www.bain.com Open in urlscan Pro
104.18.17.68 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bain.com/privacy
Submission: On July 20 via api (July 20th 2023, 1:21:48 pm UTC) from US — Scanned from DE

Summary HTTP 52 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 52 HTTP transactions. The main IP is 104.18.17.68, located in and belongs to CLOUDFLARENET, US. The main domain is www.bain.com. The Cisco Umbrella rank of the primary domain is 160085.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 12th 2023. Valid for: a year.

This is the only time www.bain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	104.18.17.68 104.18.17.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.127 13.32.121.127	16509 (AMAZON-02) (AMAZON-02)
6	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	13.225.78.53 13.225.78.53	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
13	52.222.236.95 52.222.236.95	16509 (AMAZON-02) (AMAZON-02)
1	108.139.243.47 108.139.243.47	() ()
1	13.32.99.41 13.32.99.41	16509 (AMAZON-02) (AMAZON-02)
1	3.228.90.211 3.228.90.211	14618 (AMAZON-AES) (AMAZON-AES)
2	52.236.186.217 52.236.186.217	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
52	11

17 104.18.17.68 (None, )

ASN13335 (CLOUDFLARENET, US)

www.bain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-127.fra60.r.cloudfront.net

consent.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

lp.bain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.225.78.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-53.fra2.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.222.236.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-95.fra56.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.243.47 (United States)

ASN- ()
PTR: server-108-139-243-47.mxp63.r.cloudfront.net

api.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-41.fra60.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.90.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-90-211.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.236.186.217 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	bain.com www.bain.com — Cisco Umbrella Rank: 160085 lp.bain.com — Cisco Umbrella Rank: 227264	1 MB
21	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 2708 consent-pref.trustarc.com — Cisco Umbrella Rank: 14101 consent-st.trustarc.com — Cisco Umbrella Rank: 32765	350 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 620	281 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56	21 KB
1	truste-svc.net prefmgr-cookie.truste-svc.net — Cisco Umbrella Rank: 33003	2 KB
1	demandbase.com api.demandbase.com — Cisco Umbrella Rank: 11097	2 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2024	22 KB
1	truste.com consent.truste.com — Cisco Umbrella Rank: 8062	6 KB
52	8

	Domain	Requested by
17	www.bain.com	www.bain.com az416426.vo.msecnd.net
13	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com prefmgr-cookie.truste-svc.net
7	consent.trustarc.com	consent.truste.com www.bain.com
6	lp.bain.com	www.bain.com lp.bain.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	www.google-analytics.com	www.bain.com
1	prefmgr-cookie.truste-svc.net	www.bain.com
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	api.demandbase.com	az416426.vo.msecnd.net
1	az416426.vo.msecnd.net	www.bain.com
1	consent.truste.com	www.bain.com
52	11

This site contains links to these domains. Also see Links.

Domain
www.bain.cn
alumni.bain.com
privacyportal-de.onetrust.com
www.alumni.bain.com
www.google.com
www.linkedin.com
twitter.com
www.facebook.com
www.youtube.com
www.instagram.com
www.essentialaccessibility.com

Subject Issuer	Validity	Valid
www.bain.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-12` - `2024-07-11`	a year	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-16`	a year	crt.sh
lp.bain.com Cloudflare Inc ECC CA-3	`2023-01-08` - `2024-01-07`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
*.truste-svc.net Amazon RSA 2048 M01	`2023-04-23` - `2024-05-21`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 01	`2023-07-05` - `2024-06-27`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.bain.com/privacy
Frame ID: DBAF43A7630EB18E83920EDCB87F3C0A
Requests: 30 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fprivacy%2F&cookieLink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fcookie-policy%2F&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW
Frame ID: BF2CDE5BFCE927FFCFD088E529131B7E
Requests: 16 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/34B18A2CD1449F6FE470526458E51DDF.cache.html
Frame ID: 733CC3A3BD096B0C6BEF09E55373A863
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https://www.bain.com/about/privacy/&cookieLink=https://www.bain.com/about/cookie-policy/&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW
Frame ID: 03DE1898370EEA33A20FACCD5307DC80
Requests: 1 HTTP requests in this frame

Frame: https://lp.bain.com/index.php/form/XDFrame
Frame ID: 82563A3AA7A26A8450B542C69E245852
Requests: 2 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 1BBA0818E620DAE9327F787FE07B8049
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Privacy Policy | Bain & Company

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

100 %
HTTPS

18 %
IPv6

8
Domains

11
Subdomains

11
IPs

4
Countries

1643 kB
Transfer

4871 kB
Size

16
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bain.cn/
Title: China (中文版)

Search URL Search Domain Scan URL

URL: https://alumni.bain.com/login/cookie-policy/
Title: here

Search URL Search Domain Scan URL

URL: https://privacyportal-de.onetrust.com/webform/0ea9b6b4-9f39-441a-ad8c-05b2ae8f175c/aa3576c0-30dd-4d2e-b49b-5fdd7bfb9fe5
Title: data subject request form

Search URL Search Domain Scan URL

URL: http://www.alumni.bain.com/
Title: BeyondBain

Search URL Search Domain Scan URL

URL: https://www.google.com/policies/privacy/
Title: Google’s Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/bain-and-company

Search URL Search Domain Scan URL

URL: https://twitter.com/bainandcompany

Search URL Search Domain Scan URL

URL: http://www.facebook.com/bainandcompany

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/bainandcompany

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bainandcompany/

Search URL Search Domain Scan URL

URL: https://www.essentialaccessibility.com/bain/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request privacy Show response
www.bain.com/ 215 KB
47 KB 746ms
597ms Document
text/html 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bain.com/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3569ba4e4863f5321c31ce0686d388d1420e297cd905a0aed8a8829690d9517

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-2syD//y1mC2wY8dcUhqg0rPQlTt2ZBKzKLRikNsDdI8=' 'strict-dynamic' 'self' 'unsafe-inline' 'unsafe-eval' https: http:; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7e9b823ec9649193-FRA
content-encoding: gzip
content-length: 46785
content-security-policy: script-src 'nonce-2syD//y1mC2wY8dcUhqg0rPQlTt2ZBKzKLRikNsDdI8=' 'strict-dynamic' 'self' 'unsafe-inline' 'unsafe-eval' https: http:; object-src 'self';
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 13:21:42 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 style.css
www.bain.com/static/bain.com/v-638248353640000000/css/ 958 KB
130 KB 51ms
51ms Stylesheet
text/css 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css

Requested by

Host: www.bain.com
URL: https://www.bain.com/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9658700e56009f4638d3481d52132f00547a095bcfd52838cf38971d699de073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/privacy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 2939
content-length: 133138
last-modified: Thu, 13 Jul 2023 08:56:04 GMT
server: cloudflare
etag: "0aab9da67b5d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e9b82429f129193-FRA
expires: Fri, 21 Jul 2023 13:21:42 GMT

GET
H2 200 notice Show response
consent.truste.com/ 14 KB
6 KB 169ms
70ms Script
text/javascript 13.32.121.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.truste.com/notice?domain=bain.com&c=teconsent&text=true&gtm=1&js=nj&noticeType=bb&language=en&cookieLink=https%3a%2f%2fwww.bain.com%2fabout%2fcookie-policy%2f&privacypolicylink=https%3a%2f%2fwww.bain.com%2fabout%2fprivacy%2f

Requested by

Host: www.bain.com
URL: https://www.bain.com/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-127.fra60.r.cloudfront.net

Software

Resource Hash

53b6f8aa7c02adb0c9730ebfbff71b85bbdf7cdffe097fcae4bbfb6eba4a4ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 5222
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=3600
timing-allow-origin: *
x-amz-cf-id: qzPXa3lpFl1grms0s3lvaUtmX_EekF4NQ3iTKjXNZsk6mmxy5hGS-A==
expires: Thu, 20 Jul 2023 14:21:42 GMT

GET
H2 200 v-638248353360000000.js Show response
www.bain.com/Bundles/JS/ 121 KB
54 KB 69ms
68ms Script
text/javascript 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bain.com/Bundles/JS/v-638248353360000000.js

Requested by

Host: www.bain.com
URL: https://www.bain.com/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53ae656dde4ebea5d83adf77427e1f8e57e99fc5ec88ec693131e5067d23bd48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/privacy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 7337
content-length: 55192
last-modified: Thu, 20 Jul 2023 06:19:56 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31510694
accept-ranges: bytes
cf-ray: 7e9b82429f159193-FRA
expires: Fri, 19 Jul 2024 06:19:56 GMT

GET
H2 200 logo_red_bain.svg
www.bain.com/contentassets/0b88e3e10a7b4592809517c28b75847e/ 5 KB
2 KB 62ms
60ms Image
image/svg+xml 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bain.com/contentassets/0b88e3e10a7b4592809517c28b75847e/logo_red_bain.svg

Requested by

Host: www.bain.com
URL: https://www.bain.com/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0e01fbdb91aa2219c0db55873353d114fbd7639869a83586702c571994b6ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/privacy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 15:07:01 GMT
server: cloudflare
age: 28754
etag: W/"1D972076D67D880"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: gzip
cache-control: public, max-age=14446
cf-ray: 7e9b8244292f9193-FRA
expires: Thu, 20 Jul 2023 17:22:29 GMT

GET
H2 200 logo_white-bain.svg
www.bain.com/contentassets/0b88e3e10a7b4592809517c28b75847e/ 5 KB
2 KB 62ms
60ms Image
image/svg+xml 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bain.com/contentassets/0b88e3e10a7b4592809517c28b75847e/logo_white-bain.svg

Requested by

Host: www.bain.com
URL: https://www.bain.com/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c23c306991ed7cc9c925848b309cb477a6a171492a96541158f93d7c6262828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/privacy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 31 Jul 2018 16:27:45 GMT
server: cloudflare
age: 28753
etag: W/"1D428EB69521680"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: gzip
cache-control: public, max-age=14446
cf-ray: 7e9b824429319193-FRA
expires: Thu, 20 Jul 2023 17:22:29 GMT

GET
H2 200 scanners-1950x650.jpg
www.bain.com/globalassets/legal---do-not-edit/ 81 KB
81 KB 68ms
67ms Image
image/webp 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bain.com/globalassets/legal---do-not-edit/scanners-1950x650.jpg?width=1950&height=650&mode=crop

Requested by

Host: www.bain.com
URL: https://www.bain.com/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0666911f5245c5682a1bb32db6e0bae704dcd5799a43cae3d30b94080e03ca7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/privacy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22787
cf-polished: qual=85, origFmt=jpeg, origSize=180648
content-disposition: inline; filename="scanners-1950x650.webp"
content-length: 82630
cf-bgj: imgq:85,h2pri
last-modified: Mon, 17 Jul 2023 14:46:06 GMT
server: cloudflare
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web.Episerver/5.9.1.30599
etag: "0x8DB86D48D3B46AF"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7e9b824429329193-FRA
expires: Thu, 27 Jul 2023 13:21:43 GMT

GET
H2 200 logo_white.svg
www.bain.com/contentassets/0b88e3e10a7b4592809517c28b75847e/ 8 KB
3 KB 62ms
60ms Image
image/svg+xml 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bain.com/contentassets/0b88e3e10a7b4592809517c28b75847e/logo_white.svg

Requested by

Host: www.bain.com
URL: https://www.bain.com/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21509c46dbbb74a1b7493b0619a55ad8c3bb6df55207d87d536d503fde17ffe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/privacy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 25 Jun 2018 21:14:49 GMT
server: cloudflare
age: 19015
etag: W/"1D40CC98CC0EA80"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: gzip
cache-control: public, max-age=24185
cf-ray: 7e9b824429339193-FRA
expires: Thu, 20 Jul 2023 20:04:48 GMT

GET
H2 200 forms2.min.js Show response
lp.bain.com/js/forms2/js/ 208 KB
69 KB 417ms
148ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.bain.com/js/forms2/js/forms2.min.js

Requested by

Host: www.bain.com
URL: https://www.bain.com/privacy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 17:50:04 GMT
server: cloudflare
etag: "1a206f7-33e51-5faf5eb3b0b00"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7e9b82455b472bfc-FRA
expires: Thu, 20 Jul 2023 17:21:43 GMT

GET
H2 200 js-bottom.js Show response
www.bain.com/static/bain.com/v-638248353640000000/js/ 2 MB
486 KB 52ms
52ms Script
application/x-javascript 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bain.com/static/bain.com/v-638248353640000000/js/js-bottom.js

Requested by

Host: www.bain.com
URL: https://www.bain.com/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9cf0feebeb7170a5c785dec20aaa7136c3ba479495bd08ac497cff86977c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/privacy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 2939
content-length: 497476
last-modified: Thu, 13 Jul 2023 08:56:04 GMT
server: cloudflare
etag: "0aab9da67b5d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e9b8243e8d09193-FRA
expires: Fri, 21 Jul 2023 13:21:43 GMT

GET
H2 200 v1.7-1894 Show response
consent.trustarc.com/asset/notice.js/v/ 88 KB
26 KB 159ms
46ms Script
text/javascript 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-1894

Requested by

Host: consent.truste.com
URL: https://consent.truste.com/notice?domain=bain.com&c=teconsent&text=true&gtm=1&js=nj&noticeType=bb&language=en&cookieLink=https%3a%2f%2fwww.bain.com%2fabout%2fcookie-policy%2f&privacypolicylink=https%3a%2f%2fwww.bain.com%2fabout%2fprivacy%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

Resource Hash

8e829fc9489f4d065284060d387030543b1b6f81b8d4a725510e2622181fb784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bain.com/
Origin: https://www.bain.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 12:39:21 GMT
content-encoding: gzip
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 2542
x-cache: Hit from cloudfront
pragma: public
last-modified: Mon, 17 Jul 2023 03:21:03 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: B8JPd09OG9aRzSt2aOdohFrBCidZkskTIhHm9eTsFGGa4Cop_cWrPQ==
expires: Sat, 19 Aug 2023 12:39:21 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
429 B 185ms
71ms Image
image/gif 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=bain.com&country=de&state=&behavior=expressed&session=112b5856-d12d-406d-beb5-344e836f2da2&userType=NEW&c=4aa4

Requested by

Host: www.bain.com
URL: https://www.bain.com/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 13:21:43 GMT
via: 1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: cXjhon-R__58nlUeJKMaSIbreArWUFo3P8jYnqQek18NgUYx-IjmEA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 132ms
39ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bain.com
URL: https://www.bain.com/Bundles/JS/v-638248353360000000.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Jul 2023 12:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2784
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 20 Jul 2023 14:35:19 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 169ms
40ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.bain.com
URL: https://www.bain.com/privacy
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jul 2023 13:21:43 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1570
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 07b38df6-801e-00fa-5509-bb33cb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Thu, 20 Jul 2023 13:51:43 GMT

GET
H2 200 country-icons.png
www.bain.com/static/bain.com/v-638248353640000000/images/spritesheet/ 2 KB
3 KB 58ms
58ms Image
image/webp 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bain.com/static/bain.com/v-638248353640000000/images/spritesheet/country-icons.png

Requested by

Host: www.bain.com
URL: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0f53e2e433a6b3e400b2d4320ccded29deb9341075273c844800c419a760f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1300
cf-polished: origFmt=png, origSize=3756
content-disposition: inline; filename="country-icons.webp"
content-length: 2534
cf-bgj: imgq:85,h2pri
last-modified: Thu, 13 Jul 2023 08:56:06 GMT
server: cloudflare
etag: "0d7eadb67b5d91:0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e9b824449519193-FRA
expires: Fri, 21 Jul 2023 13:21:43 GMT

GET
H2 200 eA-logo.svg
www.bain.com/static/bain.com/images/third-party/ 5 KB
2 KB 64ms
63ms Image
image/svg+xml 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bain.com/static/bain.com/images/third-party/eA-logo.svg

Requested by

Host: www.bain.com
URL: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa8b3bd7a9d98a2b0854e954e762024c83a4648a97dfc3829db3e243ba69f417

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 08:56:06 GMT
server: cloudflare
age: 6954
etag: W/"0d7eadb67b5d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: gzip
cache-control: public, max-age=86400
cf-ray: 7e9b824459609193-FRA
expires: Fri, 21 Jul 2023 13:21:43 GMT

GET
H2 200 Graphik-Regular-Web.woff2
www.bain.com/static/bain.com/v-638248353640000000/fonts/ 36 KB
36 KB 63ms
61ms Font
application/font-woff2 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bain.com/static/bain.com/v-638248353640000000/fonts/Graphik-Regular-Web.woff2

Requested by

Host: www.bain.com
URL: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42c55269681dd955f6f8e9240deea292927f5226e04624fff91c52ff1bd67c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css
Origin: https://www.bain.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2899
content-length: 36521
last-modified: Thu, 13 Jul 2023 08:56:04 GMT
server: cloudflare
etag: "0aab9da67b5d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e9b824459639193-FRA
expires: Fri, 21 Jul 2023 13:21:43 GMT

GET
H2 200 Graphik-Medium-Web.woff2
www.bain.com/static/bain.com/v-638248353640000000/fonts/ 35 KB
35 KB 57ms
55ms Font
application/font-woff2 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bain.com/static/bain.com/v-638248353640000000/fonts/Graphik-Medium-Web.woff2

Requested by

Host: www.bain.com
URL: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99b143900183ee930b88b0dba7e744a677e7fe2001b55232014157ae837bf9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css
Origin: https://www.bain.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3017
content-length: 35557
last-modified: Thu, 13 Jul 2023 08:56:04 GMT
server: cloudflare
etag: "0aab9da67b5d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e9b824459649193-FRA
expires: Fri, 21 Jul 2023 13:21:43 GMT

GET
H2 200 bainicon.ttf
www.bain.com/static/bain.com/v-638248353640000000/fonts/bainicon/ 43 KB
43 KB 64ms
62ms Font
application/octet-stream 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bain.com/static/bain.com/v-638248353640000000/fonts/bainicon/bainicon.ttf?iswbmy

Requested by

Host: www.bain.com
URL: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

416addba07457c269bd9be58d7a24b0ac257f16460f0fa495f058ddd8a019bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css
Origin: https://www.bain.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3134
content-length: 43996
last-modified: Thu, 13 Jul 2023 08:56:04 GMT
server: cloudflare
etag: "0aab9da67b5d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e9b824459659193-FRA
expires: Fri, 21 Jul 2023 13:21:43 GMT

GET
H2 200 TiemposTextWeb-RegularItalic.woff2
www.bain.com/static/bain.com/v-638248353640000000/fonts/ 57 KB
57 KB 64ms
62ms Font
application/font-woff2 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bain.com/static/bain.com/v-638248353640000000/fonts/TiemposTextWeb-RegularItalic.woff2

Requested by

Host: www.bain.com
URL: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68e1bb2c0e9cf3d61f6878a543063202f5cdac3912b89d15b39979cfd6665f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css
Origin: https://www.bain.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2685
content-length: 58012
last-modified: Thu, 13 Jul 2023 08:56:04 GMT
server: cloudflare
etag: "0aab9da67b5d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e9b824459699193-FRA
expires: Fri, 21 Jul 2023 13:21:43 GMT

GET
H2 200 TiemposTextWeb-Regular.woff2
www.bain.com/static/bain.com/v-638248353640000000/fonts/ 55 KB
55 KB 73ms
72ms Font
application/font-woff2 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bain.com/static/bain.com/v-638248353640000000/fonts/TiemposTextWeb-Regular.woff2

Requested by

Host: www.bain.com
URL: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca9a332753ad9130976bd5c0d3991fa9d67b995c2ec8e1e12a2c8d7ac7c36d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css
Origin: https://www.bain.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2899
content-length: 56268
last-modified: Thu, 13 Jul 2023 08:56:04 GMT
server: cloudflare
etag: "0aab9da67b5d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e9b8244697d9193-FRA
expires: Fri, 21 Jul 2023 13:21:43 GMT

GET
H2 200 TiemposTextWeb-Semibold.woff2
www.bain.com/static/bain.com/v-638248353640000000/fonts/ 56 KB
56 KB 68ms
66ms Font
application/font-woff2 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bain.com/static/bain.com/v-638248353640000000/fonts/TiemposTextWeb-Semibold.woff2

Requested by

Host: www.bain.com
URL: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7de3f664e0b4eca3205e676eddfade03e359a41438f18359f68cfab5e65d495d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.bain.com/static/bain.com/v-638248353640000000/css/style.css
Origin: https://www.bain.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1227
content-length: 57452
last-modified: Thu, 13 Jul 2023 08:56:04 GMT
server: cloudflare
etag: "0aab9da67b5d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e9b8244697f9193-FRA
expires: Fri, 21 Jul 2023 13:21:43 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 43ms
43ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1345149757&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bain.com%2Fprivacy&ul=en-us&de=UTF-8&dt=Privacy%20Policy%20%7C%20Bain%20%26%20Company&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YIAAAAABAAAAAAAAAE~&cid=2291907068&tid=UA-7229296-1&_gid=905119979.1689859303&z=177200286

Requested by

Host: www.bain.com
URL: https://www.bain.com/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 05:08:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29566
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame BF2C 5 KB
3 KB 192ms
69ms Document
text/html 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fprivacy%2F&cookieLink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fcookie-policy%2F&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-1894

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-95.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

053bf35ebd4d7473f9da3c4f0ef90fb10b2134c2d29c78f896f4f3ec648146bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.bain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 13:21:43 GMT
etag: W/"5135-1687166456000"
expect-ct: max-age=86400; enforce;
last-modified: Mon, 19 Jun 2023 09:20:56 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
x-amz-cf-id: wvRZN1MHwOPYh0TmHKht08QU0AWWmQXTB8IA4Ope111jbqy_2c8GqQ==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
429 B 73ms
73ms Image
image/gif 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=bain.com&behavior=expressed&country=de&language=en&rand=0.19920523880764396&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW

Requested by

Host: www.bain.com
URL: https://www.bain.com/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 13:21:43 GMT
via: 1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: Hqmwg6c-EOGsznP1DoAkMu8HwJlIqHE44bqZX5jiNNKO5ljd1kSJ-g==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 getForm Show response
lp.bain.com/index.php/form/ 9 KB
3 KB 611ms
610ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.bain.com/index.php/form/getForm?munchkinId=378-NYU-220&form=1014&url=https%3A%2F%2Fwww.bain.com%2Fprivacy&callback=jQuery1124023831099206440887_1689859303458&_=1689859303459
Requested by: Host: lp.bain.com
URL: https://lp.bain.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 676526062e4b39074bb2acb3ffa13b09eb21708e4d1bf973e8f12445d661d8a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-form-service-request-id: 10790#1897376a8b9
x-marketo-source: Form Service
cf-ray: 7e9b8246cd0a2bfc-FRA
cached: false

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame BF2C 5 KB
3 KB 73ms
73ms Script
application/javascript 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fprivacy%2F&cookieLink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fcookie-policy%2F&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-95.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d6b23d0dee780782453f2e7f30470198b0eb4f0833b122e4ae3727d1107a9d10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fprivacy%2F&cookieLink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fcookie-policy%2F&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
content-encoding: gzip
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 19 Jun 2023 09:21:16 GMT
server: nginx
etag: W/"4867-1687166476000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 9AaM7g-FOal37iKdwwYXAxBZdXLTh7VQkwsQ8WXd14g7qf7FYuinXw==
expires: Thu, 20 Jul 2023 13:21:42 GMT

GET
H/1.1 200
OK ip.json Show response
api.demandbase.com/api/v2/ 3 KB
2 KB 235ms
113ms XHR
application/json 108.139.243.47

General

Check archive.org

Show headers Download Go to

Full URL

https://api.demandbase.com/api/v2/ip.json?auth=rItedalSdJqqnqp8h2dq26PWEuGmMNopGyAjWF5H

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.139.243.47 , United States, ASN (),

Reverse DNS

server-108-139-243-47.mxp63.r.cloudfront.net

Software

nginx /

Resource Hash

f36b1bed79c1bd8cc5d33647de370b6844aa763aad32afc19a986146d0babcbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bain.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 13:21:43 GMT
Identification-Source: CENTRAL
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 001aa7a52bdc42fbf9e9a20c9d840374.cloudfront.net (CloudFront)
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Amz-Cf-Pop: MXP63-P3
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Request-ID: 709b3609-6e31-4e99-8679-dc28a00d2ab3
Pragma: no-cache
Server: nginx
Access-Control-Max-Age: 7200
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.bain.com
Access-Control-Expose-Headers: x-amz-cf-id
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
Vary: Accept-Encoding, Origin
Api-Version: v2
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Amz-Cf-Id: f1C2L7HlKbJrgXcpfyM3vgROiW_MY48YhHUqm5vKk7kKcwiCyfX9KQ==
Expires: Wed, 19 Jul 2023 13:21:43 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame BF2C 20 KB
5 KB 158ms
40ms Script
text/javascript 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-41.fra60.r.cloudfront.net

Software

Resource Hash

f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Sat, 08 Jul 2023 13:07:26 GMT
content-encoding: gzip
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 1037657
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: hvQ7eS1Yjmix2U32TK3FqS2jEvrJ-oK4SHo44krrdIGcTxBH4mnqkg==
expires: Mon, 07 Aug 2023 13:07:26 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame BF2C 3 KB
3 KB 43ms
42ms Image
image/gif 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-95.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fprivacy%2F&cookieLink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fcookie-policy%2F&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:05:22 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 982
x-cache: Hit from cloudfront
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 19 Jun 2023 09:20:56 GMT
server: nginx
etag: W/"2608-1687166456000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: tTs9kYq6eC8W_jYK-wCdJWpeZVFY_k3ZV5Cc1VEXRi8Qsz2NI_Ydqw==

GET
H2 200 34B18A2CD1449F6FE470526458E51DDF.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 733C 139 KB
46 KB 46ms
46ms Document
text/html 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/34B18A2CD1449F6FE470526458E51DDF.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-95.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ea404902ed29515473d3a240a09c28b2c11dc7d75ae53b6e7f71ebf5be0ec096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fprivacy%2F&cookieLink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fcookie-policy%2F&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 299672
cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 17 Jul 2023 02:07:11 GMT
etag: W/"142502-1687166476000"
expect-ct: max-age=86400; enforce;
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 19 Jun 2023 09:21:16 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
x-amz-cf-id: p2tRCfQWJsyoqWNrciP413PhFc6QyNKzoPZnnyjWdbitrkyd_vmywQ==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame BF2C 969 B
1 KB 92ms
91ms XHR
application/json 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/34B18A2CD1449F6FE470526458E51DDF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-95.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 34B18A2CD1449F6FE470526458E51DDF
Referer: https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fprivacy%2F&cookieLink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fcookie-policy%2F&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
content-encoding: gzip
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 468
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 9G_eiLkEUqO4ry1LLWmZsXReliozcGvkWzb_1iy-274PJsAzfZunJw==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame BF2C 48 B
622 B 97ms
96ms XHR
application/json 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/34B18A2CD1449F6FE470526458E51DDF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-95.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

2b2b73d61bf680bef28a2f66bc9e37186eb1ed5f018bc7b9f7e663f25afa8135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 34B18A2CD1449F6FE470526458E51DDF
Referer: https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fprivacy%2F&cookieLink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fcookie-policy%2F&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 20 Jul 2023 13:21:43 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 48
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 0k4RoGqxsBmuBUDP9fA4VhYC5umO-ybt4S_AxF903GWOB-UhF2UPbw==

POST
H2 200 get Show response
www.bain.com/api/Demandbase/ 4 KB
1 KB 201ms
201ms XHR
application/json 104.18.17.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bain.com/api/Demandbase/get

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12c76c21f82af2ec441a923f6a6c7ff8fb476d59025f730e50e30f1fc25e76b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-I4aLS3yrb6hVCdNucn6Is4BAWzJy3ozQwKI32zILiFc=' 'strict-dynamic' 'self' 'unsafe-inline' 'unsafe-eval' https: http:; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.bain.com/privacy
X-Requested-With: XMLHttpRequest
Request-Id: |4orbE.ODc0x
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 20 Jul 2023 13:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'nonce-I4aLS3yrb6hVCdNucn6Is4BAWzJy3ozQwKI32zILiFc=' 'strict-dynamic' 'self' 'unsafe-inline' 'unsafe-eval' https: http:; object-src 'self';
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 7e9b8249288b9193-FRA
content-length: 945

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame BF2C 30 KB
7 KB 135ms
134ms Stylesheet
text/css 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/EuPreferenceManager.css

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/34B18A2CD1449F6FE470526458E51DDF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-95.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1230e0ea39c92efe693a98e2954b2fec447cf05c7dce18a494b0974b693af427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fprivacy%2F&cookieLink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fcookie-policy%2F&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:06:47 GMT
content-encoding: gzip
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 960
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 19 Jun 2023 09:20:56 GMT
server: nginx
etag: W/"30573-1687166456000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: Pomg4d5LOfyRnZO4-y_4tBwIJcwxWxI62qc0sd67qfl7dys_ehheWA==
expires: Thu, 20 Jul 2023 13:05:42 GMT

GET
H2 200 11.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/34B18A2CD1449F6FE470526458E51DDF/ Frame BF2C 261 KB
89 KB 85ms
85ms XHR
application/javascript 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/34B18A2CD1449F6FE470526458E51DDF/11.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/34B18A2CD1449F6FE470526458E51DDF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-95.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4f90844f31d7362b9863b38462e757ef68211bd1f4b6a94b2e753e1c7b93bc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fprivacy%2F&cookieLink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fcookie-policy%2F&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:07:21 GMT
content-encoding: gzip
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 299662
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 19 Jun 2023 09:21:16 GMT
server: nginx
etag: W/"267342-1687166476000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: sm58bik_pA55XShjCeJi-VOXeAZ2Qz4ivhDmBdxwJ1UhD5XVhM5ItQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/34B18A2CD1449F6FE470526458E51DDF/ Frame BF2C 19 KB
8 KB 43ms
42ms XHR
application/javascript 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/34B18A2CD1449F6FE470526458E51DDF/1.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/34B18A2CD1449F6FE470526458E51DDF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-95.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ccaa9ea99455a83bb770a835d90223458efc596a6bdf41a9e9c247504a5a538e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fprivacy%2F&cookieLink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fcookie-policy%2F&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:07:42 GMT
content-encoding: gzip
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 299642
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 19 Jun 2023 09:21:16 GMT
server: nginx
etag: W/"19776-1687166476000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: fg90dXOhgxgOiwZXH7ehk8ALzXzyPpxjibTeEBTcrVVCn_yxqC22hg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 forms2.css
lp.bain.com/js/forms2/css/ 13 KB
3 KB 165ms
163ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.bain.com/js/forms2/css/forms2.css

Requested by

Host: lp.bain.com
URL: https://lp.bain.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 17:50:03 GMT
server: cloudflare
etag: "1a206fc-3437-5faf5eb2bc8c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7e9b824abaa22bfc-FRA
content-length: 2623
expires: Thu, 20 Jul 2023 17:21:44 GMT

GET
H2 200 forms2-theme-inset.css
lp.bain.com/js/forms2/css/ 3 KB
1 KB 153ms
153ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.bain.com/js/forms2/css/forms2-theme-inset.css

Requested by

Host: lp.bain.com
URL: https://lp.bain.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53386b51cdacd99baec553808a51cb6964b2a6e4b9db4c73d977c3d7311c76b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 17:50:03 GMT
server: cloudflare
etag: "1a206f9-d86-5faf5eb2bc8c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7e9b824abaa42bfc-FRA
content-length: 953
expires: Thu, 20 Jul 2023 17:21:44 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame 03DE 5 KB
2 KB 372ms
117ms Document
text/html 3.228.90.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https://www.bain.com/about/privacy/&cookieLink=https://www.bain.com/about/cookie-policy/&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW

Requested by

Host: www.bain.com
URL: https://www.bain.com/privacy

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.228.90.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-228-90-211.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 13:21:44 GMT
etag: W/"5014-1657163800000"
expect-ct: max-age=31536000
last-modified: Thu, 07 Jul 2022 03:16:40 GMT
permissions-policy: geolocation=(), microphone=(), payment=()
referrer-policy: origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame BF2C 780 B
934 B 67ms
67ms XHR
application/json 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/34B18A2CD1449F6FE470526458E51DDF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-95.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1be98295d3360344beeb92226ba6e2bfee2554d2a3857cd6414213e2868b9163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 34B18A2CD1449F6FE470526458E51DDF
Referer: https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fprivacy%2F&cookieLink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fcookie-policy%2F&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 20 Jul 2023 13:21:44 GMT
content-encoding: gzip
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 342
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: BIiwTI_6rYH-wJquUnhPx-QG8WNdO7gnsaeQEgvO2NHr-8V0yK8W4Q==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame BF2C 30 KB
8 KB 70ms
70ms XHR
application/json 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/34B18A2CD1449F6FE470526458E51DDF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-95.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

2e577ffe6ecc806ec980d1fc6f934e205d26f84beaa53849dde3362dd41d1c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 34B18A2CD1449F6FE470526458E51DDF
Referer: https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fprivacy%2F&cookieLink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fcookie-policy%2F&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 20 Jul 2023 13:21:44 GMT
content-encoding: gzip
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 7564
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: eFQt1Z0ssnVM3F9-QjlNJwHph5JFqsKycvkPmfTyWy_TFJTgeYD5RA==

GET
H2 200 get
consent.trustarc.com/ Frame BF2C 3 KB
2 KB 42ms
41ms Image
image/png 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=Powered-By-TrustArc.png

Requested by

Host: www.bain.com
URL: https://www.bain.com/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

Resource Hash

407d40651225e9ce7c887f32e1d10213df4aba24a4fc4ffbee407d26573eab89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Thu, 20 Jul 2023 12:34:58 GMT
content-encoding: gzip
via: 1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 2806
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: WC0IIyIFs1SmvEm9mzU5ArVW-h9mS02Cd1VvxJDbvc2toyR9LpHwqw==
expires: Sat, 19 Aug 2023 12:34:58 GMT

GET
H2 200 XDFrame Show response
lp.bain.com/index.php/form/ Frame 8256 2 KB
731 B 153ms
153ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.bain.com/index.php/form/XDFrame

Requested by

Host: lp.bain.com
URL: https://lp.bain.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a37180bfc76fe0ea4111ef903813e84a2b43d056ff4bb7ba9306b4a68e3f5c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 7e9b824c3d212bfc-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 13:21:44 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 forms2.min.js Show response
lp.bain.com/js/forms2/js/ Frame 8256 208 KB
69 KB 55ms
55ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.bain.com/js/forms2/js/forms2.min.js

Requested by

Host: lp.bain.com
URL: https://lp.bain.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.bain.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 17:50:04 GMT
server: cloudflare
age: 1
etag: "1a206f7-33e51-5faf5eb3b0b00"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7e9b824d4e5f2bfc-FRA
expires: Thu, 20 Jul 2023 17:21:44 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 242ms
44ms Preflight 52.236.186.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.bain.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 20 Jul 2023 13:21:44 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
281 B 68ms
67ms XHR
application/json 52.236.186.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

96869d7bcea666472e5a52d421cdb0e934d28a2840c79fda448357bf82259c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bain.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 194F399D-8A3C-4CDB-A2A6-16671DB77118
strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 13:21:44 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

GET
H2 200 6.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/34B18A2CD1449F6FE470526458E51DDF/ Frame BF2C 7 KB
4 KB 41ms
41ms XHR
application/javascript 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/34B18A2CD1449F6FE470526458E51DDF/6.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/34B18A2CD1449F6FE470526458E51DDF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-95.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f2cddaf81105fe5f4778ee7e141395dc8f72488de3c752ec7336a50b6f03e679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fprivacy%2F&cookieLink=https%3A%2F%2Fwww.bain.com%2Fabout%2Fcookie-policy%2F&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:07:43 GMT
content-encoding: gzip
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 299641
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 19 Jun 2023 09:21:16 GMT
server: nginx
etag: W/"7151-1687166476000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: YPBI0-8bJk5kB9dB2RYcQW6opNVG__Ix1jJUbkeDDI3plFUFJ0ISWw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 get
consent.trustarc.com/ Frame BF2C 142 KB
46 KB 48ms
47ms Font
font/ttf 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=Graphik-Regular.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

Resource Hash

bc3d5b624e879bf1738fcbfa238a994f870f3f153cdc1148cc04bfb9a7a057fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://consent-pref.trustarc.com/
Origin: https://consent-pref.trustarc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Thu, 20 Jul 2023 12:35:12 GMT
content-encoding: gzip
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 2792
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: UBeNXzpndUSOpYmdd1VgqVK5xz-nUBwdmNEGn4A66rZM7S85taH36Q==
expires: Sat, 19 Aug 2023 12:35:12 GMT

GET
H2 200 get
consent.trustarc.com/ Frame BF2C 97 KB
46 KB 62ms
61ms Font
application/octet-stream 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=Graphik-Medium.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

Resource Hash

fdc427f5c88da2712be243eebf1eb3cf1e8d000a4697b03d2f81bf9b0faa8d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://consent-pref.trustarc.com/
Origin: https://consent-pref.trustarc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Thu, 20 Jul 2023 12:34:57 GMT
content-encoding: gzip
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 2807
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: ZWRDdFiegYjfFeRaWJCzg5NBZrV7r-A85cuabcaoL9N9EIcXQ90lmQ==
expires: Sat, 19 Aug 2023 12:34:57 GMT

GET
H2 200 get
consent.trustarc.com/ Frame BF2C 48 KB
49 KB 97ms
97ms Font
application/font-woff 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=Graphik-Light.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

Resource Hash

a30152d1f2c9e5d8611096c3758139732c9e0133590729c1bee947b2ff4b2a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://consent-pref.trustarc.com/
Origin: https://consent-pref.trustarc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Thu, 20 Jul 2023 12:39:58 GMT
content-encoding: gzip
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 2506
x-cache: Hit from cloudfront
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: bxmsl_VVrblbE8UFgbUAjaQYRalAb3J-tb2dC-EPEzkU8gcFLZkIbQ==
expires: Sat, 19 Aug 2023 12:39:58 GMT

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame 1BBA 2 KB
3 KB 40ms
40ms Document
text/html 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=bain_v6&site=bain.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&uid=5acca783-bc32-437c-9c8e-0dbe62151a5b&privacypolicylink=https://www.bain.com/about/privacy/&cookieLink=https://www.bain.com/about/cookie-policy/&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c13c8bb8-1f2c-4758-8bec-efacb7432319&userType=NEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-95.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1301
content-length: 2008
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 13:00:03 GMT
etag: W/"2008-1687166456000"
expect-ct: max-age=86400; enforce;
last-modified: Mon, 19 Jun 2023 09:20:56 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
x-amz-cf-id: bATjMgceovWTg8Nrrd_ktvC3MTTHo8m5lWXNJacnav2V3V0-7rsa9w==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bain.com/api/Demandbase	1969-12-31 23:59:59	Name: Value: Secure
.www.bain.com/	1970-01-20 13:24:22	Name: TiPMix Value: 10.752115608174616
.www.bain.com/	1970-01-20 13:24:22	Name: x-ms-routing-name Value: self
www.bain.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ehtyf0br0dokzxhhxth5mda1
www.bain.com/	1969-12-31 23:59:59	Name: Value: Secure
.www.bain.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: b82e99a67c67934cccb8b149fcc4f13b341aa056d5e3ae7bf711611e78ecb2a8
.www.bain.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: b82e99a67c67934cccb8b149fcc4f13b341aa056d5e3ae7bf711611e78ecb2a8
.bain.com/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
.bain.com/	1970-01-20 13:24:21	Name: TAsessionID Value: c13c8bb8-1f2c-4758-8bec-efacb7432319,NEW
www.bain.com/	1970-01-20 22:09:55	Name: ai_user Value: voPiU\|2023-07-20T13:21:43.302Z
.lp.bain.com/	1970-01-20 13:24:21	Name: __cf_bm Value: 0EQBaCL29cd7Wh0MZJkRHwzgiRKdO7LQyXeIIwju4Jo-1689859303-0-ATxj1pUxnPdtx5EHZTWGCqmscp6QaFmrjT8xc9ZspTaCviBHdbwgeHuKdTT/GzRR/clXT9jdg0EoreOBSV0oyJ8=
www.bain.com/	1970-01-20 23:00:19	Name: bainPageHistory Value: %5B%7B%22pageTitle%22%3A%22Privacy%20Policy%22%2C%22pageImage%22%3A%22%2Fglobalassets%2Flegal---do-not-edit%2Fscanners-1440x810.jpg%3Fwidth%3D110%26height%3D110%26mode%3Dcrop%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwww.bain.com%2Fprivacy%22%7D%5D
www.bain.com/	1970-01-20 13:24:21	Name: ai_session Value: rYJau\|1689859303843.3\|1689859303843.3
lp.bain.com/	1969-12-31 23:59:59	Name: BIGipServerab50web-nginx-app_https Value: !v7bHDp7oO14yfuSkCIQPm+cqSAXSEfFsY/LitB2PlHTEacgD4hyM1jkoHhwALbv0jYqKe653stCYvbc=
prefmgr-cookie.truste-svc.net/	1970-01-20 13:24:19	Name: cookie_3rdparty Value: enabled
consent-pref.trustarc.com/	1970-01-20 13:24:19	Name: token_test Value: Thu Jul 20 2023 13:21:44 GMT+0000 (GMT)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'nonce-2syD//y1mC2wY8dcUhqg0rPQlTt2ZBKzKLRikNsDdI8=' 'strict-dynamic' 'self' 'unsafe-inline' 'unsafe-eval' https: http:; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.demandbase.com
az416426.vo.msecnd.net
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
consent.truste.com
dc.services.visualstudio.com
lp.bain.com
prefmgr-cookie.truste-svc.net
www.bain.com
www.google-analytics.com
104.17.71.206
104.18.17.68
108.139.243.47
13.225.78.53
13.32.121.127
13.32.99.41
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:806::200e
3.228.90.211
52.222.236.95
52.236.186.217
053bf35ebd4d7473f9da3c4f0ef90fb10b2134c2d29c78f896f4f3ec648146bf
0666911f5245c5682a1bb32db6e0bae704dcd5799a43cae3d30b94080e03ca7b
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
1230e0ea39c92efe693a98e2954b2fec447cf05c7dce18a494b0974b693af427
12c76c21f82af2ec441a923f6a6c7ff8fb476d59025f730e50e30f1fc25e76b1
1be98295d3360344beeb92226ba6e2bfee2554d2a3857cd6414213e2868b9163
21509c46dbbb74a1b7493b0619a55ad8c3bb6df55207d87d536d503fde17ffe5
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2b2b73d61bf680bef28a2f66bc9e37186eb1ed5f018bc7b9f7e663f25afa8135
2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d
2c23c306991ed7cc9c925848b309cb477a6a171492a96541158f93d7c6262828
2e577ffe6ecc806ec980d1fc6f934e205d26f84beaa53849dde3362dd41d1c92
407d40651225e9ce7c887f32e1d10213df4aba24a4fc4ffbee407d26573eab89
416addba07457c269bd9be58d7a24b0ac257f16460f0fa495f058ddd8a019bb7
42c55269681dd955f6f8e9240deea292927f5226e04624fff91c52ff1bd67c02
4f90844f31d7362b9863b38462e757ef68211bd1f4b6a94b2e753e1c7b93bc3f
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53386b51cdacd99baec553808a51cb6964b2a6e4b9db4c73d977c3d7311c76b6
53ae656dde4ebea5d83adf77427e1f8e57e99fc5ec88ec693131e5067d23bd48
53b6f8aa7c02adb0c9730ebfbff71b85bbdf7cdffe097fcae4bbfb6eba4a4ae2
5a37180bfc76fe0ea4111ef903813e84a2b43d056ff4bb7ba9306b4a68e3f5c9
676526062e4b39074bb2acb3ffa13b09eb21708e4d1bf973e8f12445d661d8a1
68e1bb2c0e9cf3d61f6878a543063202f5cdac3912b89d15b39979cfd6665f19
7de3f664e0b4eca3205e676eddfade03e359a41438f18359f68cfab5e65d495d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e829fc9489f4d065284060d387030543b1b6f81b8d4a725510e2622181fb784
9658700e56009f4638d3481d52132f00547a095bcfd52838cf38971d699de073
96869d7bcea666472e5a52d421cdb0e934d28a2840c79fda448357bf82259c60
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99b143900183ee930b88b0dba7e744a677e7fe2001b55232014157ae837bf9a8
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a30152d1f2c9e5d8611096c3758139732c9e0133590729c1bee947b2ff4b2a8f
a3569ba4e4863f5321c31ce0686d388d1420e297cd905a0aed8a8829690d9517
aa8b3bd7a9d98a2b0854e954e762024c83a4648a97dfc3829db3e243ba69f417
b0e01fbdb91aa2219c0db55873353d114fbd7639869a83586702c571994b6ff5
bc3d5b624e879bf1738fcbfa238a994f870f3f153cdc1148cc04bfb9a7a057fd
c0f53e2e433a6b3e400b2d4320ccded29deb9341075273c844800c419a760f4f
ca9a332753ad9130976bd5c0d3991fa9d67b995c2ec8e1e12a2c8d7ac7c36d3a
ccaa9ea99455a83bb770a835d90223458efc596a6bdf41a9e9c247504a5a538e
d6b23d0dee780782453f2e7f30470198b0eb4f0833b122e4ae3727d1107a9d10
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
ea404902ed29515473d3a240a09c28b2c11dc7d75ae53b6e7f71ebf5be0ec096
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f2cddaf81105fe5f4778ee7e141395dc8f72488de3c752ec7336a50b6f03e679
f36b1bed79c1bd8cc5d33647de370b6844aa763aad32afc19a986146d0babcbd
fd9cf0feebeb7170a5c785dec20aaa7136c3ba479495bd08ac497cff86977c42
fdc427f5c88da2712be243eebf1eb3cf1e8d000a4697b03d2f81bf9b0faa8d33

www.bain.com Open in urlscan Pro 104.18.17.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

18 %IPv6

8 Domains

11 Subdomains

11 IPs

4 Countries

1643 kBTransfer

4871 kBSize

16 Cookies

11 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bain.com Open in urlscan Pro
104.18.17.68 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

18 %
IPv6

8
Domains

11
Subdomains

11
IPs

4
Countries

1643 kB
Transfer

4871 kB
Size

16
Cookies

52 HTTP transactions
0 data transactions