www.kroll.com Open in urlscan Pro
2606:4700::6812:102a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution
Submission: On August 04 via api (August 4th 2024, 7:47:03 am UTC) from BY — Scanned from DE

Summary HTTP 85 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 17 domains to perform 85 HTTP transactions. The main IP is 2606:4700::6812:102a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kroll.com.
TLS certificate: Issued by E5 on July 22nd 2024. Valid for: 3 months.

This is the only time www.kroll.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2606:4700::68... 2606:4700::6812:102a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	2606:4700::68... 2606:4700::6812:112a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:480... 2a02:26f0:480:f::213:7ece	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
11	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:b000:1e:d7b:ca80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1c7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a9a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:50::12 2620:1ec:50::12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
85	21

28 2606:4700::6812:102a (United States)

ASN13335 (CLOUDFLARENET, US)

www.kroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-kroll.kroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6812:112a (United States)

ASN13335 (CLOUDFLARENET, US)

media-cdn.kroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
learn.kroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:f::213:7ece (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:b000:1e:d7b:ca80:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.searchstax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1c7f (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f8cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:50::12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	kroll.com www.kroll.com media-cdn.kroll.com api-kroll.kroll.com learn.kroll.com	1 MB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 554	176 KB
6	typekit.net p.typekit.net — Cisco Umbrella Rank: 1499 use.typekit.net — Cisco Umbrella Rank: 1178	109 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	3 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1314	4 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	241 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	275 B
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	254 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1019	296 B
1	searchstax.com static.searchstax.com — Cisco Umbrella Rank: 141379	3 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	30 KB
85	17

	Domain	Requested by
27	www.kroll.com	www.kroll.com
16	media-cdn.kroll.com	www.kroll.com
11	cdn.cookielaw.org	www.kroll.com cdn.cookielaw.org
5	use.typekit.net	www.kroll.com
3	region1.analytics.google.com	www.googletagmanager.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.kroll.com connect.facebook.net
2	unpkg.com	1 redirects
2	bat.bing.com	www.googletagmanager.com bat.bing.com
2	www.googletagmanager.com	www.kroll.com www.googletagmanager.com
1	learn.kroll.com	www.kroll.com
1	www.facebook.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	px4.ads.linkedin.com
1	snap.licdn.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	static.searchstax.com	www.kroll.com
1	api-kroll.kroll.com	www.kroll.com
1	code.jquery.com	www.kroll.com
1	p.typekit.net	www.kroll.com
85	22

This site contains links to these domains. Also see Links.

Domain
careers.kroll.com
www.duffandphelps.com
www.linkedin.com
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
www.integritycounts.ca
media-cdn.kroll.com
www.onetrust.com

Subject Issuer	Validity	Valid
kroll.com E5	`2024-07-22` - `2024-10-20`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
searchstax.com Sectigo RSA Organization Validation Secure Server CA	`2023-11-03` - `2024-12-03`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-13` - `2024-08-11`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.de WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution
Frame ID: BA266330874120ED89C9EA7A1221D5C0
Requests: 85 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Novel Technique Combination Used in IDATLOADER Distribution | Cyber Risk | Kroll

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

85
Requests

96 %
HTTPS

100 %
IPv6

17
Domains

22
Subdomains

21
IPs

3
Countries

2071 kB
Transfer

6517 kB
Size

17
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://careers.kroll.com/
Title: CAREERS

Search URL Search Domain Scan URL

URL: https://www.duffandphelps.com/services/disputes-and-investigations/legal-management-consulting/managed-services
Title: Managed Services

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/kroll/
Title: Social-Icons

Search URL Search Domain Scan URL

URL: https://twitter.com/KrollWire
Title: Social-Icons

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wearekroll
Title: Social-Icons

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wearekroll
Title: Social-Icons

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/kroll
Title: Social-Icons

Search URL Search Domain Scan URL

URL: https://www.integritycounts.ca/
Title: Kroll Ethics Hotline

Search URL Search Domain Scan URL

URL: https://media-cdn.kroll.com/jssmedia/assets/pdfs/kroll-slavery-and-human-trafficking-statement.pdf
Title: Modern Slavery Statement

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@4.2.2/dist/web-vitals.iife.js

Request Chain 66

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1722757616440&url=https%3A%2F%2Fwww.kroll.com%2Fen%2Finsights%2Fpublications%2Fcyber%2Fidatloader-distribution&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1722757616440&url=https%3A%2F%2Fwww.kroll.com%2Fen%2Finsights%2Fpublications%2Fcyber%2Fidatloader-distribution&tm=gtmv2&e_ipv6=AQK0q6nnsWeRwwAAAZEcWxPje6VPgLwz_Vv_w4PJ3NnI9HyBlj4pQ7SsJXAXidgDna32SDam28NtloGNDpo53GIvbGYrqA

Request Chain 73

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1043474835687043&ev=PageView&dl=https%3A%2F%2Fwww.kroll.com&rl=&if=false&ts=1722757616940&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1722757616938.120528532451161090&pm=1&hrl=c0811c&ler=empty&cdl=API_unavailable&it=1722757616775&coo=false&cs_cc=1&cas=2294165197339826&rqm=FGET HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D1043474835687043%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fwww.kroll.com%26rl%26if%3Dfalse%26ts%3D1722757616940%26sw%3D1600%26sh%3D1200%26v%3D2.9.164%26r%3Dstable%26ec%3D0%26o%3D4124%26fbp%3Dfb.1.1722757616938.120528532451161090%26pm%3D1%26hrl%3Dc0811c%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1722757616775%26coo%3Dfalse%26cs_cc%3D1%26cas%3D2294165197339826%26rqm%3DFGET

85 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request idatloader-distribution Show response
www.kroll.com/en/insights/publications/cyber/ 325 KB
60 KB 1253ms
1193ms Document
text/html 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

61c03f1e629264ce3dc38275a0fbea93f28fc6c9fee25731e56c11049da57351

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

CF-Cache-Status: DYNAMIC
CF-Ray: 8adcefa2d8d93735-FRA
Cache-Control: public, s-maxage=10, stale-while-revalidate=59
Connection: keep-alive
Content-Encoding: br
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Aug 2024 07:46:53 GMT
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Referrer-Policy: strict-origin
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Powered-By: Next.js
request-context: appId=cid-v1:
x-middleware-rewrite: /en/_site_kroll/insights/publications/cyber/idatloader-distribution
x-sc-rewrite: /_site_kroll/insights/publications/cyber/idatloader-distribution

GET
H/1.1 200
OK 5182240c8d6295e1.css
www.kroll.com/_next/static/css/ 1 MB
127 KB 228ms
181ms Stylesheet
text/css 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/css/5182240c8d6295e1.css

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2485843adbefbc1ca83a1670fa4a1d3de1585cc76af071e262c6eb0f451e831d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 26 Jul 2024 09:41:54 GMT
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Age: 770664
ETag: W/"148d69-190ee6b1794"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
CF-Ray: 8adcefaa9df6920b-FRA
request-context: appId=cid-v1:

GET
H/1.1 200
OK 4faea7a56df9c715.css
www.kroll.com/_next/static/css/ 29 KB
7 KB 364ms
317ms Stylesheet
text/css 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/css/4faea7a56df9c715.css

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f3d85595702fd77aeb8063e61c2fb43582a254f27e280cab4bbf2f7396c202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 26 Jul 2024 09:41:54 GMT
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Age: 770664
ETag: W/"73e0-190ee6b1775"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
CF-Ray: 8adcefaa9eb318b9-FRA
request-context: appId=cid-v1:

GET
H/1.1 200
OK webpack-6b87c4dfd5b4a3b9.js Show response
www.kroll.com/_next/static/chunks/ 2 KB
1 KB 248ms
204ms Script
application/javascript 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/webpack-6b87c4dfd5b4a3b9.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aaa817ba4763ed01b1cab3f64ad7f8d440d264fdf6de4fa9dad1687d89346d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sat, 13 Jan 2024 02:40:01 GMT
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Age: 2104310
ETag: W/"6c5-18d00b0c51d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
CF-Ray: 8adcefaabae003ac-FRA
request-context: appId=cid-v1:

GET
H/1.1 200
OK framework-9404d76916f8a9f9.js Show response
www.kroll.com/_next/static/chunks/ 206 KB
66 KB 258ms
210ms Script
application/javascript 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/framework-9404d76916f8a9f9.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cb43fcb2a053b758441c8dac6d1738dd6d9fee19b7530fd7c21a14b7bf21832

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 26 Apr 2024 09:41:04 GMT
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Age: 8633052
ETag: W/"33701-18f19c7a049"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
CF-Ray: 8adcefaabc709a15-FRA
request-context: appId=cid-v1:

GET
H/1.1 200
OK main-bff998b1b6a9dce5.js Show response
www.kroll.com/_next/static/chunks/ 115 KB
34 KB 460ms
211ms Script
application/javascript 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47bbe04bc037b59eed1c4ed0957263ae563750676dafabe84e68e00b1064472e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 26 Apr 2024 09:41:04 GMT
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Age: 8633052
ETag: W/"1cbf6-18f19c7a049"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
CF-Ray: 8adcefac0c8403ac-FRA
request-context: appId=cid-v1:

GET
H/1.1 200
OK _app-dd5873ffdd538874.js Show response
www.kroll.com/_next/static/chunks/pages/ 15 KB
6 KB 487ms
174ms Script
application/javascript 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/pages/_app-dd5873ffdd538874.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

693837a099b667bafe1bb0a0c3dd1e399d4354559457188353765e126eb75845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 26 Jul 2024 09:41:54 GMT
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Age: 770664
ETag: W/"3c8e-190ee6b1765"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
CF-Ray: 8adcefac68903615-FRA
request-context: appId=cid-v1:

GET
H/1.1 200
OK b637e9a5-c2a222d187f3c3d1.js Show response
www.kroll.com/_next/static/chunks/ 85 KB
30 KB 1096ms
957ms Script
application/javascript 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/b637e9a5-c2a222d187f3c3d1.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e9dddedc7603210ab47959449ab07291a9032faa84a98940207aa2db0ace94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:54 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 26 Apr 2024 09:41:04 GMT
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Age: 8633052
ETag: W/"152b3-18f19c7a03a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
CF-Ray: 8adcefacde729a15-FRA
request-context: appId=cid-v1:

GET
H/1.1 200
OK 728-1cfe971db286611c.js Show response
www.kroll.com/_next/static/chunks/ 977 KB
288 KB 198ms
180ms Script
application/javascript 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/728-1cfe971db286611c.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c05daf349703c8c75d074ee063364f10cf4ee239ab614fdab71bebbf00773c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 26 Jul 2024 09:41:54 GMT
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Age: 770664
ETag: W/"f42f2-190ee6b1746"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
CF-Ray: 8adcefacf95618b9-FRA
request-context: appId=cid-v1:

GET
H/1.1 200
OK 548-703e0a5fa8c4f8a4.js Show response
www.kroll.com/_next/static/chunks/ 572 KB
135 KB 184ms
184ms Script
application/javascript 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/548-703e0a5fa8c4f8a4.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ede9dc127fba99fcbf5117562deb4fd2afc639a06c9b638d1725d5c4e02d8639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 31 Jul 2024 06:37:09 GMT
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Age: 349716
ETag: W/"8eea8-1910781c070"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
CF-Ray: 8adcefad79903615-FRA
request-context: appId=cid-v1:

GET
H/1.1 200
OK %5B%5B...path%5D%5D-c1cc2510584fadeb.js Show response
www.kroll.com/_next/static/chunks/pages/ 267 B
687 B 177ms
177ms Script
application/javascript 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/pages/%5B%5B...path%5D%5D-c1cc2510584fadeb.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59d3f8d87e18dfee69379664d7fb08a6237c60fb59fdf0dbc75140c57856258b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:53 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Fri, 26 Jul 2024 09:41:54 GMT
Server: cloudflare
Age: 770664
ETag: W/"10b-190ee6b1765"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
CF-Ray: 8adcefae787b03ac-FRA
request-context: appId=cid-v1:

GET
H/1.1 200
OK _buildManifest.js Show response
www.kroll.com/_next/static/_h5qa8DDmhvmLGZ4WrQct/ 2 KB
1 KB 217ms
170ms Script
application/javascript 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/_h5qa8DDmhvmLGZ4WrQct/_buildManifest.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f858d583b340bb3ce40494e35e6901890579b885d5548b9dc258321e3903f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:54 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 31 Jul 2024 06:37:09 GMT
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Age: 349717
ETag: W/"839-1910781c061"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
CF-Ray: 8adcefaf1f153735-FRA
request-context: appId=cid-v1:

GET
H/1.1 200
OK _ssgManifest.js Show response
www.kroll.com/_next/static/_h5qa8DDmhvmLGZ4WrQct/ 91 B
573 B 192ms
192ms Script
application/javascript 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/_h5qa8DDmhvmLGZ4WrQct/_ssgManifest.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:54 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 31 Jul 2024 06:37:09 GMT
Server: cloudflare
Age: 349717
ETag: W/"5b-1910781c061"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
CF-Ray: 8adcefaf99c403ac-FRA
request-context: appId=cid-v1:

GET
H2 200 p.css
p.typekit.net/ 5 B
174 B 248ms
35ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=pmd7cky&ht=tk&f=28901.40484.40485.40486.40487.40488.40490.40492.40494&a=91935826&app=typekit&e=css
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 07:46:53 GMT
last-modified: Sun, 19 May 2024 12:57:48 GMT
server: nginx
etag: "6649f74c-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H/1.1 200
OK externalbio.png
media-cdn.kroll.com/jssmedia/ 3 KB
3 KB 651ms
494ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/externalbio.png

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0945f4f93fe22b7173a9e0018a6a749b7ebc9487e47585416b27366abfeab053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:53 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: REVALIDATED
Content-MD5: lqWpmZ5GkkYFCgAShpLRmg==
Cf-Polished: origSize=2919
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 2610
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Thu, 11 Jul 2024 13:32:30 GMT
Last-Modified: Thu, 11 Jul 2024 13:32:30 GMT
Cf-Bgj: imgq:85,h2pri
Server: cloudflare
ETag: "0x8DCA1ADE99615DB"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: d2561f07-c01e-0086-2781-e50cf7000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefabbcda3612-FRA

GET
H/1.1 200
OK idatloader-distribution-1.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 11 KB
11 KB 630ms
472ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-1.png?h=100%25&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

976487b5ab6810e26d7ad797496c12d2073789a490d8b4a04d049e319c358be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:53 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: GfHgeMimNyc9KOpHvY494Q==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 11052
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:30 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:30 GMT
Server: cloudflare
ETag: "0x8DCA305B5E26CCA"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: 7f3af593-301e-0078-3c42-e6fd26000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefabb8879000-FRA

GET
H/1.1 200
OK idatloader-distribution-2.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 102 KB
102 KB 1117ms
616ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-2.png?h=100%25&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c94983f83a0cfbea336be1be7b542f2ce120e5f81dc1f7b344118eb5b9a58288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:54 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: husxFEUY+52Ofx+eVbKjcw==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 104072
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:35 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:35 GMT
Server: cloudflare
ETag: "0x8DCA305B918B4DF"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: 9b3583d7-801e-0011-4642-e65afa000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefade82a1d86-FRA

GET
H/1.1 200
OK idatloader-distribution-3.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 58 KB
59 KB 1125ms
625ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-3.png?h=100%25&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d5e49b2d841cf9f15fed12bdb758253a31602fc15d4cef5116c435c603ebb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:54 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: JiJFswRNlgUvTbeEBes8qQ==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 59702
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:30 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:30 GMT
Server: cloudflare
ETag: "0x8DCA305B62F21F1"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: 910d0bdf-701e-0046-7342-e66a59000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefaddf018eca-FRA

GET
H/1.1 200
OK idatloader-distribution-4.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 58 KB
58 KB 1127ms
629ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-4.png?h=100%25&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4f4ba93d102fbbe9d9d8df0a1e9fd1e7710b3dc0e4ed5addde839ea162172ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:54 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: 9ySpY+PNw7P/EAb0MyaOEg==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 59090
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:36 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:36 GMT
Server: cloudflare
ETag: "0x8DCA305B963958B"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: 1ace3d1b-401e-002f-6c42-e65315000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefaddd62bba9-FRA

GET
H/1.1 200
OK idatloader-distribution-5.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 6 KB
7 KB 659ms
491ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-5.png?h=189&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8818c6ce92d7271b64195c515a5d9351e0eb4c2b0e4c4811a3b8c69e50242594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:53 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: JraFU+V7OF2lV7ThU74yCQ==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 6096
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:30 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:30 GMT
Server: cloudflare
ETag: "0x8DCA305B65E1A49"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: 88799244-b01e-007e-2342-e61c05000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefabce733819-FRA

GET
H/1.1 200
OK idatloader-distribution-6.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 35 KB
36 KB 535ms
535ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-6.png?h=100%25&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb3986fd2acc073eb18172bb6e57ee7d97f42bcb928cff281e072c9fba43c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:54 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: Xf4qdWczyL8Iw/b4GTQVjg==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 35868
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:31 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:31 GMT
Server: cloudflare
ETag: "0x8DCA305B6B26F73"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: 50757855-d01e-003d-5842-e628c5000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefaf1bb39000-FRA

GET
H/1.1 200
OK idatloader-distribution-7.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 18 KB
18 KB 551ms
551ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-7.png?h=100%25&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1708df7a86cecd5d2eb2843132d83e79eeebe5684941baa742d17f9c003f1593

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:54 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: TE4XSPUuSPeZ7IeN/io9xA==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 18004
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:31 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:31 GMT
Server: cloudflare
ETag: "0x8DCA305B6F0CED6"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: 92a0bc43-301e-002b-0642-e64082000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefb029663612-FRA

GET
H/1.1 200
OK idatloader-distribution-8.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 35 KB
36 KB 540ms
540ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-8.png?h=100%25&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e0896a43f474ac8d48ea337dccaf0a9db5e8520f408cc599720d797884023e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:54 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: cx3naIDxxESvVqYldOcEyA==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 36336
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:32 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:32 GMT
Server: cloudflare
ETag: "0x8DCA305B729D7D5"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: fdae5e04-701e-0048-1e42-e6dd79000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefb0cc043819-FRA

GET
H/1.1 200
OK idatloader-distribution-9.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 65 KB
65 KB 605ms
605ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-9.png?h=100%25&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7e6e885338b95a02cbaac9265064c73f40645bc79c729ccda0624fc8ef14c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:55 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: +xUHXQ0eBBkVtZMHKQLWeQ==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 66284
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:32 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:32 GMT
Server: cloudflare
ETag: "0x8DCA305B77FDA6F"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: 1465fde8-401e-004d-3242-e69132000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefb33b7cbba9-FRA

GET
H/1.1 200
OK idatloader-distribution-10.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 42 KB
42 KB 529ms
529ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-10.png?h=100%25&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e1025ec3e9db231f2a41403695811c934c05fd1ae222cd96c648a1ff4809d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:55 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: WTIiany466lHUh3cRowkzg==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 42868
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:33 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:33 GMT
Server: cloudflare
ETag: "0x8DCA305B7DC44B8"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: 5c9d97cf-d01e-0012-5542-e6250e000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefb3480f9000-FRA

GET
H/1.1 200
OK idatloader-distribution-11.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 18 KB
19 KB 438ms
438ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-11.png?h=100%25&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbc59c57d4b5938e5be0958aa9ccd993870a94fef6a3fc9d2841e5cfabce71c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:55 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: tYfHPv90DDTc1kmD55mIXQ==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 18318
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:33 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:33 GMT
Server: cloudflare
ETag: "0x8DCA305B81CEDB4"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: 9353174d-301e-0082-5542-e681f0000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefb44e133612-FRA

GET
H/1.1 200
OK idatloader-distribution-12.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 27 KB
28 KB 541ms
540ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-12.png?h=100%25&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3de2d42ec9fc61775e6a8a861d75ee9bb73a220cf0f321eb69bb37f5b055eccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:55 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: UP/IpzGv4tNh5y3WCf9qeQ==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 27956
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:36 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:36 GMT
Server: cloudflare
ETag: "0x8DCA305B998596D"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: c09738df-301e-0047-0942-e63585000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefb4cf778eca-FRA

GET
H/1.1 200
OK idatloader-distribution-13.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 24 KB
25 KB 523ms
523ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-13.png?h=100%25&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdf3ae15f0dfe2f8fca1d0edf6c09d891845abfd9472781f52cf0bf024d56de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:55 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: sKqfErFtXH/w7HWHKEFkfQ==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 24508
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:34 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:34 GMT
Server: cloudflare
ETag: "0x8DCA305B85E32E2"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: 92a0bc53-301e-002b-0f42-e64082000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefb4e8ca3819-FRA

GET
H/1.1 200
OK idatloader-distribution-14.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 30 KB
30 KB 524ms
524ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-14.png?h=100%25&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddbd38e4aa0091bd12ae96b912adacfd4fc9967747bf641931238611288e3129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:55 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: 9wI42PGC2tNZZqPuLWRr9w==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 30500
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:36 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:36 GMT
Server: cloudflare
ETag: "0x8DCA305B9DD959B"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: bc4e21c3-701e-0015-6042-e6d7fd000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefb5b9931d86-FRA

GET
H/1.1 200
OK idatloader-distribution-15.png
media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/ 42 KB
43 KB 537ms
537ms Image
image/png 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/insights/idatloader-distribution/idatloader-distribution-15.png?h=100%25&w=100%25

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7d76bb85548d1575c278d7418ea22c7d96002fea30af8d11f3c7e702e9e4a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 07:46:55 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Content-MD5: h5Q4ofdXdoJcYO5YOc4wjQ==
x-ms-server-encrypted: true
Connection: keep-alive
Content-Length: 43312
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Sat, 13 Jul 2024 06:33:34 GMT
Last-Modified: Sat, 13 Jul 2024 06:33:34 GMT
Server: cloudflare
ETag: "0x8DCA305B8AF061E"
Vary: Accept-Encoding
Content-Type: image/png
x-ms-request-id: c3402973-e01e-0054-6342-e61189000000
x-ms-version: 2022-11-02
Accept-Ranges: bytes
CF-Ray: 8adcefb7abf49000-FRA

GET
H/1.1 200
OK email-decode.min.js Show response
www.kroll.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 30ms
24ms Script
application/javascript 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 Jul 2024 21:56:14 GMT
Server: cloudflare
Content-Encoding: gzip
ETag: W/"66a9617e-4d7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
Connection: keep-alive
CF-RAY: 8adcefac38673615-FRA
Expires: Tue, 06 Aug 2024 07:46:53 GMT

GET
H/1.1 200
OK right-arrow-hover.011d0586.svg
www.kroll.com/_next/static/media/ 502 B
781 B 168ms
168ms Image
image/svg+xml 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/_next/static/media/right-arrow-hover.011d0586.svg

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/css/4faea7a56df9c715.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2834f9b82c4c204a45b78aa75d5fd38ca0e07df3899a10b0d44e02aa05959c9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/_next/static/css/4faea7a56df9c715.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:54 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Fri, 26 Apr 2024 09:41:04 GMT
Server: cloudflare
Age: 8632977
ETag: W/"1f6-18f19c7a0b7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
CF-Ray: 8adcefafe961920b-FRA
request-context: appId=cid-v1:

GET
H/1.1 200
OK right-arrow.d22e5af3.svg
www.kroll.com/_next/static/media/ 485 B
770 B 246ms
205ms Image
image/svg+xml 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/_next/static/media/right-arrow.d22e5af3.svg

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/css/4faea7a56df9c715.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a43925d049aff91c2b5774062181a55ce127ee60db35867c8b7227bf2aab06e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kroll.com/_next/static/css/4faea7a56df9c715.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:54 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Fri, 26 Apr 2024 09:41:04 GMT
Server: cloudflare
Age: 8632598
ETag: W/"1e5-18f19c7a0c6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
CF-Ray: 8adcefb028563735-FRA
request-context: appId=cid-v1:

GET
H2 200 l
use.typekit.net/af/ff2f63/00000000000000007735b8ff/30/ 22 KB
23 KB 422ms
343ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ff2f63/00000000000000007735b8ff/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 308a9c476c3561fadda0e17654698bd328ee9f4cd743f6a714a784e217ec0b7b

Request headers

Referer: https://www.kroll.com/
Origin: https://www.kroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 07:46:54 GMT
server: nginx
etag: "575f27d0430e8d1712e555d32fac51d3e2d0419a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22944

GET
H2 200 l
use.typekit.net/af/42930b/00000000000000007735b8f6/30/ 22 KB
22 KB 440ms
362ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/42930b/00000000000000007735b8f6/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d15c48611b9c47c0e2f62ccde572a3925911ee9bbbbd47a2f686d294594d07fb

Request headers

Referer: https://www.kroll.com/
Origin: https://www.kroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 07:46:54 GMT
server: nginx
etag: "eded4f04a82d452a8cbdbd77cbfeb2827dc8164b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22596

GET
H2 200 l
use.typekit.net/af/cc6127/00000000000000007735b904/30/ 22 KB
22 KB 747ms
669ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cc6127/00000000000000007735b904/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8b3d63582f102c09b0569a1c48c09cbfdd5379138c2284db554f52a4a005a46f

Request headers

Referer: https://www.kroll.com/
Origin: https://www.kroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 07:46:54 GMT
server: nginx
etag: "a75b36b43118707b7b5c1ffadc4989706090b88e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22608

GET
H2 200 l
use.typekit.net/af/0fa94e/00000000000000007735a098/30/ 20 KB
20 KB 99ms
20ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0fa94e/00000000000000007735a098/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4d612da165bfae98c86fde27c80b48ee65eabc425f8d2c916f6dca0e09fe02b3

Request headers

Referer: https://www.kroll.com/
Origin: https://www.kroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 07:46:54 GMT
server: nginx
etag: "e6cdd128d302fc151cf53e279ed70d832b77d2aa"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20024

GET
H2 200 l
use.typekit.net/af/7ac87a/00000000000000007735b8f0/30/ 22 KB
22 KB 362ms
284ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7ac87a/00000000000000007735b8f0/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ef4dfeb8629df21ab8939a77ed8c83a0cd69142b66e3bf2d94f1c1284092c40d

Request headers

Referer: https://www.kroll.com/
Origin: https://www.kroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 07:46:54 GMT
server: nginx
etag: "0e49eef4170a0f869d093451710f6ed87674d9c1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22388

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 83ms
22ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 07:46:55 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4126884
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga21981-LGA, cache-fra-etou8220094-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1722757615.469800,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 9, 139359

GET
H/1.1 200
OK en Show response
api-kroll.kroll.com/sitecore/api/jss/dictionary/kroll/ 5 KB
4 KB 771ms
460ms XHR
application/json 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-kroll.kroll.com/sitecore/api/jss/dictionary/kroll/en?sc_apikey=%7B30BA3E42-5FB0-4053-BE9E-C2CEA63FA90A%7D

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/728-1cfe971db286611c.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8149e0b470fb5df0ac930313119ab2ee6a0e2e86dbf59e169ec1ebd8f7312126

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://s.gravatar.com https://*.wp.com/cdn.auth0.com/avatars; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://s.gravatar.com https://*.wp.com/cdn.auth0.com/avatars; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests;
Connection: keep-alive
Content-Length: 1894
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:3dfd2907-6c9e-41e0-a442-0b72cda5bba8
Pragma: no-cache
Referrer-Policy: same-origin
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
Server: cloudflare
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-RAY: 8adcefba4f452c3a-FRA
Expires: -1

GET
H/1.1 200
OK privacy-policy.json Show response
www.kroll.com/_next/data/_h5qa8DDmhvmLGZ4WrQct/en/ 2 B
821 B 585ms
584ms Fetch 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/_h5qa8DDmhvmLGZ4WrQct/en/privacy-policy.json?path=privacy-policy

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://www.kroll.com/
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Date: Sun, 04 Aug 2024 07:46:55 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
x-sc-rewrite: /_site_kroll/privacy-policy
x-middleware-skip: 1
Connection: keep-alive
Content-Length: 2
request-context: appId=cid-v1:
x-middleware-rewrite: /en/_site_kroll/privacy-policy?path=privacy-policy
Referrer-Policy: strict-origin
Server: cloudflare
X-Frame-Options: DENY
Vary: Accept-Encoding
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 8adcefb86dc318b9-FRA
x-nextjs-rewrite: /en/_site_kroll/privacy-policy?path=privacy-policy

GET
H/1.1 200
OK terms-of-use.json Show response
www.kroll.com/_next/data/_h5qa8DDmhvmLGZ4WrQct/en/ 2 B
811 B 304ms
303ms Fetch 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/_h5qa8DDmhvmLGZ4WrQct/en/terms-of-use.json?path=terms-of-use

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://www.kroll.com/
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Date: Sun, 04 Aug 2024 07:46:55 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
x-sc-rewrite: /_site_kroll/terms-of-use
x-middleware-skip: 1
Connection: keep-alive
Content-Length: 2
request-context: appId=cid-v1:
x-middleware-rewrite: /en/_site_kroll/terms-of-use?path=terms-of-use
Referrer-Policy: strict-origin
Server: cloudflare
X-Frame-Options: DENY
Vary: Accept-Encoding
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 8adcefb869f19a15-FRA
x-nextjs-rewrite: /en/_site_kroll/terms-of-use?path=terms-of-use

GET
H/1.1 200
OK services.json Show response
www.kroll.com/_next/data/_h5qa8DDmhvmLGZ4WrQct/en/ 2 B
791 B 589ms
588ms Fetch 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/_h5qa8DDmhvmLGZ4WrQct/en/services.json?path=services

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://www.kroll.com/
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Date: Sun, 04 Aug 2024 07:46:56 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
x-sc-rewrite: /_site_kroll/services
x-middleware-skip: 1
Connection: keep-alive
Content-Length: 2
request-context: appId=cid-v1:
x-middleware-rewrite: /en/_site_kroll/services?path=services
Referrer-Policy: strict-origin
Server: cloudflare
X-Frame-Options: DENY
Vary: Accept-Encoding
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 8adcefb88e4e3615-FRA
x-nextjs-rewrite: /en/_site_kroll/services?path=services

GET
H/1.1 200
OK hotlines.json Show response
www.kroll.com/_next/data/_h5qa8DDmhvmLGZ4WrQct/en/ 2 B
791 B 573ms
572ms Fetch 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/_h5qa8DDmhvmLGZ4WrQct/en/hotlines.json?path=hotlines

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://www.kroll.com/
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Date: Sun, 04 Aug 2024 07:46:56 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
x-sc-rewrite: /_site_kroll/hotlines
x-middleware-skip: 1
Connection: keep-alive
Content-Length: 2
request-context: appId=cid-v1:
x-middleware-rewrite: /en/_site_kroll/hotlines?path=hotlines
Referrer-Policy: strict-origin
Server: cloudflare
X-Frame-Options: DENY
Vary: Accept-Encoding
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 8adcefb88c9c3735-FRA
x-nextjs-rewrite: /en/_site_kroll/hotlines?path=hotlines

GET
H/1.1 200
OK contactus.json Show response
www.kroll.com/_next/data/_h5qa8DDmhvmLGZ4WrQct/en/ 2 B
796 B 567ms
566ms Fetch 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/_h5qa8DDmhvmLGZ4WrQct/en/contactus.json?path=contactus

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://www.kroll.com/
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Date: Sun, 04 Aug 2024 07:46:55 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
x-sc-rewrite: /_site_kroll/contactus
x-middleware-skip: 1
Connection: keep-alive
Content-Length: 2
request-context: appId=cid-v1:
x-middleware-rewrite: /en/_site_kroll/contactus?path=contactus
Referrer-Policy: strict-origin
Server: cloudflare
X-Frame-Options: DENY
Vary: Accept-Encoding
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 8adcefb88f8c920b-FRA
x-nextjs-rewrite: /en/_site_kroll/contactus?path=contactus

GET
H/1.1 200
OK en.json Show response
www.kroll.com/_next/data/_h5qa8DDmhvmLGZ4WrQct/ 2 B
753 B 580ms
580ms Fetch 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/_h5qa8DDmhvmLGZ4WrQct/en.json?path=en

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://www.kroll.com/
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Date: Sun, 04 Aug 2024 07:46:56 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
x-sc-rewrite: /_site_kroll/
x-middleware-skip: 1
Connection: keep-alive
Content-Length: 2
request-context: appId=cid-v1:
x-middleware-rewrite: /en/_site_kroll?path=en
Referrer-Policy: strict-origin
Server: cloudflare
X-Frame-Options: DENY
Vary: Accept-Encoding
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 8adcefb88d3e03ac-FRA
x-nextjs-rewrite: /en/_site_kroll?path=en

GET
H/1.1 200
OK cyber.json Show response
www.kroll.com/_next/data/_h5qa8DDmhvmLGZ4WrQct/en/insights/publications/ 2 B
906 B 879ms
596ms Fetch 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/_h5qa8DDmhvmLGZ4WrQct/en/insights/publications/cyber.json?path=insights&path=publications&path=cyber

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://www.kroll.com/
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Date: Sun, 04 Aug 2024 07:46:56 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
x-sc-rewrite: /_site_kroll/insights/publications/cyber
x-middleware-skip: 1
Connection: keep-alive
Content-Length: 2
request-context: appId=cid-v1:
x-middleware-rewrite: /en/_site_kroll/insights/publications/cyber?path=cyber&path=insights&path=publications
Referrer-Policy: strict-origin
Server: cloudflare
X-Frame-Options: DENY
Vary: Accept-Encoding
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 8adcefba6c279a15-FRA
x-nextjs-rewrite: /en/_site_kroll/insights/publications/cyber?path=cyber&path=insights&path=publications

GET
H/1.1 200
OK 4faea7a56df9c715.css Show response
www.kroll.com/_next/static/css/ 29 KB
0 0ms
0ms Fetch
text/css 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kroll.com/_next/static/css/4faea7a56df9c715.css
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11f3d85595702fd77aeb8063e61c2fb43582a254f27e280cab4bbf2f7396c202

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 26 Jul 2024 09:41:54 GMT
Server: cloudflare
Age: 770664
ETag: W/"73e0-190ee6b1775"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
CF-Ray: 8adcefaa9eb318b9-FRA
request-context: appId=cid-v1:

GET
H/1.1 200
OK favicon.png
www.kroll.com/ 22 KB
23 KB 692ms
674ms Other
image/png 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/favicon.png?mw=32&mh=32

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc9afb080826c41e45a20d57ae8e4852ada3895441ddbb93a2cf2222aea007b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:56 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Content-Security-Policy: frame-ancestors 'self'
Connection: keep-alive
Content-Length: 22638
request-context: appId=cid-v1:
Referrer-Policy: strict-origin
Last-Modified: Wed, 03 Jan 2024 13:56:02 GMT
Server: cloudflare
ETag: W/"586e-18ccf9c180f"
Vary: Accept-Encoding
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=0
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 8adcefbc19be18b9-FRA

GET
H/1.1 200
OK db.js Show response
www.kroll.com/ 10 KB
4 KB 549ms
548ms Script
application/javascript 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/db.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69ea2cf5decd69fee9230fb040971b61d5b2ccd2b6e264e2088e4f04ec8786c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: frame-ancestors 'self'
Transfer-Encoding: chunked
Connection: keep-alive
request-context: appId=cid-v1:
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Jul 2024 09:41:54 GMT
Server: cloudflare
ETag: W/"2958-190ee6b17a4"
Vary: Accept-Encoding
X-Frame-Options: DENY
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 8adcefbc1a30920b-FRA

GET
H/1.1 200
OK scroll.js Show response
www.kroll.com/ 2 KB
2 KB 557ms
557ms Script
application/javascript 2606:4700::6812:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/scroll.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa945428d0f321d0de0cf84d758b6139ab07f0dfd5255e0fe063d84952b7ee42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: frame-ancestors 'self'
Transfer-Encoding: chunked
Connection: keep-alive
request-context: appId=cid-v1:
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Jul 2024 09:41:54 GMT
Server: cloudflare
ETag: W/"8e6-190ee6b17b4"
Vary: Accept-Encoding
X-Frame-Options: DENY
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 8adcefbc28fe3735-FRA

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/ 9 KB
3 KB 93ms
45ms Script
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/OtAutoBlock.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fec0b27ddd08709211d8db4628d635c33458f004ca9ca800101e1fc2911329a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 04 Aug 2024 07:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 76726
content-md5: 3y3QD1yESEqtgjFZVjHleQ==
content-length: 2664
x-ms-lease-status: unlocked
last-modified: Fri, 02 Aug 2024 10:18:18 GMT
server: cloudflare
etag: 0x8DCB2DC6DF395D4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: dfdb6998-201e-0098-58c5-e41db5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8adcefbc495f972f-FRA
expires: Mon, 05 Aug 2024 07:46:56 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 81ms
33ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 04 Aug 2024 07:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Wbr2pAeg61Hfi+2FuD0cYA==
age: 9
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Thu, 01 Aug 2024 19:30:11 GMT
server: cloudflare
etag: 0x8DCB2605C9885B3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a81b3871-601e-001c-060c-e54b9d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8adcefbc4960972f-FRA
expires: Mon, 05 Aug 2024 07:46:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 596 KB
138 KB 118ms
65ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dcf71c362ded00e7da1138606d19a5ed84a15e5bd4228dcb116e5834eb43c2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 07:46:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140450
x-xss-protection: 0
last-modified: Sun, 04 Aug 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 04 Aug 2024 07:46:56 GMT

GET
H2 200 studio-analytics.js Show response
static.searchstax.com/studio-js/v3/js/ 9 KB
3 KB 111ms
21ms Script
application/javascript 2600:9000:2156:b000:1e:d7b:ca80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.searchstax.com/studio-js/v3/js/studio-analytics.js
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b000:1e:d7b:ca80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e273f97d09c191727b7b31e33582f5ae140b698f4f782aac6d6453535e4cb0dd

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 00:42:19 GMT
content-encoding: gzip
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jul 2024 16:23:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 25543
x-amz-server-side-encryption: AES256
etag: W/"591b5f5c717e29909cb75830414e0828"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 1jPh3tifF63VkN3gCGjcdsMbIGoVYl14I5wyud5wjWOcG1jePiXzDg==

GET
H2 200 db8fa0ce-73a5-4e3f-9b55-60b230386b60.json Show response
cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/ 5 KB
2 KB 89ms
47ms XHR
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/db8fa0ce-73a5-4e3f-9b55-60b230386b60.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2d4d434cd0f6ee8d54ffbef36245e2eda0df162ce19158573a6accd6ae99dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 04 Aug 2024 07:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 76726
content-md5: cIiccX5LzfGGWrNgGS2dTQ==
content-length: 1691
x-ms-lease-status: unlocked
last-modified: Fri, 02 Aug 2024 10:18:18 GMT
server: cloudflare
etag: 0x8DCB2DC6DCFBB2F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0be29d9c-d01e-002c-27c5-e411b7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8adcefbcc8f91952-FRA
expires: Mon, 05 Aug 2024 07:46:56 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
296 B 173ms
65ms XHR
application/json 2606:4700::6812:1c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 07:46:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8adcefbdda3691de-FRA
access-control-allow-headers: Content-Type

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 315 KB
104 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S0E5692XKD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb3920f565f06995ea5e9a0004a8367a0b2b4b2fc71b3829490f6b1f6690e452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 07:46:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106042
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Aug 2024 07:46:56 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 232ms
82ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 04 Aug 2024 07:46:55 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4C8F62B2286B436A82449EAD469E6E19 Ref B: DUS30EDGE0717 Ref C: 2024-08-04T07:46:56Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@4.2.2/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@4.2.2/dist/web-vitals.iife.js

7 KB
3 KB

31ms
30ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@4.2.2/dist/web-vitals.iife.js

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e6b3272816c9b6efeb0b3ccc16326c123d9860f38d7c7c4fc215334559996e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 07:46:56 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1517222
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J30YR64S738N00GM2VN9722J-fra
server: cloudflare
etag: "1c28-4f+2/GWZhXlozjo2GiBA+7VB9Ow"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8adcefbe9af9373b-FRA

Redirect headers

date: Sun, 04 Aug 2024 07:46:56 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J4E5KR7A0BKK2J234Y07605M-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 78
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@4.2.2/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8adcefbe5aa8373b-FRA

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 113ms
34ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 07:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2024 05:33:09 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=77215
accept-ranges: bytes
content-length: 14597

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 74ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/insights/publications/cyber/idatloader-distribution

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 04 Aug 2024 07:46:56 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1328, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: Qsawh5do5Kln/PzjGeNHnnTG22SDBUhWWjOTlTur5fH+6x5LpTCwsts0wGsPuBO4gZo5phhxkaPBmMbzXjWh3Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 75ms
24ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Aug 2024 06:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4669
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 04 Aug 2024 08:29:07 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202407.1.0/ 451 KB
110 KB 33ms
33ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51c8dc48fb49d5df075bf32d6655815cce9440a80bef0458f72a5bb85fa96d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 04 Aug 2024 07:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OB5ZPaM1F+xqSvW4fnjknQ==
age: 60584
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 112090
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jul 2024 02:02:43 GMT
server: cloudflare
etag: 0x8DCAB84B4C53B13
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 40aab4d2-001e-0048-0fd9-dda117000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8adcefbe3bc0972f-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 28ms
27ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=91875334&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kroll.com%2Fen%2Finsights%2Fpublications%2Fcyber%2Fidatloader-distribution&ul=de-de&de=UTF-8&dt=Novel%20Technique%20Combination%20Used%20in%20IDATLOADER%20Distribution%20%7C%20Cyber%20Risk%20%7C%20Kroll&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAEK~&jid=1425129804&gjid=2079782996&cid=2047814944.1722757616&tid=UA-7299730-1&_gid=2109550834.1722757616&_r=1&_slc=1&gtm=45He47v0n81PWHXW75v79996530za200&cd5=1722757616334.b1p35cte&cd6=2024-08-04%20Time%3A%2009%3A46%3A56.334%20%2B02%3A00&cd8=&cd9=GTM-PWHXW75%3B%20version%20ID%3A%20293&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250752&cd4=2047814944.1722757616&cd7=pageview&npa=1&z=933257934

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 07:46:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kroll.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
915 B 194ms
126ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 04 Aug 2024 07:46:55 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5F97B6F36C9644CA82E96D77AF7971AF Ref B: DUS30EDGE0912 Ref C: 2024-08-04T07:46:56Z
linkedin-action: 1
vary: Origin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
access-control-allow-origin: https://www.kroll.com
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYe1sPE8a/A/+spGIngCg==

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
812 B 605ms
544ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=654419&time=1722757616440&url=https%3A%2F%2Fwww.kroll.com%2Fen%2Finsights%2Fpublications%2Fcyber%2Fidatloader-distribution&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 07:46:56 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: EC89EB368B8E4DA5A76B3271E514E520 Ref B: FRAEDGE1214 Ref C: 2024-08-04T07:46:56Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYe1sPKxEZtgx7ueRuKGQ==
x-fs-uuid: 00061ed6c3cac4466d831eee791b8a19

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1722757616440&url=https%3A%2F%2Fwww.kroll.com%2Fen%2Finsights%2Fpublications%2Fcyber%2Fidatloader-distribution&tm=gtmv2
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1722757616440&url=https%3A%2F%2Fwww.kroll.com%2Fen%2Finsights%2Fpublications%2Fcyber%2Fidatloader-distribution&tm=gtmv2&e_ipv6=AQK0q6...

0
267 B

313ms
202ms

Image
application/javascript

2620:1ec:50::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1722757616440&url=https%3A%2F%2Fwww.kroll.com%2Fen%2Finsights%2Fpublications%2Fcyber%2Fidatloader-distribution&tm=gtmv2&e_ipv6=AQK0q6nnsWeRwwAAAZEcWxPje6VPgLwz_Vv_w4PJ3NnI9HyBlj4pQ7SsJXAXidgDna32SDam28NtloGNDpo53GIvbGYrqA
Protocol: H2
Server: 2620:1ec:50::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 07:46:56 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9647E3D0DC03420CB65A563F1254F513 Ref B: FRA231050411021 Ref C: 2024-08-04T07:46:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYe1sPKPyhEL317lU3ukQ==

Redirect headers

date: Sun, 04 Aug 2024 07:46:55 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 727F9635A1BE4B36BED3FE427914F60A Ref B: DUS30EDGE0912 Ref C: 2024-08-04T07:46:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1722757616440&url=https%3A%2F%2Fwww.kroll.com%2Fen%2Finsights%2Fpublications%2Fcyber%2Fidatloader-distribution&tm=gtmv2&e_ipv6=AQK0q6nnsWeRwwAAAZEcWxPje6VPgLwz_Vv_w4PJ3NnI9HyBlj4pQ7SsJXAXidgDna32SDam28NtloGNDpo53GIvbGYrqA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYe1sPFlWKasIDShjxh9g==

GET
H2 200 1043474835687043 Show response
connect.facebook.net/signals/config/ 57 KB
12 KB 76ms
75ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1043474835687043?v=2.9.164&r=stable&domain=www.kroll.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca4e50fd5dd7463d1aaf759c82e6b496046134952084afad10f78243671dee87

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 04 Aug 2024 07:46:56 GMT
document-policy: force-load-at-top
x-fb-server-load: 40
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=52, c=44, mss=1328, tbw=64419, tp=-1, tpl=-1, uplat=54, ullat=0
pragma: public
x-fb-debug: iZfYuByuUXuMB3x1rmRK6dY+S+YnwkepDUKzBWfyRww428DjqHZAjEdvQTGDSbaFFn+pNafYIiwQEiie+5lbqQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 83ms
28ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-S0E5692XKD&gtm=45je47v0v882864807z879996530za200zb79996530&_p=1722757615990&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=2047814944.1722757616&ecid=579818207&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722757616&sct=1&seg=0&dl=https%3A%2F%2Fwww.kroll.com%2Fen%2Finsights%2Fpublications%2Fcyber%2Fidatloader-distribution&dt=Novel%20Technique%20Combination%20Used%20in%20IDATLOADER%20Distribution%20%7C%20Cyber%20Risk%20%7C%20Kroll&en=page_load_time&ep.tag_name=Page%20Load%20Time%20GA4&ep.gtm_container_and_version_id=GTM-PWHXW75%3B%20Version%20ID%3A%20293&ep.hit_timestamp=2024-08-04%20Time%3A%2009%3A46%3A56.340%20%2B02%3A00&epn.loading_time_sec=4.08&_et=1&tfd=5025
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S0E5692XKD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 07:46:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kroll.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 83ms
29ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-S0E5692XKD&gtm=45je47v0v882864807z879996530za200zb79996530&_p=1722757615990&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=2047814944.1722757616&ecid=579818207&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1722757616&sct=1&seg=0&dl=https%3A%2F%2Fwww.kroll.com%2Fen%2Finsights%2Fpublications%2Fcyber%2Fidatloader-distribution&dt=Novel%20Technique%20Combination%20Used%20in%20IDATLOADER%20Distribution%20%7C%20Cyber%20Risk%20%7C%20Kroll&en=page_view&_fv=1&_ss=1&ep.tag_name=GA4%20-%20Configuration&ep.gtm_container_and_version_id=GTM-PWHXW75%3B%20Version%20ID%3A%20293&ep.hit_timestamp=2024-08-04%20Time%3A%2009%3A46%3A56.300%20%2B02%3A00&tfd=5025
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S0E5692XKD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 07:46:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kroll.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 94ms
28ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S0E5692XKD&cid=2047814944.1722757616&gtm=45je47v0v882864807z879996530za200zb79996530&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=95250753
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S0E5692XKD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 07:46:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kroll.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 76ms
46ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S0E5692XKD&cid=2047814944.1722757616&gtm=45je47v0v882864807z879996530za200zb79996530&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=95250753&tag_exp=95250753&z=1976294340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 07:46:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
275 B 73ms
21ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1043474835687043&ev=PageView&dl=https%3A%2F%2Fwww.kroll.com&rl=&if=false&ts=1722757616940&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1722757616938.120528532451161090&pm=1&hrl=c0811c&ler=empty&cdl=API_unavailable&it=1722757616775&coo=false&cs_cc=1&cas=2294165197339826&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=2807, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 04 Aug 2024 07:46:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET

/
www.facebook.com/login/
Redirect Chain

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1043474835687043&ev=PageView&dl=https%3A%2F%2Fwww.kroll.com&rl=&if=false&ts=1722757616940&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D1043474835687043%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fwww.kroll.co...

0
0

GET
H2 200 56180571.js Show response
bat.bing.com/p/action/ 335 B
404 B 48ms
47ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56180571.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e6eae0251ff9d9602e618bd779c3c7234b243fb71da5afa4e502443e9c007bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 04 Aug 2024 07:46:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 59D0D52C20F04D19BD8BE04018E1B4AE Ref B: DUS30EDGE0717 Ref C: 2024-08-04T07:46:56Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/01911298-2820-78f8-ad63-e9c7de680deb/ 79 KB
18 KB 40ms
40ms Fetch
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/01911298-2820-78f8-ad63-e9c7de680deb/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fecb0360330011380851e37c2545ac80be0a830070186b3d9f208356acb1771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 04 Aug 2024 07:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 76726
content-md5: QEnSS2uuuh6TbeTN5h2glg==
content-length: 17763
x-ms-lease-status: unlocked
last-modified: Fri, 02 Aug 2024 10:18:21 GMT
server: cloudflare
etag: 0x8DCB2DC6FD0ED92
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3cc3c9de-d01e-00e0-3ac5-e47502000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8adcefc23efc1952-FRA
expires: Mon, 05 Aug 2024 07:46:57 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202407.1.0/assets/ 13 KB
3 KB 32ms
31ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 04 Aug 2024 07:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Jby9k1ulZUoqHRoLPkzJJA==
age: 58733
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3003
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jul 2024 02:02:37 GMT
server: cloudflare
etag: 0x8DCAB84B133BB3A
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 67ed2116-401e-0022-20c5-e1fdbc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8adcefc338071952-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202407.1.0/assets/v2/ 64 KB
14 KB 35ms
35ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b0dc3066786d9507f347b076d34abc4c6f92f32ba5ff9d61d109c6b2b9b2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 04 Aug 2024 07:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +z0Wst4HOc7DAF08nB2Quw==
age: 58074
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13789
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jul 2024 02:02:40 GMT
server: cloudflare
etag: 0x8DCAB84B2B354D2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 871cb8fc-e01e-0060-3bc5-e1d6a8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8adcefc338081952-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202407.1.0/assets/ 24 KB
4 KB 32ms
31ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 04 Aug 2024 07:46:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: HyPJ72TNHxdfOI82cqKVqA==
age: 58733
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jul 2024 02:02:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 7556d526-001e-0043-49c5-e1b963000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8adcefc3380a1952-FRA

GET
H/1.1 200
OK ot_close
learn.kroll.com/-/media/kroll-images/aboutus/images/ 854 B
2 KB 610ms
542ms Image
image/svg+xml 2606:4700::6812:112a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://learn.kroll.com/-/media/kroll-images/aboutus/images/ot_close

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/css/5182240c8d6295e1.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:112a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88158137f0bd3e348d6d208070e5b0176fb2e06f53847dbf849ae86632444dd0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 07:46:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
CF-Cache-Status: MISS
x-permitted-cross-domain-policies: none
Content-Encoding: br
Transfer-Encoding: chunked
Content-Disposition: inline; filename="ot_close.svg"
Connection: keep-alive
X-XSS-Protection: 1; mode=block
request-context: appId=cid-v1:3dfd2907-6c9e-41e0-a442-0b72cda5bba8
Referrer-Policy: same-origin
Last-Modified: Wed, 28 Feb 2024 11:25:18 GMT
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
Server: cloudflare
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: public, max-age=604010,public
permissions-policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-RAY: 8adcefc49b45049f-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 37ms
37ms Fetch
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 04 Aug 2024 07:46:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 65689
x-ms-lease-status: unlocked
last-modified: Thu, 01 Aug 2024 19:30:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a615a161-d01e-0005-38f5-e467f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8adcefc429581952-FRA

GET
H2 200 Kroll.png
cdn.cookielaw.org/logos/0453826c-66bd-4b22-8370-04eafb384ea3/db8fa0ce-73a5-4e3f-9b55-60b230386b60/cfc094b9-8d06-43f4-ba32-1d34cd6a668d/ 12 KB
12 KB 41ms
40ms Image
image/png 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/0453826c-66bd-4b22-8370-04eafb384ea3/db8fa0ce-73a5-4e3f-9b55-60b230386b60/cfc094b9-8d06-43f4-ba32-1d34cd6a668d/Kroll.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74bfd6cab6c8204b1b9a82df0724714101b96af65bc74df3ed192c10471e3323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 04 Aug 2024 07:46:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /pX6N7rNfVMyKKEcFftBrQ==
age: 10496
content-length: 12029
x-ms-lease-status: unlocked
last-modified: Mon, 24 Jan 2022 12:37:00 GMT
server: cloudflare
etag: 0x8D9DF36377B5B26
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: fbbd6a9f-101e-0041-749a-226167000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8adcefc43ba8972f-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 34ms
33ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 04 Aug 2024 07:46:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 26861
x-ms-lease-status: unlocked
last-modified: Thu, 01 Aug 2024 19:30:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 7c74d3bd-401e-00cc-6d0f-e5f73f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8adcefc43bab972f-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 30ms
29ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-S0E5692XKD&gtm=45je47v0v882864807z879996530za200zb79996530&_p=1722757615990&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=2047814944.1722757616&ecid=579818207&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1722757616&sct=1&seg=0&dl=https%3A%2F%2Fwww.kroll.com%2Fen%2Finsights%2Fpublications%2Fcyber%2Fidatloader-distribution&dt=Novel%20Technique%20Combination%20Used%20in%20IDATLOADER%20Distribution%20%7C%20Cyber%20Risk%20%7C%20Kroll&en=fetch_user_data&ep.tag_name=GA4%20-%20fetch%20user%20data&ep.gtm_container_and_version_id=GTM-PWHXW75%3B%20Version%20ID%3A%20293&ep.hit_timestamp=2024-08-04%20Time%3A%2009%3A46%3A56.946%20%2B02%3A00&ep.custom_session_id=1722757616&_et=22&up.custom_client_id=2047814944.1722757616.&tfd=10047
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S0E5692XKD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 07:47:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kroll.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D1043474835687043%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fwww.kroll.com%26rl%26if%3Dfalse%26ts%3D1722757616940%26sw%3D1600%26sh%3D1200%26v%3D2.9.164%26r%3Dstable%26ec%3D0%26o%3D4124%26fbp%3Dfb.1.1722757616938.120528532451161090%26pm%3D1%26hrl%3Dc0811c%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1722757616775%26coo%3Dfalse%26cs_cc%3D1%26cas%3D2294165197339826%26rqm%3DFGET

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.kroll.com/en	1970-01-21 07:18:13	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Aug+04+2024+09%3A46%3A57+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202407.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=532c911f-5d23-416d-9fbb-0183a834dcec&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.kroll.com%2Fen%2Finsights%2Fpublications%2Fcyber%2Fidatloader-distribution&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
www.kroll.com/	1969-12-31 23:59:59	Name: sc_site Value: kroll
www.kroll.com/	1969-12-31 23:59:59	Name: kroll#lang Value: en
.www.kroll.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 45caec5f8b8589139a5811d2f50b167cb1387a209cefe483cc42e670050fbec3
.www.kroll.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 45caec5f8b8589139a5811d2f50b167cb1387a209cefe483cc42e670050fbec3
www.kroll.com/	1970-01-20 22:32:41	Name: searchcookie Value: ntMNrnSzlwMBu0Qjh80ZaF4K5
.kroll.com/	1970-01-21 00:42:13	Name: _gcl_au Value: 1.1.276994338.1722757616
.kroll.com/	1970-01-20 22:34:04	Name: _gid Value: GA1.2.2109550834.1722757616
.kroll.com/	1970-01-20 22:32:37	Name: _gat_UA-7299730-1 Value: 1
.linkedin.com/	1970-01-21 07:18:13	Name: bcookie Value: "v=2&74039fe2-c827-42e7-8417-a0d5758c9298"
.linkedin.com/	1970-01-21 02:51:49	Name: li_gc Value: MTswOzE3MjI3NTc2MTY7MjswMjF8u9yxusp04Aq7/x+QicnDOUHsOIuLw8rIGOHzVil7Gw==
.linkedin.com/	1970-01-20 22:34:04	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3359:u=1:x=1:i=1722757616:t=1722844016:v=2:sig=AQF7IW1upjXUiuBA-kl8XoQY0p7HdN5_"
.kroll.com/	1970-01-21 08:08:37	Name: _ga Value: GA1.1.2047814944.1722757616
.kroll.com/	1970-01-21 00:42:13	Name: _fbp Value: fb.1.1722757616938.120528532451161090
.kroll.com/	1970-01-21 08:08:37	Name: _ga_S0E5692XKD Value: GS1.1.1722757616.1.0.1722757616.60.0.579818207
www.kroll.com/	1970-01-21 07:54:13	Name: hasNoConsentForAnalytics Value: true
.kroll.com/	1970-01-20 22:32:39	Name: __cf_bm Value: eojjxxERMxrezpEhyNwjpS4BHlBaoVydaK7_z8JIWlk-1722757617-1.0.1.1-NeV4SOhZHoJzwD_z80SQOzIwtQsWWx._CJ7xQ1Y9kOMqGxoCK6Iyd7s8KJdy7AYehHmp9xuuo.AwRZ.8eNCcOA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-kroll.kroll.com
bat.bing.com
cdn.cookielaw.org
code.jquery.com
connect.facebook.net
geolocation.onetrust.com
learn.kroll.com
media-cdn.kroll.com
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
static.searchstax.com
stats.g.doubleclick.net
unpkg.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.kroll.com
www.facebook.com
2001:4860:4802:32::36
2600:9000:2156:b000:1e:d7b:ca80:93a1
2606:4700::6811:f8cb
2606:4700::6812:102a
2606:4700::6812:112a
2606:4700::6812:1c7f
2606:4700::6812:562a
2620:1ec:21::14
2620:1ec:50::12
2620:1ec:c11::237
2a00:1450:4001:80b::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9c
2a02:26f0:3500:10::210:a9a
2a02:26f0:3500:16::215:148b
2a02:26f0:480:f::213:7ece
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::649
0945f4f93fe22b7173a9e0018a6a749b7ebc9487e47585416b27366abfeab053
0aaa817ba4763ed01b1cab3f64ad7f8d440d264fdf6de4fa9dad1687d89346d3
0fecb0360330011380851e37c2545ac80be0a830070186b3d9f208356acb1771
11f3d85595702fd77aeb8063e61c2fb43582a254f27e280cab4bbf2f7396c202
12d5e49b2d841cf9f15fed12bdb758253a31602fc15d4cef5116c435c603ebb0
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
1708df7a86cecd5d2eb2843132d83e79eeebe5684941baa742d17f9c003f1593
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f7e6e885338b95a02cbaac9265064c73f40645bc79c729ccda0624fc8ef14c8
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2485843adbefbc1ca83a1670fa4a1d3de1585cc76af071e262c6eb0f451e831d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2834f9b82c4c204a45b78aa75d5fd38ca0e07df3899a10b0d44e02aa05959c9c
2cb43fcb2a053b758441c8dac6d1738dd6d9fee19b7530fd7c21a14b7bf21832
2f858d583b340bb3ce40494e35e6901890579b885d5548b9dc258321e3903f84
308a9c476c3561fadda0e17654698bd328ee9f4cd743f6a714a784e217ec0b7b
3de2d42ec9fc61775e6a8a861d75ee9bb73a220cf0f321eb69bb37f5b055eccf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46b0dc3066786d9507f347b076d34abc4c6f92f32ba5ff9d61d109c6b2b9b2d2
47bbe04bc037b59eed1c4ed0957263ae563750676dafabe84e68e00b1064472e
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4d612da165bfae98c86fde27c80b48ee65eabc425f8d2c916f6dca0e09fe02b3
51c8dc48fb49d5df075bf32d6655815cce9440a80bef0458f72a5bb85fa96d4f
59d3f8d87e18dfee69379664d7fb08a6237c60fb59fdf0dbc75140c57856258b
5e0896a43f474ac8d48ea337dccaf0a9db5e8520f408cc599720d797884023e8
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fb3986fd2acc073eb18172bb6e57ee7d97f42bcb928cff281e072c9fba43c03
61c03f1e629264ce3dc38275a0fbea93f28fc6c9fee25731e56c11049da57351
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
693837a099b667bafe1bb0a0c3dd1e399d4354559457188353765e126eb75845
69ea2cf5decd69fee9230fb040971b61d5b2ccd2b6e264e2088e4f04ec8786c0
6e1025ec3e9db231f2a41403695811c934c05fd1ae222cd96c648a1ff4809d3a
74bfd6cab6c8204b1b9a82df0724714101b96af65bc74df3ed192c10471e3323
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
8149e0b470fb5df0ac930313119ab2ee6a0e2e86dbf59e169ec1ebd8f7312126
88158137f0bd3e348d6d208070e5b0176fb2e06f53847dbf849ae86632444dd0
8818c6ce92d7271b64195c515a5d9351e0eb4c2b0e4c4811a3b8c69e50242594
8b3d63582f102c09b0569a1c48c09cbfdd5379138c2284db554f52a4a005a46f
8e6b3272816c9b6efeb0b3ccc16326c123d9860f38d7c7c4fc215334559996e2
976487b5ab6810e26d7ad797496c12d2073789a490d8b4a04d049e319c358be0
9e9dddedc7603210ab47959449ab07291a9032faa84a98940207aa2db0ace94a
a43925d049aff91c2b5774062181a55ce127ee60db35867c8b7227bf2aab06e5
a4f4ba93d102fbbe9d9d8df0a1e9fd1e7710b3dc0e4ed5addde839ea162172ca
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
b2d4d434cd0f6ee8d54ffbef36245e2eda0df162ce19158573a6accd6ae99dba
bbc9afb080826c41e45a20d57ae8e4852ada3895441ddbb93a2cf2222aea007b
c05daf349703c8c75d074ee063364f10cf4ee239ab614fdab71bebbf00773c82
c94983f83a0cfbea336be1be7b542f2ce120e5f81dc1f7b344118eb5b9a58288
ca4e50fd5dd7463d1aaf759c82e6b496046134952084afad10f78243671dee87
cdf3ae15f0dfe2f8fca1d0edf6c09d891845abfd9472781f52cf0bf024d56de1
d15c48611b9c47c0e2f62ccde572a3925911ee9bbbbd47a2f686d294594d07fb
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
dcf71c362ded00e7da1138606d19a5ed84a15e5bd4228dcb116e5834eb43c2ec
ddbd38e4aa0091bd12ae96b912adacfd4fc9967747bf641931238611288e3129
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e273f97d09c191727b7b31e33582f5ae140b698f4f782aac6d6453535e4cb0dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6eae0251ff9d9602e618bd779c3c7234b243fb71da5afa4e502443e9c007bd4
e7d76bb85548d1575c278d7418ea22c7d96002fea30af8d11f3c7e702e9e4a64
edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49
ede9dc127fba99fcbf5117562deb4fd2afc639a06c9b638d1725d5c4e02d8639
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4dfeb8629df21ab8939a77ed8c83a0cd69142b66e3bf2d94f1c1284092c40d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa945428d0f321d0de0cf84d758b6139ab07f0dfd5255e0fe063d84952b7ee42
fb3920f565f06995ea5e9a0004a8367a0b2b4b2fc71b3829490f6b1f6690e452
fbc59c57d4b5938e5be0958aa9ccd993870a94fef6a3fc9d2841e5cfabce71c7
fec0b27ddd08709211d8db4628d635c33458f004ca9ca800101e1fc2911329a2

www.kroll.com Open in urlscan Pro 2606:4700::6812:102a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

96 %HTTPS

100 %IPv6

17 Domains

22 Subdomains

21 IPs

3 Countries

2071 kBTransfer

6517 kBSize

17 Cookies

10 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.kroll.com Open in urlscan Pro
2606:4700::6812:102a Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

96 %
HTTPS

100 %
IPv6

17
Domains

22
Subdomains

21
IPs

3
Countries

2071 kB
Transfer

6517 kB
Size

17
Cookies

85 HTTP transactions
0 data transactions