimproveanalytics.io — Cisco Umbrella Rank: 686634	473 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 814	370 B
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3062	12 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 707	5 KB
1	gstatic.com fonts.gstatic.com	32 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	70 KB
1	calibermind.com cdn.calibermind.com — Cisco Umbrella Rank: 103838	1 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5353	279 B
52	22

	Domain	Requested by
11	connect.bakertilly.com	9 redirects connect.bakertilly.com
8	s.adroll.com	2 redirects www.googletagmanager.com connect.bakertilly.com s.adroll.com
8	storage.pardot.com	connect.bakertilly.com storage.pardot.com
3	analytics-sm.com	connect.bakertilly.com
3	cdn.jsdelivr.net	connect.bakertilly.com
2	pi.pardot.com	connect.bakertilly.com pi.pardot.com
2	px.ads.linkedin.com	2 redirects
2	e.metarouter.io	cdn.metarouter.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	connect.bakertilly.com
2	ajax.googleapis.com	connect.bakertilly.com
1	ws.zoominfo.com	connect.bakertilly.com
1	www.google.de	connect.bakertilly.com
1	www.google.com	connect.bakertilly.com
1	d.adroll.com	s.adroll.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	35627.global.siteimproveanalytics.io	connect.bakertilly.com
1	px4.ads.linkedin.com	connect.bakertilly.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	siteimproveanalytics.com	connect.bakertilly.com
1	snap.licdn.com	connect.bakertilly.com
1	fonts.gstatic.com	fonts.googleapis.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	cdn.metarouter.io	connect.bakertilly.com
1	www.googletagmanager.com	connect.bakertilly.com
1	cdn.calibermind.com	connect.bakertilly.com
1	platform-api.sharethis.com	connect.bakertilly.com
1	bit.ly	1 redirects
52	30

This site contains links to these domains. Also see Links.

Domain
www.bakertilly.com
careers.bakertilly.com
www.facebook.com
www.instagram.com
www.linkedin.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
connect.bakertilly.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
sharethis.com Amazon	`2022-06-19` - `2023-07-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
metarouter.io Amazon	`2022-06-01` - `2023-06-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.analytics-sm.com Amazon	`2022-06-17` - `2023-07-16`	a year	crt.sh
e.metarouter.io Sectigo RSA Domain Validation Secure Server CA	`2022-01-26` - `2023-02-26`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.global.r1.siteimproveanalytics.io Amazon	`2022-09-09` - `2023-10-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-04-21` - `2023-04-21`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-13` - `2023-09-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Frame ID: A2946598D4ECE65762F3AC7FF7CF9D11
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Contact usFacebookInstagramlinkedin-boxTwitterYouTube

Page URL History Show full URLs

https://connect.bakertilly.com/e/870811/fs-mortgage-compliance-contact/7mqs7v/829643623?h=KjsPuNBTrhg9E77KD... HTTP 301
https://connect.bakertilly.com/fs-mortgage-compliance-contact Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

52
Requests

73 %
HTTPS

68 %
IPv6

22
Domains

30
Subdomains

27
IPs

5
Countries

858 kB
Transfer

2680 kB
Size

22
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bakertilly.com/

Search URL Search Domain Scan URL

URL: http://www.bakertilly.com/page/baker-tilly-online-privacy-policy
Title: I agree to the Baker Tilly privacy policy.

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/page/about-us
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/contact/offices
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/insights
Title: Insights

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/industries
Title: Industries

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/services
Title: Services

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/contact?utm_source=footer&utm_medium=web
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://careers.bakertilly.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/contact/directory
Title: Professionals

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/page/legal-and-privacy
Title: Legal & Privacy

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/events
Title: Events

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/page/client-portal
Title: Client Portals

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/page/pay-invoice
Title: Pay Invoice

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bakertillyus
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bakertillyus/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bakertillyus/
Title: linkedin-box

Search URL Search Domain Scan URL

URL: https://twitter.com/bakertillyus
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/bakertillyus
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/page/baker-tilly-online-privacy-policy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/page/cookies-and-tracking-technologies
Title: Cookies & tracking

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://connect.bakertilly.com/e/870811/fs-mortgage-compliance-contact/7mqs7v/829643623?h=KjsPuNBTrhg9E77KDOPubwAD8EASqkiEJg1aVhiAttE HTTP 301
https://connect.bakertilly.com/fs-mortgage-compliance-contact Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://bit.ly/3IcPekd HTTP 301
https://connect.bakertilly.com/l/870811/2021-01-21/5rdcn1/870811/1638473609JQL8V7Pw/btCommon.js HTTP 302
https://storage.pardot.com/870811/1670948981aKdLVlK8/btCommon.js

Request Chain 5

https://connect.bakertilly.com/btpdotlp2022 HTTP 302
https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css

Request Chain 7

https://connect.bakertilly.com/l/870811/2020-06-18/5psfgd/870811/139427/css_versioning.js HTTP 302
https://storage.pardot.com/870811/139427/css_versioning.js

Request Chain 9

https://connect.bakertilly.com/btlogo2022 HTTP 302
https://storage.pardot.com/870811/1659977712lzvRWHuE/bt_logo_w_150.png

Request Chain 10

https://connect.bakertilly.com/l/870811/2022-08-09/5x5sxv/870811/1660076998DPVsTVQ7/footer_forbes_logo_gray.png HTTP 302
https://storage.pardot.com/870811/1660076998DPVsTVQ7/footer_forbes_logo_gray.png

Request Chain 19

https://connect.bakertilly.com/btpdotlp2022?v=1675276275732 HTTP 302
https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css

Request Chain 23

https://connect.bakertilly.com/lpheader-bg HTTP 302
https://storage.pardot.com/870811/1659992233sZZOg7a7/default_lpb_staircase_dk.jpg

Request Chain 25

https://connect.bakertilly.com/footerbg HTTP 302
https://storage.pardot.com/870811/1660068933OT5fpaKQ/bg_footer_growth_symbol.png

Request Chain 35

https://s.adroll.com/j/exp/ZIA6BVWR65BBXJT4LUM5OD/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 36

https://s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 39

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1675276276276&url=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D30525%26time%3D1675276276276%26url%3Dhttps%253A%252F%252Fconnect.bakertilly.com%252Ffs-mortgage-compliance-contact%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1675276276276&url=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1675276276276&url=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact&liSync=true&e_ipv6=AQITrrZuMZn_tAAAAYYOP1Ssi2WPbO9J9wjBnYguxe6ySmPjzT1JArTpnlyoSkuQDVKEzHw

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request fs-mortgage-compliance-contact Show response
connect.bakertilly.com/
Redirect Chain

https://connect.bakertilly.com/e/870811/fs-mortgage-compliance-contact/7mqs7v/829643623?h=KjsPuNBTrhg9E77KDOPubwAD8EASqkiEJg1aVhiAttE
https://connect.bakertilly.com/fs-mortgage-compliance-contact

38 KB
11 KB

395ms
394ms

Document
text/html

18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-125-13.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: c0c6708ae1e46299c8592a4e7f555121b43a46a38a6637fe10d229ac536af475

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 11134
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Feb 2023 18:31:14 GMT
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma: no-cache
status: 404 Not Found
vary: Accept-Encoding,User-Agent
x-pardot-rsp: 0/0/1

Redirect headers

Connection: keep-alive
Content-Length: 126
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Feb 2023 18:31:14 GMT
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
cache-control: max-age=63072000
content-encoding: gzip
expires: Fri, 31 Jan 2025 18:31:13 GMT
location: https://connect.bakertilly.com/fs-mortgage-compliance-contact
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary: Accept-Encoding,User-Agent

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 138ms
50ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.bakertilly.com/
Origin: https://connect.bakertilly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:31:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19302951
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19173-FRA, cache-cdg20747-CDG
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gC8nTs%2BvlnauY4ZqDFwNg71wLAxx20v%2FIjvoXFv7PeBppTda6hLHSnpTPKA1MCvjHHyVE02xsmuiCAad6vgbmXBo5AzY%2Fdtl3C5oeXayN%2FP0Arg0VgQDxn%2BnDtkLbkdQ3za8QDIBn%2FpGcH5s1Io%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 792cc34dbd85bb95-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
88 KB 189ms
89ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 14:13:43 GMT
x-content-type-options: nosniff
age: 15451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89476
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:13:43 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 248 KB
67 KB 141ms
41ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 18:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67948
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 18:00:11 GMT

GET
H2

200

btCommon.js Show response
storage.pardot.com/870811/1670948981aKdLVlK8/
Redirect Chain

https://bit.ly/3IcPekd
https://connect.bakertilly.com/l/870811/2021-01-21/5rdcn1/870811/1638473609JQL8V7Pw/btCommon.js
https://storage.pardot.com/870811/1670948981aKdLVlK8/btCommon.js

4 KB
4 KB

578ms
43ms

Script
text/javascript

2600:9000:211e:4600:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.pardot.com/870811/1670948981aKdLVlK8/btCommon.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: H2
Server: 2600:9000:211e:4600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbec195410c0786a7fb940d9eed5bf918e44e570c1bcd84abcce6f7c1fb9f4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 14:05:41 GMT
x-amz-version-id: e8a5eQEKueknN3FQLS8nb4SX_A0Xds8e
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
last-modified: Tue, 13 Dec 2022 16:29:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 15935
etag: "64060d4bace9eefb582d45da36fd47fb"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 3777
x-amz-cf-id: kZVFMbCPX-6KzEGIrrzcT-9mTwBIJncIuOeDyQx_-e9FlvEOKV2TjA==

Redirect headers

Date: Wed, 01 Feb 2023 18:31:15 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1670948981aKdLVlK8/btCommon.js
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 137
expires: Wed, 01 Feb 2023 18:41:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
833 B 152ms
53ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Sora:wght@300;400;500;600;700;800&display=swap

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e4ef99653f86b716cfa8a91b47c4a573e1108ae4ea6bde77db90a3eb0271575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Feb 2023 18:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 18:31:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Feb 2023 18:31:14 GMT

GET
H2

200

BT_pdotlp_2022.css
storage.pardot.com/870811/1670948300Hzjlbtvp/
Redirect Chain

https://connect.bakertilly.com/btpdotlp2022
https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css

7 KB
7 KB

825ms
48ms

Stylesheet
text/css

2600:9000:211e:4600:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: H2
Server: 2600:9000:211e:4600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbc237cabbae1bfa0abc33951828b16f0c1f1078138460046d8d4affc34a23b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 01:56:51 GMT
x-amz-version-id: 2danJM0is1kZlkibtJLq8SI7U.iecVUd
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
last-modified: Tue, 13 Dec 2022 16:18:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 59665
etag: "2863ec80bf2c979afd9bf7f0de52f15b"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 7079
x-amz-cf-id: 805lPSZGX50VV9J1tOoCGwflzgc9gPrz_UyqrqffBT8zPiIIz8wvoQ==

Redirect headers

Date: Wed, 01 Feb 2023 18:31:14 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 145
expires: Wed, 01 Feb 2023 18:41:14 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 197 KB
44 KB 138ms
45ms Script
text/javascript 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Resource Hash

4c762350bf5dcf159a3adfddb1c33d90a8d85daaf7c5de9ea82b5fd201dd2d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:29:00 GMT
content-encoding: gzip
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
age: 135
etag: W/"31224-Gf78CYYYtb3Uvr+/+bTpOi3PB9M"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: ATEcaplOjCOB-tyv-FLy0avYk1dVAc68znyP44fxfm8GPJcvsu7cfA==

GET
H2

200

css_versioning.js Show response
storage.pardot.com/870811/139427/
Redirect Chain

https://connect.bakertilly.com/l/870811/2020-06-18/5psfgd/870811/139427/css_versioning.js
https://storage.pardot.com/870811/139427/css_versioning.js

399 B
815 B

652ms
42ms

Script
text/javascript

2600:9000:211e:4600:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.pardot.com/870811/139427/css_versioning.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: H2
Server: 2600:9000:211e:4600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2409f05808bdd1c2565f5ab75e7b4eaa685866da67667b91529869d4fdf5735a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 14:05:41 GMT
x-amz-version-id: ZO5JWGXwHSUhT1fRByLyGNhiyzb7gmEt
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jun 2020 15:21:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 15935
etag: "a86bc583417af9bb48b1b5cb52a56ca9"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 399
x-amz-cf-id: KI4QaFENx6HvigH6hZ4dL8mk81bMoIJ08YIRoHTVj1c_7-EsVlRVxg==

Redirect headers

Date: Wed, 01 Feb 2023 18:31:15 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/139427/css_versioning.js
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 128
expires: Wed, 01 Feb 2023 18:41:15 GMT

GET
H/1.1 200
OK piUtils.js Show response
connect.bakertilly.com/js/ 343 KB
100 KB 482ms
240ms Script
application/javascript 18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.bakertilly.com/js/piUtils.js?ver=2021-09-20
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-125-13.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 374a73669cb18a65f88e7bb2c0cefe8329a33809901c06e59699f86f79c7f8c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/fs-mortgage-compliance-contact
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 18:31:15 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
last-modified: Tue, 31 Jan 2023 05:30:20 GMT
Server: PardotServer
etag: "55cbe-gzip"
Transfer-Encoding: chunked
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
expires: Fri, 31 Jan 2025 18:31:15 GMT

GET
H2

200

bt_logo_w_150.png
storage.pardot.com/870811/1659977712lzvRWHuE/
Redirect Chain

https://connect.bakertilly.com/btlogo2022
https://storage.pardot.com/870811/1659977712lzvRWHuE/bt_logo_w_150.png

5 KB
5 KB

47ms
47ms

Image
image/png

2600:9000:211e:4600:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/870811/1659977712lzvRWHuE/bt_logo_w_150.png
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: H2
Server: 2600:9000:211e:4600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4de07af92a9e2e72fd6a9331056f3dbbc37994a55b950a2fbc9ff56e76c0da23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 14:05:42 GMT
x-amz-version-id: mQo8HDMZ80uMwdk82OnaQm_nCgXXcPzg
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
last-modified: Mon, 08 Aug 2022 16:55:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 15934
etag: "58b309da53af01c84ea5abd3d3e0a864"
x-cache: Hit from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 4709
x-amz-cf-id: yWe_Xs5EyxaLZ7qUgiTTkFqithocn50kuk-sMmvoezPVJFAa47W1ew==

Redirect headers

Date: Wed, 01 Feb 2023 18:31:15 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1659977712lzvRWHuE/bt_logo_w_150.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 146
expires: Wed, 01 Feb 2023 18:41:15 GMT

GET
H2

200

footer_forbes_logo_gray.png
storage.pardot.com/870811/1660076998DPVsTVQ7/
Redirect Chain

https://connect.bakertilly.com/l/870811/2022-08-09/5x5sxv/870811/1660076998DPVsTVQ7/footer_forbes_logo_gray.png
https://storage.pardot.com/870811/1660076998DPVsTVQ7/footer_forbes_logo_gray.png

9 KB
10 KB

46ms
46ms

Image
image/png

2600:9000:211e:4600:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/870811/1660076998DPVsTVQ7/footer_forbes_logo_gray.png
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: H2
Server: 2600:9000:211e:4600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 831e90e4c55e6a57fbd416f77c291ec58db4d5dd820a6daa1f897e6a68a69607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 14:05:42 GMT
x-amz-version-id: XMfum2W6FlJ1GmxeMeGDq981ISidvGTF
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
last-modified: Tue, 09 Aug 2022 20:29:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 15935
etag: "984196af6653ccab0b6fe2433118c657"
x-cache: Hit from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 9591
x-amz-cf-id: Tgjb6cNDHyWQmyXxJn1iZ5HTbcebvySdaigrLC5KEEg_QrAWtkM7Zg==

Redirect headers

Date: Wed, 01 Feb 2023 18:31:16 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1660076998DPVsTVQ7/footer_forbes_logo_gray.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 150
expires: Wed, 01 Feb 2023 18:41:16 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 77 KB
23 KB 65ms
64ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.bakertilly.com/
Origin: https://connect.bakertilly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:31:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19308187
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19168-FRA, cache-iad-kiad7000078-IAD
x-jsd-version-type: version
server: cloudflare
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APn4tM%2Bk5LmbN210R%2FQ6DDgeGHFwc4xnqtNaY9e%2B7XF0zeMjOEMWNBu3%2FJq1grKEz8sY3qHyLF%2ByuenqfzT4gkJEYBXmN5loXPd6wkPSRGGKMVuJaeznhdLE4jGTlKVCYMUV6M0kO3SQorIXFKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 792cc3536a38bb95-FRA

GET
H2 200 identifyEmail.latest.js Show response
cdn.calibermind.com/js/ 838 B
1 KB 176ms
55ms Script
application/javascript 2606:4700:3031::ac43:d595
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calibermind.com/js/identifyEmail.latest.js

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d595 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda851ced6071adcde40501c1c09e21fd48be1594567337f82711a6371b9779c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:31:15 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 35549
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Nov 2022 16:30:56 GMT
server: cloudflare
etag: W/"63726d40-346"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhXpzIkFHOT4dZRSqB9TSb86JIr02fsn0rSZqwGChDfXzm5sb7M6x%2Fc34ir2OXJdxRrubk9yDNVCKPV8uck8YiIs753%2FgzWonGEC3%2BHX1jxxqvueT0RwWeTgeKWNaNWMcjWZIgXXK%2FiifH5INegLKLd%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400, stale-if-error=3600
cf-ray: 792cc3542e5fbbdf-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
70 KB 160ms
61ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e20d85c5f4215e6511a73f91f5a3c782a77973566e0c778adfe8917087d45a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:31:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71013
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Feb 2023 18:31:15 GMT

GET bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 0
0

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
24 KB 64ms
63ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css?v=1675276275731

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/l/870811/2020-06-18/5psfgd/870811/139427/css_versioning.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.bakertilly.com/
Origin: https://connect.bakertilly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:31:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19302952
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19173-FRA, cache-cdg20747-CDG
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVTaG3fx%2FezrWmpjBWK1lqbXPV04k2qqszK9UybwPBZtn04oZHSZusL6Wml16NYFu9V3zX6wQ%2FLZTb%2B9D0mCUVSXBhaN%2FL00WzTuR1pvaI44xB2OADuhFrw7Ixa5hr1P2WWEaIcKTRzSAEDRukc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 792cc3536a44bb95-FRA

GET css2
fonts.googleapis.com/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
474 B 56ms
55ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Sora:wght@300;400;500;600;700;800&display=swap&v=1675276275732

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/l/870811/2020-06-18/5psfgd/870811/139427/css_versioning.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e4ef99653f86b716cfa8a91b47c4a573e1108ae4ea6bde77db90a3eb0271575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Feb 2023 18:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 18:31:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Feb 2023 18:31:15 GMT

GET btpdotlp2022
connect.bakertilly.com/ 0
0

GET
H2

200

BT_pdotlp_2022.css
storage.pardot.com/870811/1670948300Hzjlbtvp/
Redirect Chain

https://connect.bakertilly.com/btpdotlp2022?v=1675276275732
https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css

7 KB
7 KB

44ms
44ms

Stylesheet
text/css

2600:9000:211e:4600:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: H2
Server: 2600:9000:211e:4600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbc237cabbae1bfa0abc33951828b16f0c1f1078138460046d8d4affc34a23b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 01:56:51 GMT
x-amz-version-id: 2danJM0is1kZlkibtJLq8SI7U.iecVUd
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
last-modified: Tue, 13 Dec 2022 16:18:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 59665
etag: "2863ec80bf2c979afd9bf7f0de52f15b"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 7079
x-amz-cf-id: 3qFtBkhYVduGQXJd2jX430ZZ52tktDubwMs0o-KcQCgT3nODw5i8Nw==

Redirect headers

Date: Wed, 01 Feb 2023 18:31:15 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 145
expires: Wed, 01 Feb 2023 18:41:15 GMT

GET
H2 200 iNb8Rmk2rahx23826pQyx.js Show response
cdn.metarouter.io/a/v1/ 389 KB
87 KB 195ms
70ms Script
application/javascript 2600:9000:2204:a00:13:5e7f:45c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.metarouter.io/a/v1/iNb8Rmk2rahx23826pQyx.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:a00:13:5e7f:45c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12bfc76815c9102e1d42e23830b022915b63a095f991f3349b2d06fe58c761f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:31:15 GMT
content-encoding: gzip
via: 1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified: Wed, 25 May 2022 19:55:37 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 98
etag: "27f5f4c8921203b61caf57c9ba38d058"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=120
accept-ranges: bytes
content-length: 88834
x-amz-cf-id: sEGF5Z7KhX0w6vLOWzTU-ZTmgsidtLTGxjs_aioiQNE_LYyBg7Akxg==

GET
H2 200 5cf14047d75d0900122bb959.js Show response
buttons-config.sharethis.com/js/ 730 B
1 KB 707ms
435ms Script
text/javascript 2600:9000:206f:4400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5cf14047d75d0900122bb959.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:4400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a6d4dbc34bb1eed122b44f46bddc1ce834b5b8e0c833c3d2d053312e1b3d5782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:31:17 GMT
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 02 Jun 2020 18:17:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
etag: "2a147e526e8304daa62507d4db649512"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 730
x-amz-cf-id: nNW07avfeHScghbw8LIhKAiKfNvneiJV1CwS1E-u0cOzu1DVAy5yAw==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
409 B 359ms
42ms XHR
text/plain 3.127.99.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=connect.bakertilly.com&location=%2Ffs-mortgage-compliance-contact&product=unknown&url=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=true&title=Contact%20us&cms=unknown&publisher=5cf14047d75d0900122bb959&sop=true&version=st_sop.js&lang=en&description=Submit%20the%20form%20below.&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.127.99.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-99-93.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 18:31:16 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://connect.bakertilly.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2

200

default_lpb_staircase_dk.jpg
storage.pardot.com/870811/1659992233sZZOg7a7/
Redirect Chain

https://connect.bakertilly.com/lpheader-bg
https://storage.pardot.com/870811/1659992233sZZOg7a7/default_lpb_staircase_dk.jpg

104 KB
105 KB

51ms
51ms

Image
image/jpeg

2600:9000:211e:4600:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/870811/1659992233sZZOg7a7/default_lpb_staircase_dk.jpg
Requested by: Host: storage.pardot.com
URL: https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css
Protocol: H2
Server: 2600:9000:211e:4600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b490b73d27ec28072dd25b9d7a18367b2aaa54ac35dc1d6d3efffb2cfdfa0b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storage.pardot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 14:05:42 GMT
x-amz-version-id: wJ5Zic476LlQ9KNM1USzY2yMZyvGOA1T
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
last-modified: Mon, 08 Aug 2022 20:57:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 15935
etag: "1361c76c43b8ae402c1e681350595b7e"
x-cache: Hit from cloudfront
content-type: image/jpeg; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 106884
x-amz-cf-id: V6gYcJXamwPiDBCnpp058EwwjKRzF2wPE_FHstZr2Hktn_C8uRohHw==

Redirect headers

Date: Wed, 01 Feb 2023 18:31:16 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1659992233sZZOg7a7/default_lpb_staircase_dk.jpg
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 148
expires: Wed, 01 Feb 2023 18:41:16 GMT

GET
H2 200 xMQbuFFYT72XzQUpDg.woff2
fonts.gstatic.com/s/sora/v11/ 31 KB
32 KB 296ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sora/v11/xMQbuFFYT72XzQUpDg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Sora:wght@300;400;500;600;700;800&display=swap&v=1675276275732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6ccea834c81e029b0185925ac24caf2878d3c9f3d0cd8d79e7f73729970918b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.bakertilly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 02:06:05 GMT
x-content-type-options: nosniff
age: 491111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32136
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 18:20:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 02:06:05 GMT

GET
H2

200

bg_footer_growth_symbol.png
storage.pardot.com/870811/1660068933OT5fpaKQ/
Redirect Chain

https://connect.bakertilly.com/footerbg
https://storage.pardot.com/870811/1660068933OT5fpaKQ/bg_footer_growth_symbol.png

16 KB
16 KB

50ms
50ms

Image
image/png

2600:9000:211e:4600:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/870811/1660068933OT5fpaKQ/bg_footer_growth_symbol.png
Requested by: Host: storage.pardot.com
URL: https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css
Protocol: H2
Server: 2600:9000:211e:4600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eccbb88a8955a592ec36e36214b2326d30cd44855b1f4c4d54afda7a5f185e71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storage.pardot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 14:05:42 GMT
x-amz-version-id: w0MCi5zfRP5BJCNxJW_qi4UFBjvRa_yq
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
last-modified: Tue, 09 Aug 2022 18:15:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 15935
etag: "546cf2b511d7ea20ea581d21052013e7"
x-cache: Hit from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 15994
x-amz-cf-id: tZi9mCzM0jVEHVQpmNLVU70WJpZ90A7dWFNOT-xvy4hzV7eLY-uJ0Q==

Redirect headers

Date: Wed, 01 Feb 2023 18:31:16 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1660068933OT5fpaKQ/bg_footer_growth_symbol.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 150
expires: Wed, 01 Feb 2023 18:41:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 251ms
51ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 18:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 572
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 01 Feb 2023 20:21:44 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 57 KB
19 KB 244ms
47ms Script
text/javascript 2600:9000:211e:1a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 628d6315130cd4de61ea584cd8dc091a22f3fe455afbf7228b43b99ca44db25e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: NwsfeSQdu7qaTe6tGVib5bHAlZ1WnBa6
Content-Encoding: gzip
Via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
Date: Wed, 01 Feb 2023 17:54:41 GMT
Age: 2200
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 14:43:35 GMT
Server: AmazonS3
Etag: W/"3980429e4470aea3a07be4951d0c262b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: A5-T6pUDVsfpfDtPNz7uUFwoFuO8IuT_KAKB6s2l3DaGsSkOqv1KZg==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 248ms
54ms Script
application/x-javascript 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=10846
accept-ranges: bytes
content-length: 4777

GET
H2 200 siteanalyze_35627.js Show response
siteimproveanalytics.com/js/ 42 KB
12 KB 238ms
48ms Script
application/javascript 2606:4700:e2::ac40:8e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_35627.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aecc14bc587513091db72537a892e0a3c21293d994eafcfbf491c1492dbce426

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:31:16 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6GGADWCEYAJQP90H
age: 6776
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11896
x-amz-id-2: 3VKC5XSjIwob/scX+XvqzFXllzmuJ6c/e4PdZqqd9BYv/26Wsrt1yZCL4TeN6coyxEuaaeNlwbk=
last-modified: Mon, 16 May 2022 09:18:05 GMT
server: cloudflare
etag: "5ee87e9da09b869f5814a2bfe344a9d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3SttSklfu8JGqdcZnI9hLBeVhMHKEZ0CfSoMvfGRptrlMyxNwVHlfwp3VZUtBO2CeHe5FIytWVARUP9BeFPaQRZMPdCPXTo1nZgpcBXpGAt83vDAFZ9E%2BXt48APEkO2mbcj7lOyapxgZJNb0kSDUxs6SJpcvlc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 792cc3566fb1366d-FRA

GET
H2 200 beacon.js Show response
analytics-sm.com/js/v1/ 2 KB
2 KB 242ms
48ms Script
application/javascript 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-sm.com/js/v1/beacon.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-38.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 133b0a1570d26f9e1beeecaeb4587a8f449c65bff8c87895cdd7e98879644ba6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:29:56 GMT
content-encoding: gzip
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified: Mon, 18 Nov 2019 20:56:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 81
etag: W/"ab9f4a2518b1913f8a45b16f69d1c7a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600, no-transform, public
x-amz-cf-id: YeJHIK32QCvHu3EBC6p4lnYVpdC48OCMS2IEscIw-Ihwt2ExtfP6Jg==

POST
H2 200 p Show response
e.metarouter.io/v1/ 16 B
265 B 143ms
143ms XHR
application/json 35.225.249.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://e.metarouter.io/v1/p

Requested by

Host: cdn.metarouter.io
URL: https://cdn.metarouter.io/a/v1/iNb8Rmk2rahx23826pQyx.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.225.249.69 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

69.249.225.35.bc.googleusercontent.com

Software

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://connect.bakertilly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Feb 2023 18:31:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 900
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization
content-length: 16
x-request-id: 1636fed5-88e3-43b8-8f97-6902b6a01b9c

OPTIONS
H2 204 p
e.metarouter.io/v1/ 0
0 459ms
143ms Preflight 35.225.249.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://e.metarouter.io/v1/p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.225.249.69 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

69.249.225.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://connect.bakertilly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 43200
date: Wed, 01 Feb 2023 18:31:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 /
analytics-sm.com/ 68 B
388 B 42ms
40ms Image
image/png 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics-sm.com/?bid=10a28e2c-7096-450e-bdb9-2a977d6102b6&smuid=1675276686203&bt=1675276276265&url=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact&url_path=%2Ffs-mortgage-compliance-contact&title=Contact%20us
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-38.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:12:29 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified: Mon, 15 Oct 2018 15:03:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 5059128
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache
content-length: 68
x-amz-cf-id: KRi5QUX5vZNforFvxPLcrDmQQzj391C2ulIn2VkSKHx3vx_pWs5hSQ==

GET
H2 200 /
analytics-sm.com/ 68 B
388 B 42ms
41ms Image
image/png 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics-sm.com/?bid=10a28e2c-7096-450e-bdb9-2a977d6102b6&smuid=1675276686203&bt=1675276276266&url=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact&url_path=%2Ffs-mortgage-compliance-contact&title=Contact%20us
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-38.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:12:29 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified: Mon, 15 Oct 2018 15:03:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 5059128
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache
content-length: 68
x-amz-cf-id: lD5aCwM7uZPe3zJWMydiqHn09qCIlq7d6pLIxWMqF9NftucvFzG3BA==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/ZIA6BVWR65BBXJT4LUM5OD/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

81ms
40ms

Script
application/javascript

2600:9000:211e:1a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: HTTP/1.1
Server: 2600:9000:211e:1a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: CiD7z5Qr2ECIL.Zbw84rFXTGVfvZ9kAA
Date: Wed, 01 Feb 2023 01:51:03 GMT
Via: 1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
Age: 60072
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Thu, 01 Dec 2022 00:29:34 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: gijA7N8kZgMIMZmZPzXeIUXSZaqK2BFwLGG1s79QUGhASB17H4pLRA==

Redirect headers

Date: Wed, 01 Feb 2023 04:40:17 GMT
Via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
Age: 49859
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: FV5z1AP-YZQKdLp-5gfKSKkobT3zHT7kdZYrMYU-ChZnYbmTSuYhFQ==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

41ms
41ms

Script
application/javascript

2600:9000:211e:1a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: HTTP/1.1
Server: 2600:9000:211e:1a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Wed, 01 Feb 2023 09:07:02 GMT
Via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
Age: 33856
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: n4H00Ab1xmN69ztSKEt5PCtuLBlguK6__yocR4ZtyYSuHKPzjUn-OA==

Redirect headers

Date: Wed, 01 Feb 2023 05:09:21 GMT
Via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
Age: 48114
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: e7AF-Fnl4VTLPnHq_ofDL8Ir1suc4qer5d5QbRWpJn8bVXdFbbLM_A==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/ 4 KB
3 KB 128ms
49ms Script
text/javascript 2600:9000:211e:1a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: NyGT.B1Eh0CoWAEOce2X4tE3_5qGXtsH
Content-Encoding: gzip
Via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
Date: Wed, 01 Feb 2023 18:31:16 GMT
Age: 824
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 15:04:07 GMT
Server: AmazonS3
Etag: W/"a7bb70ece1e3f0f3879dcfca4857a770"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 1sBCwYQe3-KZUMqWvoAQVOV7FlRVKePSzkT5wIMlnwrzx056VojNEw==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/30525/domain/connect.bakertilly.com/ 36 B
370 B 272ms
190ms XHR
application/json 2600:9000:206f:6400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/30525/domain/connect.bakertilly.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://connect.bakertilly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:31:16 GMT
content-encoding: gzip
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: PaiqTawW7pjODDTtUkLjLuzAGaOfRvuEdRyJLYC24SzrMNVq0BphNw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1675276276276&url=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D30525%26time%3D1675276276276%26url%3Dhttps%253A%252F%252Fconnect.bakertilly.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1675276276276&url=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1675276276276&url=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact&liSync=true&e_ipv6=AQITrrZuMZn_tAAAAYYOP1Ssi2W...

0
264 B

328ms
216ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1675276276276&url=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact&liSync=true&e_ipv6=AQITrrZuMZn_tAAAAYYOP1Ssi2WPbO9J9wjBnYguxe6ySmPjzT1JArTpnlyoSkuQDVKEzHw
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:31:16 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2A739E71206C447FA031B18203DB3901 Ref B: FRAEDGE1114 Ref C: 2023-02-01T18:31:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzp6dnp0/ZRx6jeUYIEw==

Redirect headers

date: Wed, 01 Feb 2023 18:31:16 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4684BCCD9B4C4C698DCAAEFAE1EC9D4E Ref B: FRAEDGE1506 Ref C: 2023-02-01T18:31:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1675276276276&url=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact&liSync=true&e_ipv6=AQITrrZuMZn_tAAAAYYOP1Ssi2WPbO9J9wjBnYguxe6ySmPjzT1JArTpnlyoSkuQDVKEzHw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzp6dip4J+7G0t0BT1jw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 75ms
75ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=495207156&t=pageview&_s=1&dl=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact&ul=en-us&de=UTF-8&dt=Contact%20us&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=94301100&gjid=302090772&cid=572680068.1675276276&tid=UA-9130791-1&_gid=1180118919.1675276276&_r=1&_slc=1&gtm=2wg1u054NKV2&z=520863534

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.bakertilly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 18:31:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://connect.bakertilly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 image.aspx
35627.global.siteimproveanalytics.io/ 34 B
473 B 195ms
41ms Image
image/gif 35.156.255.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://35627.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact&title=Contact%20us&res=1600x1200&accountid=35627&rt=3261&prev=5e8f8854-4b69-9b31-e48d-7bf0f1d49dcb&luid=b79e0dd6-0567-0e26-ce12-3924ca2af4e3&rnd=39302
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.255.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-255-87.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 01 Feb 2023 18:31:16 GMT
cache-control: max-age=0
content-length: 34
expires: Wed, 01 Feb 2023 18:31:16 UTC

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
354 B 146ms
48ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9130791-1&cid=572680068.1675276276&jid=94301100&gjid=302090772&_gid=1180118919.1675276276&_u=YEBAAEAAAAAAACAAI~&z=1138751144

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.bakertilly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Feb 2023 18:31:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://connect.bakertilly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ZIA6BVWR65BBXJT4LUM5OD Show response
d.adroll.com/consent/check/ 453 B
546 B 240ms
55ms Script
application/javascript 2a05:d018:cc3:fe05:c584:26de:9418:fab
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/ZIA6BVWR65BBXJT4LUM5OD?pv=93628243953.93962&arrfrr=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact&_s=1000c91411efdd73e80587965f4f5291&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:c584:26de:9418:fab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: b67d146cf21105c63d6050a1d58ea6f2386749793b8b5c935bafc11904bd08de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:31:16 GMT
server: nginx/1.22.1
content-length: 453
content-type: application/javascript

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 166ms
77ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9130791-1&cid=572680068.1675276276&jid=94301100&_u=YEBAAEAAAAAAACAAI~&z=965077456

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 18:31:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 169ms
79ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9130791-1&cid=572680068.1675276276&jid=94301100&_u=YEBAAEAAAAAAACAAI~&z=965077456

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 18:31:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 410 KB
55 KB 42ms
41ms Script
application/javascript 2600:9000:211e:1a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: 44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Content-Encoding: gzip
Via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
Date: Wed, 01 Feb 2023 18:30:21 GMT
Age: 56
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 19:41:48 GMT
Server: AmazonS3
Etag: W/"0a7d0ea8d7d31b07e925fe340acf431b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ZqxsfOZS024wfxtAgBdRYM47DTOSGG0IQr_WYsMwgfRxkcYsd7GdVw==

GET
H2 200 QonfzDSV1HDHlAyTp6g3 Show response
ws.zoominfo.com/pixel/ 2 KB
2 KB 269ms
177ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

dab7d27ca51561de26e2902522f7c54c67fec18ae4a3ae6a656e20d84680e5a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 792cc359fdef9136-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 42ms
42ms Image
image/png 2600:9000:211e:1a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Tue, 31 Jan 2023 18:50:40 GMT
Via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
Age: 85239
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: qxrmJnkuNgpgOIw44ljwcqYUGktzcydajbvmDMyQFKHS12krj9IpGw==

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 356ms
118ms Script
application/javascript 3.215.172.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/fs-mortgage-compliance-contact
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-172-219.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 18:31:17 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Tue, 31 Jan 2023 05:30:20 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1946
expires: Fri, 31 Jan 2025 18:31:17 GMT

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 2 KB
2 KB 203ms
203ms Script
text/javascript 3.215.172.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=499978858&visitor_id_sign=b4c929590c941213734c873507749a7c36bb5b3c955e30b1bff55124dc55c2bb87069d63146dd0e0bbd5c4a56feef0f55f659b87&pi_opt_in=&campaign_id=67921&account_id=871811&title=Contact%20us&url=https%3A%2F%2Fconnect.bakertilly.com%2Ffs-mortgage-compliance-contact&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-172-219.compute-1.amazonaws.com

Software

PardotServer /

Resource Hash

73cc63bb03dcd45fb88da44aab94ebcd0b587fe595a0259353875a72b1d33ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bakertilly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 01 Feb 2023 18:31:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
Server: PardotServer
vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 940
expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css?

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Sora:wght@300;400;500;600;700;800&display=swap&

Domain: connect.bakertilly.com
URL: https://connect.bakertilly.com/btpdotlp2022?

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
connect.bakertilly.com/	1970-01-20 18:57:16	Name: visitor_id870811 Value: 499978858
connect.bakertilly.com/	1970-01-20 18:57:16	Name: visitor_id870811-hash Value: b4c929590c941213734c873507749a7c36bb5b3c955e30b1bff55124dc55c2bb87069d63146dd0e0bbd5c4a56feef0f55f659b87
.bakertilly.com/	1970-01-20 11:30:52	Name: _gcl_au Value: 1.1.937497866.1675276276
.bakertilly.com/	1970-01-20 18:06:52	Name: ajs_anonymous_id Value: %2240c5436c-3e13-4721-9129-aed74960f4d4%22
.bakertilly.com/	1970-01-20 18:57:16	Name: sm_uuid Value: 1675276686203
.bakertilly.com/	1970-01-20 18:57:16	Name: _ga Value: GA1.2.572680068.1675276276
.bakertilly.com/	1970-01-20 09:22:42	Name: _gid Value: GA1.2.1180118919.1675276276
.bakertilly.com/	1970-01-20 09:21:16	Name: _gat_UA-9130791-1 Value: 1
.bakertilly.com/	1970-01-20 18:57:16	Name: nmstat Value: 5e8f8854-4b69-9b31-e48d-7bf0f1d49dcb
35627.global.siteimproveanalytics.io/	1970-01-20 09:31:21	Name: AWSALBCORS Value: sWJLHGML0sxWctzlFjbLoBjdxPvKzMo7lhg2BuONgu63FX5ur69NNGskqOENrlmtVV97lLTgRy6vSwbWvsC5RUv44OvbvBL0Lia4oZ7qx5xH7ktUMQcthdWViPp1
connect.bakertilly.com/	1970-01-20 09:22:42	Name: ln_or Value: eyIzMDUyNSI6ImQifQ%3D%3D
.linkedin.com/	1970-01-20 10:04:28	Name: UserMatchHistory Value: AQJBXYu2t74_lQAAAYYOP1L9OpD6MKGxslTOgi5axWnmTEfqAguKvgDwF1c-2bZZSUBj_2BCr-prMw
.linkedin.com/	1970-01-20 10:04:28	Name: AnalyticsSyncHistory Value: AQKqsi5GPzVBaAAAAYYOP1L9wWiwdEbth7syeGVCmJJu4gKr3l5a5vxBB0UqKyXz7lrMaiY4VPqNrNnm8YEYwg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:06:52	Name: bcookie Value: "v=2&54d84c85-a1bc-4e72-8e03-58c2ebe099e4"
.linkedin.com/	1970-01-20 09:22:42	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2425:u=1:x=1:i=1675276276:t=1675362676:v=2:sig=AQFp_NRw0UfvYLsfJkmyT5CoRDjegw1-"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:06:52	Name: bscookie Value: "v=1&2023020118311680516ec6-7eab-461a-83ce-002fdcb33fb2AQGOcNjpBHWwvjNDcuBZ9-fcXsHTUfO2"
.linkedin.com/	1970-01-20 13:40:28	Name: li_gc Value: MTswOzE2NzUyNzYyNzY7MjswMjGZMIDzJdwu3o2KV21aZW//kzz2XcVrxV+cP6WGdhC6IA==
.ws.zoominfo.com/	1970-01-20 18:06:52	Name: visitorId Value: bf928cc41024cf225239465305d57f32b044760bb48eada813c6f84a48b3fc99
.zoominfo.com/	1970-01-20 09:21:18	Name: __cf_bm Value: s6Yq9YAHX6p01LhR7dNHMY8VsALG84llIwvLgAE0Xiw-1675276276-0-AQh3eXSHp9uo0xdN2qLq8JK7Pi+XgOKl09At3s0etPw8Wu8keRGHUKgDihr7jTWRhTYaO/eL0vczGPi1hDc2wAs=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 6xutui9QxKNGKTK5vXIBMmIxuvzKqTrsL867GvJquoU-1675276276934-0-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

35627.global.siteimproveanalytics.io
ajax.googleapis.com
analytics-sm.com
bit.ly
buttons-config.sharethis.com
cdn.calibermind.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.metarouter.io
connect.bakertilly.com
d.adroll.com
e.metarouter.io
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
pi.pardot.com
platform-api.sharethis.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
siteimproveanalytics.com
snap.licdn.com
stats.g.doubleclick.net
storage.pardot.com
ws.zoominfo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
cdn.jsdelivr.net
connect.bakertilly.com
fonts.googleapis.com
13.107.42.14
13.32.27.38
13.32.27.75
18.208.125.13
2600:9000:206f:4400:c:abe:f440:93a1
2600:9000:206f:6400:2:53b2:240:93a1
2600:9000:211e:1a00:6:9280:1080:93a1
2600:9000:211e:4600:d:7e9b:1200:93a1
2600:9000:2204:a00:13:5e7f:45c0:93a1
2606:4700:3031::ac43:d595
2606:4700::6810:5714
2606:4700::6810:650c
2606:4700:e2::ac40:8e22
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2004
2a00:1450:4001:813::2003
2a00:1450:400c:c0a::9c
2a00:1450:400d:80a::200e
2a02:26f0:11a::6867:4832
2a05:d018:cc3:fe05:c584:26de:9418:fab
3.127.99.93
3.215.172.219
35.156.255.87
35.225.249.69
67.199.248.11
0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025
12bfc76815c9102e1d42e23830b022915b63a095f991f3349b2d06fe58c761f8
133b0a1570d26f9e1beeecaeb4587a8f449c65bff8c87895cdd7e98879644ba6
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2409f05808bdd1c2565f5ab75e7b4eaa685866da67667b91529869d4fdf5735a
2b490b73d27ec28072dd25b9d7a18367b2aaa54ac35dc1d6d3efffb2cfdfa0b6
374a73669cb18a65f88e7bb2c0cefe8329a33809901c06e59699f86f79c7f8c9
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
3e20d85c5f4215e6511a73f91f5a3c782a77973566e0c778adfe8917087d45a4
4c762350bf5dcf159a3adfddb1c33d90a8d85daaf7c5de9ea82b5fd201dd2d5b
4de07af92a9e2e72fd6a9331056f3dbbc37994a55b950a2fbc9ff56e76c0da23
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
628d6315130cd4de61ea584cd8dc091a22f3fe455afbf7228b43b99ca44db25e
73cc63bb03dcd45fb88da44aab94ebcd0b587fe595a0259353875a72b1d33ae5
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
7e4ef99653f86b716cfa8a91b47c4a573e1108ae4ea6bde77db90a3eb0271575
831e90e4c55e6a57fbd416f77c291ec58db4d5dd820a6daa1f897e6a68a69607
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b
a6d4dbc34bb1eed122b44f46bddc1ce834b5b8e0c833c3d2d053312e1b3d5782
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aecc14bc587513091db72537a892e0a3c21293d994eafcfbf491c1492dbce426
b67d146cf21105c63d6050a1d58ea6f2386749793b8b5c935bafc11904bd08de
b6ccea834c81e029b0185925ac24caf2878d3c9f3d0cd8d79e7f73729970918b
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c0c6708ae1e46299c8592a4e7f555121b43a46a38a6637fe10d229ac536af475
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbc237cabbae1bfa0abc33951828b16f0c1f1078138460046d8d4affc34a23b2
cda851ced6071adcde40501c1c09e21fd48be1594567337f82711a6371b9779c
dab7d27ca51561de26e2902522f7c54c67fec18ae4a3ae6a656e20d84680e5a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eccbb88a8955a592ec36e36214b2326d30cd44855b1f4c4d54afda7a5f185e71
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbec195410c0786a7fb940d9eed5bf918e44e570c1bcd84abcce6f7c1fb9f4e1

connect.bakertilly.com Open in urlscan Pro 18.208.125.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

73 %HTTPS

68 %IPv6

22 Domains

30 Subdomains

27 IPs

5 Countries

858 kBTransfer

2680 kBSize

22 Cookies

21 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

connect.bakertilly.com Open in urlscan Pro
18.208.125.13 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

73 %
HTTPS

68 %
IPv6

22
Domains

30
Subdomains

27
IPs

5
Countries

858 kB
Transfer

2680 kB
Size

22
Cookies

52 HTTP transactions
0 data transactions