urlscan.io logo urlscan.io
SecurityTrails logo

ha.pivot.rrd.com Open in urlscan Pro
162.27.116.168  Public Scan

Go To Rescan Add Verdict Report
URL: https://ha.pivot.rrd.com/US01_PVT9011/webdfs_email_images/WCS1000/RRD
Submission: On September 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 162.27.116.168, located in United States and belongs to RRD, US. The main domain is ha.pivot.rrd.com. The Cisco Umbrella rank of the primary domain is 569143.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 9th 2023. Valid for: a year.
This is the only time ha.pivot.rrd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 162.27.116.168 14328 (RRD)
3 1
Apex Domain
Subdomains		 Transfer
3 rrd.com
ha.pivot.rrd.com — Cisco Umbrella Rank: 569143
75 KB
3 1
Domain Requested by
3 ha.pivot.rrd.com ha.pivot.rrd.com
3 1

This site contains no links.

Subject Issuer Validity Valid
*.PIVOT.RRD.COM
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-03-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ha.pivot.rrd.com/US01_PVT9011/webdfs_email_images/WCS1000/RRD
Frame ID: 09C47D1320FF5C15B5AE33A38F133A7D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 - File or directory not found.

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

75 kB
Transfer

185 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request RRD
ha.pivot.rrd.com/US01_PVT9011/webdfs_email_images/WCS1000/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ha.pivot.rrd.com/US01_PVT9011/webdfs_email_images/WCS1000/RRD
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
162.27.116.168 , United States, ASN14328 (RRD, US),
Reverse DNS
dgha.pivot.rrd.com
Software
Microsoft-IIS/10.0 /
Resource Hash
a4497d11216b286cb5446f54561012704cab157f1f95e07a6691be8bfb458798
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.rrd.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' https://*.rrd.com https://rrdcare.rrd.com;
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
1676
Content-Security-Policy
default-src 'self' https://*.rrd.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' https://*.rrd.com https://rrdcare.rrd.com;
Content-Type
text/html
Date
Thu, 14 Sep 2023 13:00:01 GMT
Expect-CT
max-age=86400, enforce
Referrer-Policy
same-origin
Server
Microsoft-IIS/10.0
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1034864440"
Strict-Transport-Security
max-age=604800; includeSubDomains
X-Content-Type-Options
NOSNIFF
X-OneAgent-JS-Injection
true
X-Permitted-Cross-Domain-Policies
master-only
X-XSS-Protection
1; mode=block
X-ruxit-JS-Agent
true
XFrame-Options
SAMEORIGIN
x-frame-options
SAMEORIGIN
ruxitagentjs_ICA2NVfqru_10273230728040645.js
ha.pivot.rrd.com/US01_PVT9011/ 		183 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ha.pivot.rrd.com/US01_PVT9011/ruxitagentjs_ICA2NVfqru_10273230728040645.js
Requested by
Host: ha.pivot.rrd.com
URL: https://ha.pivot.rrd.com/US01_PVT9011/webdfs_email_images/WCS1000/RRD
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
162.27.116.168 , United States, ASN14328 (RRD, US),
Reverse DNS
dgha.pivot.rrd.com
Software
Microsoft-IIS/10.0 /
Resource Hash
eb0284a88a2eea218a5e7e5d04b3cd339254bc696d6b6175d5a35410cc337773
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.rrd.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' https://*.rrd.com https://rrdcare.rrd.com;
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ha.pivot.rrd.com/US01_PVT9011/webdfs_email_images/WCS1000/RRD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' https://*.rrd.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' https://*.rrd.com https://rrdcare.rrd.com;
Content-Encoding
gzip
X-Content-Type-Options
NOSNIFF
Date
Thu, 14 Sep 2023 13:00:01 GMT
X-Permitted-Cross-Domain-Policies
master-only
Strict-Transport-Security
max-age=604800; includeSubDomains
XFrame-Options
SAMEORIGIN
Content-Length
73130
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
Server
Microsoft-IIS/10.0
Expect-CT
max-age=86400, enforce
x-frame-options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=31536000, immutable
Expires
Fri, 13 Sep 2024 13:00:02 GMT
rb_bf05330dka
ha.pivot.rrd.com/US01_PVT9011/ 		117 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ha.pivot.rrd.com/US01_PVT9011/rb_bf05330dka?type=js3&sn=v_4_srv_9_sn_1017DB037EA658C7605ABF9A6356450B_perc_100000_ol_0_mul_1_app-3Aec9fd9894b6b9e60_1_rcs-3Acss_0&svrid=9&flavor=post&vi=HPWIELMHJNUKNFFTLDJKMCJQAAMHJUME-0&modifiedSince=1694098792861&rf=https%3A%2F%2Fha.pivot.rrd.com%2FUS01_PVT9011%2Fwebdfs_email_images%2FWCS1000%2FRRD&bp=3&app=ec9fd9894b6b9e60&crc=4026543235&en=drhykojg&end=1
Requested by
Host: ha.pivot.rrd.com
URL: https://ha.pivot.rrd.com/US01_PVT9011/ruxitagentjs_ICA2NVfqru_10273230728040645.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
162.27.116.168 , United States, ASN14328 (RRD, US),
Reverse DNS
dgha.pivot.rrd.com
Software
Microsoft-IIS/10.0 /
Resource Hash
7abf76d182fb3428fde9969e4896e03861d17404ca04f038b6c913f7f424e816
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.rrd.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' https://*.rrd.com https://rrdcare.rrd.com;
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ha.pivot.rrd.com/US01_PVT9011/webdfs_email_images/WCS1000/RRD
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Content-Security-Policy
default-src 'self' https://*.rrd.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' https://*.rrd.com https://rrdcare.rrd.com;
Date
Thu, 14 Sep 2023 13:00:03 GMT
X-Content-Type-Options
NOSNIFF
Referrer-Policy
same-origin
Server
Microsoft-IIS/10.0
X-Permitted-Cross-Domain-Policies
master-only
XFrame-Options
SAMEORIGIN
Expect-CT
max-age=86400, enforce
x-frame-options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Strict-Transport-Security
max-age=604800; includeSubDomains
Content-Length
117
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dT_ object| dtrum object| dynatrace

5 Cookies

Domain/Path Name / Value
.rrd.com/ Name: dtCookie
Value: v_4_srv_9_sn_1017DB037EA658C7605ABF9A6356450B_perc_100000_ol_0_mul_1_app-3Aec9fd9894b6b9e60_1_rcs-3Acss_0
.rrd.com/ Name: rxVisitor
Value: 1694696402535BP3VDQQR2Q494OUKNJMO81O2JKD26C1T
.rrd.com/ Name: dtSa
Value: -
.rrd.com/ Name: rxvt
Value: 1694698202552|1694696402536
.rrd.com/ Name: dtPC
Value: 9$296402533_405h-vHPWIELMHJNUKNFFTLDJKMCJQAAMHJUME-0e0

1 Console Messages

Source Level URL
Text
network error URL: https://ha.pivot.rrd.com/US01_PVT9011/webdfs_email_images/WCS1000/RRD
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.rrd.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' https://*.rrd.com https://rrdcare.rrd.com;
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ha.pivot.rrd.com
162.27.116.168
7abf76d182fb3428fde9969e4896e03861d17404ca04f038b6c913f7f424e816
a4497d11216b286cb5446f54561012704cab157f1f95e07a6691be8bfb458798
eb0284a88a2eea218a5e7e5d04b3cd339254bc696d6b6175d5a35410cc337773