www.kroll.com Open in urlscan Pro
2606:4700:4400::ac40:9077 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.kroll.com/en/contactus?utm_campaign=PAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC&utm_medium=email&u...
Submission: On December 16 via api (December 16th 2024, 2:08:31 pm UTC) from DE — Scanned from DE

Summary HTTP 71 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 16 domains to perform 71 HTTP transactions. The main IP is 2606:4700:4400::ac40:9077, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kroll.com. The Cisco Umbrella rank of the primary domain is 783980.
TLS certificate: Issued by E6 on November 17th 2024. Valid for: 3 months.

This is the only time www.kroll.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2606:4700:440... 2606:4700:4400::ac40:9077	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:780... 2a02:26f0:780::210:a419	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:780... 2a02:26f0:780::210:a45b	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1 2	104.18.94.41 104.18.94.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:33:3... 2620:1ec:33:3::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2606:4700::68... 2606:4700::6811:f9cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:280... 2a02:26f0:280:13::213:b73	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	104.18.95.41 104.18.95.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
71	20

29 2606:4700:4400::ac40:9077 (United States)

ASN13335 (CLOUDFLARENET, US)

www.kroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media-cdn.kroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
learn.kroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a419 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:780::210:a45b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.94.41 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33:3::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f9cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:280:13::213:b73 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	kroll.com www.kroll.com — Cisco Umbrella Rank: 783980 media-cdn.kroll.com learn.kroll.com	789 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 329	176 KB
6	typekit.net p.typekit.net — Cisco Umbrella Rank: 571 use.typekit.net — Cisco Umbrella Rank: 460	109 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333 px4.ads.linkedin.com — Cisco Umbrella Rank: 7032	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	21 KB
3	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 3147	16 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	280 KB
2	bing.net bat.bing.net — Cisco Umbrella Rank: 8327	460 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	212 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 831	15 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 740	4 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 359	15 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 514	303 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	30 KB
71	16

	Domain	Requested by
26	www.kroll.com	www.kroll.com
11	cdn.cookielaw.org	www.kroll.com cdn.cookielaw.org
5	use.typekit.net	www.kroll.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	challenges.cloudflare.com	1 redirects www.kroll.com challenges.cloudflare.com
3	www.googletagmanager.com	www.kroll.com www.googletagmanager.com
2	bat.bing.net	bat.bing.com www.kroll.com
2	www.facebook.com	www.kroll.com
2	www.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	www.kroll.com connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	unpkg.com	1 redirects www.kroll.com
2	bat.bing.com	www.googletagmanager.com bat.bing.com
2	media-cdn.kroll.com	www.kroll.com
1	learn.kroll.com	www.kroll.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	px4.ads.linkedin.com	www.kroll.com
1	code.jquery.com	www.kroll.com
1	p.typekit.net	www.kroll.com
71	21

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
careers.kroll.com
www.integritycounts.ca
media-cdn.kroll.com
www.onetrust.com

Subject Issuer	Validity	Valid
kroll.com E6	`2024-11-17` - `2025-02-15`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-10` - `2026-01-10`	a year	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 08	`2024-12-15` - `2025-06-13`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2024-12-02` - `2025-12-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-24` - `2024-12-23`	3 months	crt.sh
challenges.cloudflare.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
cookielaw.org WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.kroll.com/en/contactus?utm_campaign=PAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC&utm_medium=email&utm_source=Eloqua&elqTrackId=d54cef315d1f43c082909912dd467f10&elq=9d313246491d47bdb39ed28d3b0b21ae&elqaid=16859&elqat=1&elqCampaignId=5834&elqcst=272&elqcsid=423&elqak=8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0
Frame ID: A8CC48830ECB40A196A2252C37A8F775
Requests: 69 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/m2e8g/0x4AAAAAAAhFNPqK7a_h4e1B/light/fbE/normal/en/
Frame ID: 705809EB65B6A5267F9FD5CB316CA327
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.kroll.com
Frame ID: 4D07CF908F11C519E07373539A40C26D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Contact Us | Kroll

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

96 %
HTTPS

70 %
IPv6

16
Domains

21
Subdomains

20
IPs

3
Countries

1534 kB
Transfer

6136 kB
Size

11
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/kroll/
Title: Social-Icons

Search URL Search Domain Scan URL

URL: https://twitter.com/KrollWire
Title: Social-Icons

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wearekroll
Title: Social-Icons

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wearekroll
Title: Social-Icons

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/kroll
Title: Social-Icons

Search URL Search Domain Scan URL

URL: https://careers.kroll.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.integritycounts.ca/
Title: Kroll Ethics Hotline

Search URL Search Domain Scan URL

URL: https://media-cdn.kroll.com/jssmedia/assets/pdfs/kroll-slavery-and-human-trafficking-statement.pdf
Title: Modern Slavery Statement

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js

Request Chain 31

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

Request Chain 43

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1734358106070&url=https%3A%2F%2Fwww.kroll.com%2Fen%2Fcontactus%3Futm_campaign%3DPAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DEloqua%26amp%3BelqTrackId%3Dd54cef315d1f43c082909912dd467f10%26amp%3Belq%3D9d313246491d47bdb39ed28d3b0b21ae%26amp%3Belqaid%3D16859%26amp%3Belqat%3D1%26amp%3BelqCampaignId%3D5834%26amp%3Belqcst%3D272%26amp%3Belqcsid%3D423%26amp%3Belqak%3D8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1734358106070&url=https%3A%2F%2Fwww.kroll.com%2Fen%2Fcontactus%3Futm_campaign%3DPAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DEloqua%26amp%3BelqTrackId%3Dd54cef315d1f43c082909912dd467f10%26amp%3Belq%3D9d313246491d47bdb39ed28d3b0b21ae%26amp%3Belqaid%3D16859%26amp%3Belqat%3D1%26amp%3BelqCampaignId%3D5834%26amp%3Belqcst%3D272%26amp%3Belqcsid%3D423%26amp%3Belqak%3D8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0&tm=gtmv2&e_ipv6=AQIpUpG6e50qpAAAAZPPzICZbdq5Ygkz0foiCnG_S-4qVOEdV7bBC511aLn9z4HrQUhJgaGw

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request contactus Show response
www.kroll.com/en/ 297 KB
48 KB 720ms
677ms Document
text/html 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/en/contactus?utm_campaign=PAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC&utm_medium=email&utm_source=Eloqua&elqTrackId=d54cef315d1f43c082909912dd467f10&elq=9d313246491d47bdb39ed28d3b0b21ae&elqaid=16859&elqat=1&elqCampaignId=5834&elqcst=272&elqcsid=423&elqak=8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

59a9b4eb9429e391a51e7264384a2fb6799952714cd2340c080fbadaf9861c92

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: public, s-maxage=10, stale-while-revalidate=59
cf-cache-status: DYNAMIC
cf-ray: 8f2f3eca2dbadca2-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:08:25 GMT
permissions-policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
referrer-policy: strict-origin
request-context: appId=cid-v1:
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-middleware-rewrite: /en/_site_kroll/contactus?amp%3Belq=9d313246491d47bdb39ed28d3b0b21ae&amp%3BelqCampaignId=5834&amp%3BelqTrackId=d54cef315d1f43c082909912dd467f10&amp%3Belqaid=16859&amp%3Belqak=8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0&amp%3Belqat=1&amp%3Belqcsid=423&amp%3Belqcst=272&amp%3Butm_medium=email&amp%3Butm_source=Eloqua&utm_campaign=PAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC
x-powered-by: Next.js
x-sc-rewrite: /_site_kroll/contactus

GET
H2 200 c2e846f2621419d8.css
www.kroll.com/_next/static/css/ 1 MB
128 KB 65ms
64ms Stylesheet
text/css 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/css/c2e846f2621419d8.css

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en/contactus?utm_campaign=PAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC&utm_medium=email&utm_source=Eloqua&elqTrackId=d54cef315d1f43c082909912dd467f10&elq=9d313246491d47bdb39ed28d3b0b21ae&elqaid=16859&elqat=1&elqCampaignId=5834&elqcst=272&elqcsid=423&elqak=8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2de034672ea0432edf7f12a2d698c8c3f4d764d18922e5013cf3056d9b61103d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"14af89-193bf6c10e8"
age: 274713
cf-ray: 8f2f3ece7889dca2-FRA
request-context: appId=cid-v1:
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 13 Dec 2024 09:49:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 4faea7a56df9c715.css
www.kroll.com/_next/static/css/ 29 KB
7 KB 64ms
64ms Stylesheet
text/css 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/css/4faea7a56df9c715.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f3d85595702fd77aeb8063e61c2fb43582a254f27e280cab4bbf2f7396c202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"73e0-190ee6b1775"
age: 7550012
cf-ray: 8f2f3ece788cdca2-FRA
request-context: appId=cid-v1:
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 26 Jul 2024 09:41:54 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 webpack-6b87c4dfd5b4a3b9.js Show response
www.kroll.com/_next/static/chunks/ 2 KB
1 KB 136ms
130ms Script
application/javascript 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/webpack-6b87c4dfd5b4a3b9.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aaa817ba4763ed01b1cab3f64ad7f8d440d264fdf6de4fa9dad1687d89346d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6c5-18d00b0c51d"
age: 13704802
cf-ray: 8f2f3ecec94ddca2-FRA
request-context: appId=cid-v1:
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 13 Jan 2024 02:40:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 framework-9404d76916f8a9f9.js Show response
www.kroll.com/_next/static/chunks/ 206 KB
66 KB 136ms
131ms Script
application/javascript 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/framework-9404d76916f8a9f9.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cb43fcb2a053b758441c8dac6d1738dd6d9fee19b7530fd7c21a14b7bf21832

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"33701-18f19c7a049"
age: 7550012
cf-ray: 8f2f3ecec950dca2-FRA
request-context: appId=cid-v1:
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 26 Apr 2024 09:41:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 main-bff998b1b6a9dce5.js Show response
www.kroll.com/_next/static/chunks/ 115 KB
34 KB 135ms
129ms Script
application/javascript 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47bbe04bc037b59eed1c4ed0957263ae563750676dafabe84e68e00b1064472e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1cbf6-18f19c7a049"
age: 20233544
cf-ray: 8f2f3ecec952dca2-FRA
request-context: appId=cid-v1:
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 26 Apr 2024 09:41:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 _app-17684ba02a6753ba.js Show response
www.kroll.com/_next/static/chunks/pages/ 16 KB
6 KB 86ms
79ms Script
application/javascript 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/pages/_app-17684ba02a6753ba.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f0113ec130a3eeaa0bbed2b5f81b1238ed5cca880bdc2a7b3e4509fc44931e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"3e1c-19209a6c4ce"
age: 1496224
cf-ray: 8f2f3ecec955dca2-FRA
request-context: appId=cid-v1:
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 19 Sep 2024 09:39:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 b637e9a5-c2a222d187f3c3d1.js Show response
www.kroll.com/_next/static/chunks/ 85 KB
30 KB 119ms
113ms Script
application/javascript 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/b637e9a5-c2a222d187f3c3d1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e9dddedc7603210ab47959449ab07291a9032faa84a98940207aa2db0ace94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"152b3-18f19c7a03a"
age: 1761537
cf-ray: 8f2f3ecec957dca2-FRA
request-context: appId=cid-v1:
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 26 Apr 2024 09:41:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 469-4f93c617f9d68d85.js Show response
www.kroll.com/_next/static/chunks/ 965 KB
286 KB 85ms
77ms Script
application/javascript 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/469-4f93c617f9d68d85.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec39dd6552da15a8904979103c9936f7cca5ea14cc7174df537364f2234644ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"f13d3-193bf6c10c9"
age: 274713
cf-ray: 8f2f3ecec959dca2-FRA
request-context: appId=cid-v1:
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 13 Dec 2024 09:49:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 949-2412068f8725a392.js Show response
www.kroll.com/_next/static/chunks/ 593 KB
140 KB 135ms
128ms Script
application/javascript 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/949-2412068f8725a392.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99cbdade95a82cbd3df64bc9f3cb474548e8f457365dd9f2b8bfa8e1ade35568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"945ef-193bf6c10d9"
age: 274713
cf-ray: 8f2f3ecec95adca2-FRA
request-context: appId=cid-v1:
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 13 Dec 2024 09:49:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 %5B%5B...path%5D%5D-1d29f51fc4cd715f.js Show response
www.kroll.com/_next/static/chunks/pages/ 265 B
308 B 84ms
77ms Script
application/javascript 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/chunks/pages/%5B%5B...path%5D%5D-1d29f51fc4cd715f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f01f775c3514e2743e7496b786d241e3687bb6b2556698663cf0158e8eb1ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000, immutable
content-encoding: br
cf-cache-status: HIT
etag: W/"109-1930b2a1f98"
age: 3298879
cf-ray: 8f2f3ecec95bdca2-FRA
request-context: appId=cid-v1:
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 08 Nov 2024 09:45:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 _buildManifest.js Show response
www.kroll.com/_next/static/1mXs4RtYY2hRjnf9rFjw8/ 2 KB
723 B 134ms
127ms Script
application/javascript 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/1mXs4RtYY2hRjnf9rFjw8/_buildManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab41a32c3f45a096440dc3b3d87777d584d883eaace9d2248d83fa8b8806cd8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"811-193bf6c10aa"
age: 274713
cf-ray: 8f2f3ecec95ddca2-FRA
request-context: appId=cid-v1:
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 13 Dec 2024 09:49:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 _ssgManifest.js Show response
www.kroll.com/_next/static/1mXs4RtYY2hRjnf9rFjw8/ 91 B
138 B 135ms
120ms Script
application/javascript 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/static/1mXs4RtYY2hRjnf9rFjw8/_ssgManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000, immutable
content-encoding: br
cf-cache-status: HIT
etag: W/"5b-193bf6c10ba"
age: 274713
cf-ray: 8f2f3ecec974dca2-FRA
request-context: appId=cid-v1:
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 13 Dec 2024 09:49:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 50ms
8ms Stylesheet
text/css 2a02:26f0:780::210:a419
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=pmd7cky&ht=tk&f=28901.40484.40485.40486.40487.40488.40490.40492.40494&a=91935826&app=typekit&e=css
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/contactus?utm_campaign=PAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC&utm_medium=email&utm_source=Eloqua&elqTrackId=d54cef315d1f43c082909912dd467f10&elq=9d313246491d47bdb39ed28d3b0b21ae&elqaid=16859&elqat=1&elqCampaignId=5834&elqcst=272&elqcsid=423&elqak=8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a419 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

cache-control: public, max-age=604800
etag: "674c5a4a-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: text/css
last-modified: Sun, 01 Dec 2024 12:44:58 GMT
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 628 KB
148 KB 214ms
96ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b434ea4d6c04b6e6e1c9207f2424eb2f8b035e0fde27fdbab5d08fb8bb9ef7e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 16 Dec 2024 14:08:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 16 Dec 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 150491
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 email-decode.min.js Show response
www.kroll.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
848 B 119ms
70ms Script
application/javascript 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"675318bd-4d7"
x-content-type-options: nosniff
cf-ray: 8f2f3ecf4aaddca2-FRA
expires: Wed, 18 Dec 2024 14:08:25 GMT
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 15:31:09 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 l
use.typekit.net/af/ff2f63/00000000000000007735b8ff/30/ 22 KB
23 KB 53ms
16ms Font
application/font-woff2 2a02:26f0:780::210:a45b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ff2f63/00000000000000007735b8ff/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/contactus?utm_campaign=PAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC&utm_medium=email&utm_source=Eloqua&elqTrackId=d54cef315d1f43c082909912dd467f10&elq=9d313246491d47bdb39ed28d3b0b21ae&elqaid=16859&elqat=1&elqCampaignId=5834&elqcst=272&elqcsid=423&elqak=8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a45b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 308a9c476c3561fadda0e17654698bd328ee9f4cd743f6a714a784e217ec0b7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kroll.com
Referer: https://www.kroll.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "575f27d0430e8d1712e555d32fac51d3e2d0419a"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22944
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/42930b/00000000000000007735b8f6/30/ 22 KB
22 KB 65ms
29ms Font
application/font-woff2 2a02:26f0:780::210:a45b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/42930b/00000000000000007735b8f6/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/contactus?utm_campaign=PAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC&utm_medium=email&utm_source=Eloqua&elqTrackId=d54cef315d1f43c082909912dd467f10&elq=9d313246491d47bdb39ed28d3b0b21ae&elqaid=16859&elqat=1&elqCampaignId=5834&elqcst=272&elqcsid=423&elqak=8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a45b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: d15c48611b9c47c0e2f62ccde572a3925911ee9bbbbd47a2f686d294594d07fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kroll.com
Referer: https://www.kroll.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "eded4f04a82d452a8cbdbd77cbfeb2827dc8164b"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22596
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/cc6127/00000000000000007735b904/30/ 22 KB
22 KB 70ms
34ms Font
application/font-woff2 2a02:26f0:780::210:a45b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cc6127/00000000000000007735b904/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/contactus?utm_campaign=PAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC&utm_medium=email&utm_source=Eloqua&elqTrackId=d54cef315d1f43c082909912dd467f10&elq=9d313246491d47bdb39ed28d3b0b21ae&elqaid=16859&elqat=1&elqCampaignId=5834&elqcst=272&elqcsid=423&elqak=8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a45b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: ea91713e3c5fce65c2d418ce476563bee6e0d02b530ecdc1a5276258d4b1055c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kroll.com
Referer: https://www.kroll.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "a75b36b43118707b7b5c1ffadc4989706090b88e"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22616
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/0fa94e/00000000000000007735a098/30/ 20 KB
20 KB 62ms
26ms Font
application/font-woff2 2a02:26f0:780::210:a45b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0fa94e/00000000000000007735a098/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/contactus?utm_campaign=PAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC&utm_medium=email&utm_source=Eloqua&elqTrackId=d54cef315d1f43c082909912dd467f10&elq=9d313246491d47bdb39ed28d3b0b21ae&elqaid=16859&elqat=1&elqCampaignId=5834&elqcst=272&elqcsid=423&elqak=8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a45b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 4d612da165bfae98c86fde27c80b48ee65eabc425f8d2c916f6dca0e09fe02b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kroll.com
Referer: https://www.kroll.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "e6cdd128d302fc151cf53e279ed70d832b77d2aa"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 20024
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/7ac87a/00000000000000007735b8f0/30/ 22 KB
22 KB 56ms
20ms Font
application/font-woff2 2a02:26f0:780::210:a45b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7ac87a/00000000000000007735b8f0/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/contactus?utm_campaign=PAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC&utm_medium=email&utm_source=Eloqua&elqTrackId=d54cef315d1f43c082909912dd467f10&elq=9d313246491d47bdb39ed28d3b0b21ae&elqaid=16859&elqat=1&elqCampaignId=5834&elqcst=272&elqcsid=423&elqak=8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a45b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: ef4dfeb8629df21ab8939a77ed8c83a0cd69142b66e3bf2d94f1c1284092c40d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kroll.com
Referer: https://www.kroll.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "0e49eef4170a0f869d093451710f6ed87674d9c1"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22388
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 contact-bg.webp
media-cdn.kroll.com/jssmedia/kroll-images/bg-images/ 10 KB
10 KB 72ms
58ms Image
application/octet-stream 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/bg-images/contact-bg.webp?iar=0&mw=128

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fd8322f5c526793a2d09c67de160ce0cf14752efd8c8bf12e05ecf0f7585171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-md5: 4nc/qOCAaVDRgp1R08GTLQ==
x-ms-server-encrypted: true
x-ms-lease-status: unlocked
cf-cache-status: HIT
etag: "0x8DCCE3AC61505EC"
age: 343603
x-ms-version: 2022-11-02
x-ms-lease-state: available
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/octet-stream
last-modified: Fri, 06 Sep 2024 06:11:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
x-ms-creation-time: Fri, 26 Jul 2024 10:17:09 GMT
cache-control: max-age=2592000
x-ms-request-id: 03e6af85-501e-0074-4636-1d058c000000
cf-ray: 8f2f3ed02ce2dca2-FRA
accept-ranges: bytes
content-length: 10094
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 kroll-footer-image.jpg
media-cdn.kroll.com/jssmedia/kroll-images/homepage/ 3 KB
3 KB 67ms
54ms Image
image/jpeg 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cdn.kroll.com/jssmedia/kroll-images/homepage/kroll-footer-image.jpg?h=200&iar=0&w=200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

108f822bf7960469b476fb3790e46b3777c89908358f2d294eb4772b367cce1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-md5: ViuAfYX4mUZ6hAjBKgAftw==
x-ms-server-encrypted: true
x-ms-lease-status: unlocked
cf-cache-status: HIT
etag: "0x8DCD7118189465A"
age: 1409574
cf-bgj: imgq:85,h2pri
x-ms-version: 2022-11-02
x-ms-lease-state: available
cf-polished: status=format_not_supported
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: image/jpeg
last-modified: Tue, 17 Sep 2024 12:08:56 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
x-ms-creation-time: Tue, 17 Sep 2024 12:08:56 GMT
cache-control: max-age=2592000
x-ms-request-id: 6fcb4365-c01e-0072-27c5-13c701000000
cf-ray: 8f2f3ed02cdfdca2-FRA
accept-ranges: bytes
content-length: 2654
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 27ms
5ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d84"
age: 6853950
x-cache: HIT, HIT
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 9, 577779
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga21981-LGA, cache-fra-eddf8230056-FRA
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1734358106.839556,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30879
server: nginx

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js

47 KB
16 KB

57ms
56ms

Script
application/javascript

104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/contactus?utm_campaign=PAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC&utm_medium=email&utm_source=Eloqua&elqTrackId=d54cef315d1f43c082909912dd467f10&elq=9d313246491d47bdb39ed28d3b0b21ae&elqaid=16859&elqat=1&elqCampaignId=5834&elqcst=272&elqcsid=423&elqak=8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0
Protocol: H3
Server: 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

server: cloudflare
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding: br
cross-origin-resource-policy: cross-origin
cf-ray: 8f2f3ed1dd3ddbec-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 03 Dec 2024 18:31:41 GMT
vary: Accept-Encoding
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location: /turnstile/v0/g/f9063374b04d/api.js
cross-origin-resource-policy: cross-origin
cf-ray: 8f2f3ed18c70dbec-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:08:25 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2 200 hotlines.json Show response
www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en/ 2 B
400 B 155ms
150ms Fetch 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en/hotlines.json?path=hotlines

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

x-nextjs-data: 1
Referer: https://www.kroll.com/
purpose: prefetch
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
x-sc-rewrite: /_site_kroll/hotlines
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:25 GMT
x-middleware-skip: 1
x-middleware-rewrite: /en/_site_kroll/hotlines?path=hotlines
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
referrer-policy: strict-origin
cf-ray: 8f2f3ed198d1dca2-FRA
permissions-policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
request-context: appId=cid-v1:
content-length: 2
x-nextjs-rewrite: /en/_site_kroll/hotlines?path=hotlines
server: cloudflare

GET
H2 200 our-team.json Show response
www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en/ 2 B
142 B 494ms
490ms Fetch 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en/our-team.json?path=our-team

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

x-nextjs-data: 1
Referer: https://www.kroll.com/
purpose: prefetch
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
x-sc-rewrite: /_site_kroll/our-team
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
x-middleware-skip: 1
x-middleware-rewrite: /en/_site_kroll/our-team?path=our-team
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
referrer-policy: strict-origin
cf-ray: 8f2f3ed198d2dca2-FRA
permissions-policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
request-context: appId=cid-v1:
content-length: 2
x-nextjs-rewrite: /en/_site_kroll/our-team?path=our-team
server: cloudflare

GET
H2 200 global-locations.json Show response
www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en/about-us/ 2 B
248 B 472ms
468ms Fetch 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en/about-us/global-locations.json?path=about-us&path=global-locations

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

x-nextjs-data: 1
Referer: https://www.kroll.com/
purpose: prefetch
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
x-sc-rewrite: /_site_kroll/about-us/global-locations
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
x-middleware-skip: 1
x-middleware-rewrite: /en/_site_kroll/about-us/global-locations?path=about-us&path=global-locations
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
referrer-policy: strict-origin
cf-ray: 8f2f3ed198d4dca2-FRA
permissions-policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
request-context: appId=cid-v1:
content-length: 2
x-nextjs-rewrite: /en/_site_kroll/about-us/global-locations?path=about-us&path=global-locations
server: cloudflare

GET
H2 200 privacy-policy.json Show response
www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en/ 2 B
178 B 178ms
174ms Fetch 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en/privacy-policy.json?path=privacy-policy

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

x-nextjs-data: 1
Referer: https://www.kroll.com/
purpose: prefetch
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
x-sc-rewrite: /_site_kroll/privacy-policy
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
x-middleware-skip: 1
x-middleware-rewrite: /en/_site_kroll/privacy-policy?path=privacy-policy
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
referrer-policy: strict-origin
cf-ray: 8f2f3ed198d5dca2-FRA
permissions-policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
request-context: appId=cid-v1:
content-length: 2
x-nextjs-rewrite: /en/_site_kroll/privacy-policy?path=privacy-policy
server: cloudflare

GET
H2 200 terms-of-use.json Show response
www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en/ 2 B
190 B 165ms
161ms Fetch 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en/terms-of-use.json?path=terms-of-use

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

x-nextjs-data: 1
Referer: https://www.kroll.com/
purpose: prefetch
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
x-sc-rewrite: /_site_kroll/terms-of-use
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
x-middleware-skip: 1
x-middleware-rewrite: /en/_site_kroll/terms-of-use?path=terms-of-use
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
referrer-policy: strict-origin
cf-ray: 8f2f3ed198d6dca2-FRA
permissions-policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
request-context: appId=cid-v1:
content-length: 2
x-nextjs-rewrite: /en/_site_kroll/terms-of-use?path=terms-of-use
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 412 KB
132 KB 78ms
58ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S0E5692XKD&l=dataLayer&cx=c&gtm=45He4cc1v79996530za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4545672f64d3c96a1cfd8b95f2f190b6f5ff9617f682fb2ae71b77c07a737ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 16 Dec 2024 14:08:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 135190
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 189ms
26ms Script
application/javascript 2620:1ec:33:3::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 10043FED0BBD444494C1AE0FFF0640C8 Ref B: LON212050704039 Ref C: 2024-12-16T14:08:26Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@4.2.4/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

7 KB
3 KB

49ms
42ms

Script
application/javascript

2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

Requested by

Protocol

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "1c3a-LeUC6s/Gcko0wscq5NFJGfOy9Yg"
age: 1511714
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JDTV3524TV775PQNEHE5P9C3-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8f2f3ed2cf393633-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /web-vitals@4.2.4/dist/web-vitals.iife.js
content-encoding: br
cf-cache-status: HIT
age: 192
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8f2f3ed28efe3633-FRA
access-control-allow-origin: *
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JF7WK4VF5D5JEYPMC0JGHH5P-fra
server: cloudflare

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 2 KB
1006 B 78ms
11ms Script
application/javascript 2a02:26f0:280:13::213:b73
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:13::213:b73 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

c57865ec6a6956797b18dc7d23a3ade16e7ced5271f4dc0796b2ed0a10f934dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

cache-control: max-age=16363
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 796
date: Mon, 16 Dec 2024 14:08:26 GMT
last-modified: Mon, 02 Dec 2024 19:28:43 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 40ms
25ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-OLay2aI9' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-OLay2aI9' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=23, mss=1232, tbw=4502, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: bzML+theOhUTf/iXeaSIyVuIS/WsFsTOUlFlCxtoFrtHALqom2aOZSYLJCFFZ5K9RreQ99aWjX1vdJOMdemHJg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62283
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 137ms
42ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-encoding: gzip
age: 5221
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 14:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 12:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 services.json Show response
www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en/ 2 B
140 B 173ms
147ms Fetch 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en/services.json?path=services

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

x-nextjs-data: 1
Referer: https://www.kroll.com/
purpose: prefetch
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
x-sc-rewrite: /_site_kroll/services
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
x-middleware-skip: 1
x-middleware-rewrite: /en/_site_kroll/services?path=services
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
referrer-policy: strict-origin
cf-ray: 8f2f3ed27b07dca2-FRA
permissions-policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
request-context: appId=cid-v1:
content-length: 2
x-nextjs-rewrite: /en/_site_kroll/services?path=services
server: cloudflare

GET
H2 200 contactus.json Show response
www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en/ 2 B
143 B 458ms
432ms Fetch 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en/contactus.json?path=contactus

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

x-nextjs-data: 1
Referer: https://www.kroll.com/
purpose: prefetch
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
x-sc-rewrite: /_site_kroll/contactus
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
x-middleware-skip: 1
x-middleware-rewrite: /en/_site_kroll/contactus?path=contactus
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
referrer-policy: strict-origin
cf-ray: 8f2f3ed27b0adca2-FRA
permissions-policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
request-context: appId=cid-v1:
content-length: 2
x-nextjs-rewrite: /en/_site_kroll/contactus?path=contactus
server: cloudflare

GET
H2 200 en.json Show response
www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/ 2 B
138 B 171ms
145ms Fetch 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/_next/data/1mXs4RtYY2hRjnf9rFjw8/en.json?path=en

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

x-nextjs-data: 1
Referer: https://www.kroll.com/
purpose: prefetch
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
x-sc-rewrite: /_site_kroll/
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
x-middleware-skip: 1
x-middleware-rewrite: /en/_site_kroll?path=en
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
referrer-policy: strict-origin
cf-ray: 8f2f3ed27b0bdca2-FRA
permissions-policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
request-context: appId=cid-v1:
content-length: 2
x-nextjs-rewrite: /en/_site_kroll?path=en
server: cloudflare

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 18ms
14ms Script
application/javascript 2a02:26f0:280:13::213:b73
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:13::213:b73 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

cache-control: max-age=83265
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Mon, 16 Dec 2024 14:08:26 GMT
last-modified: Mon, 02 Dec 2024 10:13:56 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/m2e8g/0x4AAAAAAAhFNPqK7a_h4e1B/light/fbE/normal/en/ Frame 7058 0
0 29ms
19ms Document
text/html 104.18.95.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/m2e8g/0x4AAAAAAAhFNPqK7a_h4e1B/light/fbE/normal/en/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://www.kroll.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8f2f3ed2cb5fdbde-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 14:08:26 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority: u=0,i
referrer-policy: same-origin
server: cloudflare
server-timing: cfExtPri

GET
H3 200 1043474835687043 Show response
connect.facebook.net/signals/config/ 65 KB
14 KB 30ms
29ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1043474835687043?v=2.9.179&r=stable&domain=www.kroll.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

4abbd110d8f49d8cc9288968d1597dd1db9b6b77625c8ce03bf396b7af7cbda1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-DA5uIzai' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-DA5uIzai' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=74, mss=1232, tbw=71328, tp=67, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: bGYhFUtwAavsSPhgfFe4SZwD5SmmpoZtOxLimMz79bV3r955n8xV7i8NRtQj7OAhVwDQD1xKfJ4fG8xT3WvBLg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 13996
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
701 B 259ms
193ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2A3B95175DB445C0BA6F9F7B5AE93F0D Ref B: FRAEDGE1907 Ref C: 2024-12-16T14:08:26Z
x-li-fabric: prod-lor1
access-control-allow-credentials: true
x-li-uuid: AAYpY7bVlJEZwBbimKYeFQ==
x-li-proto: http/2
access-control-allow-origin: https://www.kroll.com
x-cache: CONFIG_NOCACHE
date: Mon, 16 Dec 2024 14:08:25 GMT
vary: Origin

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
816 B 243ms
202ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=654419&time=1734358106070&url=https%3A%2F%2Fwww.kroll.com%2Fen%2Fcontactus%3Futm_campaign%3DPAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DEloqua%26amp%3BelqTrackId%3Dd54cef315d1f43c082909912dd467f10%26amp%3Belq%3D9d313246491d47bdb39ed28d3b0b21ae%26amp%3Belqaid%3D16859%26amp%3Belqat%3D1%26amp%3BelqCampaignId%3D5834%26amp%3Belqcst%3D272%26amp%3Belqcsid%3D423%26amp%3Belqak%3D8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Referer: https://www.kroll.com/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 00062963b6d556f72bf0b81a658804f1
x-msedge-ref: Ref A: 781F9C242DF3492895636B54B23EF972 Ref B: FRAEDGE1505 Ref C: 2024-12-16T14:08:26Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYpY7bVVvcr8LgaZYgE8Q==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1734358106070&url=https%3A%2F%2Fwww.kroll.com%2Fen%2Fcontactus%3Futm_campaign%3DPAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC%26amp%3But...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1734358106070&url=https%3A%2F%2Fwww.kroll.com%2Fen%2Fcontactus%3Futm_campaign%3DPAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC%26amp%3Bu...

0
265 B

222ms
197ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1734358106070&url=https%3A%2F%2Fwww.kroll.com%2Fen%2Fcontactus%3Futm_campaign%3DPAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DEloqua%26amp%3BelqTrackId%3Dd54cef315d1f43c082909912dd467f10%26amp%3Belq%3D9d313246491d47bdb39ed28d3b0b21ae%26amp%3Belqaid%3D16859%26amp%3Belqat%3D1%26amp%3BelqCampaignId%3D5834%26amp%3Belqcst%3D272%26amp%3Belqcsid%3D423%26amp%3Belqak%3D8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0&tm=gtmv2&e_ipv6=AQIpUpG6e50qpAAAAZPPzICZbdq5Ygkz0foiCnG_S-4qVOEdV7bBC511aLn9z4HrQUhJgaGw
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/contactus?utm_campaign=PAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC&utm_medium=email&utm_source=Eloqua&elqTrackId=d54cef315d1f43c082909912dd467f10&elq=9d313246491d47bdb39ed28d3b0b21ae&elqaid=16859&elqat=1&elqCampaignId=5834&elqcst=272&elqcsid=423&elqak=8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 1D444EA0D75C48E390C33B0D40D81396 Ref B: FRAEDGE1411 Ref C: 2024-12-16T14:08:26Z
x-li-fabric: prod-lor1
x-li-uuid: AAYpY7bZbPipWcc3wAgo+Q==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1734358106070&url=https%3A%2F%2Fwww.kroll.com%2Fen%2Fcontactus%3Futm_campaign%3DPAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DEloqua%26amp%3BelqTrackId%3Dd54cef315d1f43c082909912dd467f10%26amp%3Belq%3D9d313246491d47bdb39ed28d3b0b21ae%26amp%3Belqaid%3D16859%26amp%3Belqat%3D1%26amp%3BelqCampaignId%3D5834%26amp%3Belqcst%3D272%26amp%3Belqcsid%3D423%26amp%3Belqak%3D8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0&tm=gtmv2&e_ipv6=AQIpUpG6e50qpAAAAZPPzICZbdq5Ygkz0foiCnG_S-4qVOEdV7bBC511aLn9z4HrQUhJgaGw
x-msedge-ref: Ref A: B8E6BC4DAB5E4350ADE6A5037119E870 Ref B: FRAEDGE1907 Ref C: 2024-12-16T14:08:26Z
x-li-fabric: prod-lor1
x-li-uuid: AAYpY7bWHZN4ni3XVU4NCw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 16 Dec 2024 14:08:26 GMT

GET
H2 200 4faea7a56df9c715.css Show response
www.kroll.com/_next/static/css/ 29 KB
0 17ms
17ms Fetch
text/css 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kroll.com/_next/static/css/4faea7a56df9c715.css
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11f3d85595702fd77aeb8063e61c2fb43582a254f27e280cab4bbf2f7396c202

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"73e0-190ee6b1775"
age: 7550012
cf-ray: 8f2f3ece788cdca2-FRA
request-context: appId=cid-v1:
date: Mon, 16 Dec 2024 14:08:25 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 26 Jul 2024 09:41:54 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 25ms
9ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1043474835687043&ev=PageView&dl=https%3A%2F%2Fwww.kroll.com&rl=&if=false&ts=1734358106127&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1734358106120.283957255815721039&pm=1&hrl=0dda03&ler=empty&cdl=API_unavailable&it=1734358106055&coo=false&cs_cc=1&cas=2294165197339826&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4551, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 165ms
149ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1043474835687043&ev=PageView&dl=https%3A%2F%2Fwww.kroll.com&rl=&if=false&ts=1734358106127&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1734358106120.283957255815721039&pm=1&hrl=0dda03&ler=empty&cdl=API_unavailable&it=1734358106055&coo=false&cs_cc=1&cas=2294165197339826&rqm=FGET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449011345662230753"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 5dz6dchfhiaZ/ncDZB0IRQ40Ckxq/4nLfHq5CbBFzJ48XGXp0CUJJ4arNd6G07mSY148jGe0lDAwP1TIDIHXUA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449011345662230753", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4919, tp=13, tpl=0, uplat=140, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 56180571.js Show response
bat.bing.com/p/action/ 362 B
422 B 34ms
30ms Script
application/javascript 2620:1ec:33:3::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56180571.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1fc671898ad010ba690b89d83f8c813088990a6018b21818096387fe4a2c8e67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5B7BC86095BB4A9E86A204D8DA490847 Ref B: LON212050704039 Ref C: 2024-12-16T14:08:26Z
x-cache: CONFIG_NOCACHE
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

POST
H2 204 0
bat.bing.net/actionp/ 0
117 B 98ms
61ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=56180571&tm=gtm002&Ver=2&mid=8c677121-4e1e-42ca-8948-f155815449ff&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 15711428FB1C421EA520D7A1EC605E22 Ref B: FRAEDGE2018 Ref C: 2024-12-16T14:08:26Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 16 Dec 2024 14:08:25 GMT

GET
H2 204 0
bat.bing.net/action/ 0
343 B 96ms
61ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=56180571&tm=gtm002&Ver=2&mid=8c677121-4e1e-42ca-8948-f155815449ff&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Contact%20Us%20%7C%20Kroll&p=https%3A%2F%2Fwww.kroll.com%2Fen%2Fcontactus%3Futm_campaign%3DPAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DEloqua%26amp%3BelqTrackId%3Dd54cef315d1f43c082909912dd467f10%26amp%3Belq%3D9d313246491d47bdb39ed28d3b0b21ae%26amp%3Belqaid%3D16859%26amp%3Belqat%3D1%26amp%3BelqCampaignId%3D5834%26amp%3Belqcst%3D272%26amp%3Belqcsid%3D423%26amp%3Belqak%3D8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0&r=&lt=1077&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=499853
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en/contactus?utm_campaign=PAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC&utm_medium=email&utm_source=Eloqua&elqTrackId=d54cef315d1f43c082909912dd467f10&elq=9d313246491d47bdb39ed28d3b0b21ae&elqaid=16859&elqat=1&elqCampaignId=5834&elqcst=272&elqcsid=423&elqak=8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F5E40707E6D540F79AB1671280DB2869 Ref B: FRAEDGE2018 Ref C: 2024-12-16T14:08:26Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 16 Dec 2024 14:08:25 GMT

GET
H2 200 favicon.png
www.kroll.com/ 22 KB
22 KB 163ms
161ms Other
image/png 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/favicon.png?mw=32&mh=32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc9afb080826c41e45a20d57ae8e4852ada3895441ddbb93a2cf2222aea007b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

cf-cache-status: MISS
etag: W/"586e-18ccf9c180f"
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: image/png
last-modified: Wed, 03 Jan 2024 13:56:02 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
cache-control: public, max-age=0
referrer-policy: strict-origin
request-context: appId=cid-v1:
cf-ray: 8f2f3ed62d88dca2-FRA
permissions-policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
accept-ranges: bytes
content-length: 22638
server: cloudflare

GET
H2 200 db.js Show response
www.kroll.com/ 10 KB
3 KB 176ms
175ms Script
application/javascript 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/db.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69ea2cf5decd69fee9230fb040971b61d5b2ccd2b6e264e2088e4f04ec8786c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"2958-190ee6b17a4"
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 26 Jul 2024 09:41:54 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
cache-control: public, max-age=0
referrer-policy: strict-origin
cf-ray: 8f2f3ed62d89dca2-FRA
permissions-policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
request-context: appId=cid-v1:
server: cloudflare

GET
H2 200 scroll.js Show response
www.kroll.com/ 3 KB
1 KB 193ms
191ms Script
application/javascript 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/scroll.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57adeb2bd8e2fa22e037a2a2f6d09b25b577d0b7e06fef73aeb320dc2d3a9be2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"a21-193bf6c1108"
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 13 Dec 2024 09:49:10 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
cache-control: public, max-age=0
referrer-policy: strict-origin
cf-ray: 8f2f3ed62d8adca2-FRA
permissions-policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
request-context: appId=cid-v1:
server: cloudflare

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/ 9 KB
3 KB 47ms
28ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/OtAutoBlock.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

284a78fd00332df534a9af9e6267e0991ade57811e3fd3fcd56355875755d6f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-md5: w2F/0UYptTe9Ze4bXpAz7Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DD0D6BBB0900D1
age: 69150
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Tue, 17 Dec 2024 14:08:26 GMT
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 16:10:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 09d144e1-401e-00c7-4654-3fef4b000000
cf-ray: 8f2f3ed64e644d91-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2666
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 40ms
22ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/chunks/main-bff998b1b6a9dce5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-md5: UzmBk0Ra4K9he+CwjGKb/g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD1BF06242194D
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 27238
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/javascript
last-modified: Sat, 14 Dec 2024 03:35:41 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8f37caf0-301e-00c3-53d9-4d1ac9000000
cf-ray: 8f2f3ed64e654d91-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7211
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 db8fa0ce-73a5-4e3f-9b55-60b230386b60.json Show response
cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/ 5 KB
2 KB 40ms
24ms XHR
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/db8fa0ce-73a5-4e3f-9b55-60b230386b60.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93c1e9d2c070fc5ff1ee543f6025e4de64e8c779016d4e941595cae8e336bb29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-md5: aeTwGQYFJxcAkKHUTul2pA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DD0D6BBC5AE24B
age: 62292
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Tue, 17 Dec 2024 14:08:26 GMT
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/json
last-modified: Mon, 25 Nov 2024 16:10:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: af6a7894-901e-00ec-3d54-3f9bf3000000
cf-ray: 8f2f3ed69a1adcca-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1688
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 57ms
27ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.kroll.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8f2f3ed6eaf9d274-FRA
access-control-allow-origin: *
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 collect
www.google-analytics.com/ 35 B
407 B 36ms
36ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1755127715&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kroll.com%2Fen%2Fcontactus%3Futm_campaign%3DPAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DEloqua%26amp%3BelqTrackId%3Dd54cef315d1f43c082909912dd467f10%26amp%3Belq%3D9d313246491d47bdb39ed28d3b0b21ae%26amp%3Belqaid%3D16859%26amp%3Belqat%3D1%26amp%3BelqCampaignId%3D5834%26amp%3Belqcst%3D272%26amp%3Belqcsid%3D423%26amp%3Belqak%3D8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0&ul=de-de&de=UTF-8&dt=Contact%20Us%20%7C%20Kroll&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGAACAABFAAAAAAEKk~&cid=1187685097.1734358107&tid=UA-7299730-1&_gid=2085796531.1734358107&gtm=45He4cc1n81PWHXW75v79996530za200&cd5=1734358105956.1kiigvw&cd6=2024-12-16%20Time%3A%2015%3A08%3A25.956%20%2B01%3A00&cd8=&cd9=GTM-PWHXW75%3B%20version%20ID%3A%20307&gcs=G100&gcd=13p3p3p2p5l1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cd4=1187685097.1734358107&cd7=pageview&npa=1&z=1707902701

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

age: 31715
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 05:19:51 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

POST
H3 200 collect
pagead2.googlesyndication.com/ccm/ 0
0 115ms
43ms Ping
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.kroll.com%2Fen%2Fcontactus&scrsrc=www.googletagmanager.com&frm=0&rnd=782463081.1734358107&navt=n&npa=1&gtm=45He4cc1v79996530za200&gcs=G100&gcd=13p3p3p2p5l1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734358106694&tfd=2076&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 61ms
19ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S0E5692XKD&gtm=45je4cc1v882864807z879996530za200zb79996530&_p=1734358105394&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&gdid=dYWJhMj&cid=1187685097.1734358107&ecid=992940656&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_s=1&sid=1734358106&sct=1&seg=0&dl=https%3A%2F%2Fwww.kroll.com%2Fen%2Fcontactus%3Futm_campaign%3DPAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DEloqua%26amp%3BelqTrackId%3Dd54cef315d1f43c082909912dd467f10%26amp%3Belq%3D9d313246491d47bdb39ed28d3b0b21ae%26amp%3Belqaid%3D16859%26amp%3Belqat%3D1%26amp%3BelqCampaignId%3D5834%26amp%3Belqcst%3D272%26amp%3Belqcsid%3D423%26amp%3Belqak%3D8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0&dt=Contact%20Us%20%7C%20Kroll&en=page_view&_fv=1&_ss=1&ep.tag_name=GA4%20-%20Configuration&ep.gtm_container_and_version_id=GTM-PWHXW75%3B%20Version%20ID%3A%20307&ep.hit_timestamp=2024-12-16%20Time%3A%2015%3A08%3A25.930%20%2B01%3A00&tfd=2084
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S0E5692XKD&l=dataLayer&cx=c&gtm=45He4cc1v79996530za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.kroll.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 4D07 0
0 112ms
36ms Document
text/html 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.kroll.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 332292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Dec 2024 17:50:14 GMT
expires: Fri, 12 Dec 2025 17:50:14 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/ 452 KB
110 KB 20ms
20ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb60550070f9a5ce5d91b9cb0d34ee6777a3dcb25de950cb185d1c2b624b2590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-md5: btqcTGGxKzfJ1KoWzOA9vQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD61B7AC59A0
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 33682
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/javascript
last-modified: Thu, 15 Aug 2024 19:37:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 4ef0021c-901e-0046-363a-414d1c000000
cf-ray: 8f2f3ed72efa4d91-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112185
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/019363ff-0cfb-7b09-88be-7626e4fb8db2/ 80 KB
18 KB 24ms
24ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/019363ff-0cfb-7b09-88be-7626e4fb8db2/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ea0730e49c32b34cc4fc424b53e7faa7980c5f9c072841d7ab148d390245a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-md5: zHSWaEM62j5DqFNpNtCrwg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DD0D6BBF2B7669
age: 62292
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Tue, 17 Dec 2024 14:08:26 GMT
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/json
last-modified: Mon, 25 Nov 2024 16:10:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: f056de63-801e-0052-6e54-3f8e78000000
cf-ray: 8f2f3ed76cd6dcca-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17990
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/assets/ 13 KB
3 KB 24ms
22ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-md5: HFRQn1JrLTlh4Ku3smscgQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD61B424DE74
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 9977
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/json
last-modified: Thu, 15 Aug 2024 19:37:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 692201ee-601e-009f-2b86-efeb30000000
cf-ray: 8f2f3ed7ad78dcca-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3003
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/assets/v2/ 64 KB
14 KB 21ms
19ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b0dc3066786d9507f347b076d34abc4c6f92f32ba5ff9d61d109c6b2b9b2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-md5: 0WEns1VhhjsKyxUPxJ5WYw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD61B59DF04C
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 81882
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: application/json
last-modified: Thu, 15 Aug 2024 19:37:33 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 5772f00c-101e-0031-48fc-f2c85d000000
cf-ray: 8f2f3ed7ad79dcca-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13789
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/assets/ 24 KB
4 KB 17ms
17ms Fetch
text/css 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 86347
content-encoding: gzip
x-content-type-options: nosniff
cf-polished: origSize=24745
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: text/css
last-modified: Thu, 15 Aug 2024 19:37:41 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8c783790-401e-0029-6465-efe5c8000000
cf-ray: 8f2f3ed7ad7bdcca-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_close
learn.kroll.com/-/media/kroll-images/aboutus/images/ 854 B
859 B 71ms
57ms Image
image/svg+xml 2606:4700:4400::ac40:9077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://learn.kroll.com/-/media/kroll-images/aboutus/images/ot_close

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/_next/static/css/c2e846f2621419d8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9077 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88158137f0bd3e348d6d208070e5b0176fb2e06f53847dbf849ae86632444dd0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 220345
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: image/svg+xml
last-modified: Wed, 28 Feb 2024 11:25:18 GMT
vary: Accept-Encoding
content-disposition: inline; filename="ot_close.svg"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self' https://duffandphelps.360learning.com
cache-control: public, max-age=604800,public
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
referrer-policy: same-origin
request-context: appId=cid-v1:3dfd2907-6c9e-41e0-a442-0b72cda5bba8
permissions-policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
cf-ray: 8f2f3ed7f9c1dca2-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
495 B 17ms
17ms Fetch
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 77126
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: image/svg+xml
last-modified: Sat, 14 Dec 2024 03:35:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 4cf348c6-601e-00f9-4e5f-4e596a000000
cf-ray: 8f2f3ed7fe39dcca-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 Kroll.png
cdn.cookielaw.org/logos/0453826c-66bd-4b22-8370-04eafb384ea3/db8fa0ce-73a5-4e3f-9b55-60b230386b60/cfc094b9-8d06-43f4-ba32-1d34cd6a668d/ 12 KB
12 KB 20ms
20ms Image
image/png 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/0453826c-66bd-4b22-8370-04eafb384ea3/db8fa0ce-73a5-4e3f-9b55-60b230386b60/cfc094b9-8d06-43f4-ba32-1d34cd6a668d/Kroll.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74bfd6cab6c8204b1b9a82df0724714101b96af65bc74df3ed192c10471e3323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-md5: /pX6N7rNfVMyKKEcFftBrQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D9DF36377B5B26
age: 2718
cf-cache-status: HIT
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: image/png
last-modified: Mon, 24 Jan 2022 12:37:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: fbbd6a9f-101e-0041-749a-226167000000
cf-ray: 8f2f3ed7ffa54d91-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12029
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 18ms
18ms Image
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kroll.com/

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 31837
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:08:26 GMT
content-type: image/svg+xml
last-modified: Sat, 14 Dec 2024 03:35:43 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 769832aa-201e-0093-5824-4e05c1000000
cf-ray: 8f2f3ed7ffa74d91-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.kroll.com/en	1970-01-21 10:31:34	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Dec+16+2024+15%3A08%3A26+GMT%2B0100+(Mitteleurop%C3%A4ische+Normalzeit)&version=202407.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=4a502238-7944-4fad-89b6-f1bfe8037e9a&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.kroll.com%2Fen%2Fcontactus%3Futm_campaign%3DPAN_CYB_2401_THE_KROLL_CYBER_NEWSLETTER_DEC%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DEloqua%26amp%3BelqTrackId%3Dd54cef315d1f43c082909912dd467f10%26amp%3Belq%3D9d313246491d47bdb39ed28d3b0b21ae%26amp%3Belqaid%3D16859%26amp%3Belqat%3D1%26amp%3BelqCampaignId%3D5834%26amp%3Belqcst%3D272%26amp%3Belqcsid%3D423%26amp%3Belqak%3D8AF56CD9339595099F4C5648D0C33A1B3D17037E46B62B77DF2DF9CAEA6062F5D1F0&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
www.kroll.com/	1969-12-31 23:59:59	Name: sc_site Value: kroll
www.kroll.com/	1969-12-31 23:59:59	Name: kroll#lang Value: en
.www.kroll.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 224790e11ccad0c1475003f020197e715956166454c09d097e709fb76fdb8a84
.www.kroll.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 224790e11ccad0c1475003f020197e715956166454c09d097e709fb76fdb8a84
.kroll.com/	1970-01-21 01:45:59	Name: __cf_bm Value: ayXOhpgjUQeXH9ipfe8P0oQrf3CxiDaQaaqcYiKGmWU-1734358105-1.0.1.1-N56ECMeXkrz_Zi9LqVySCF12pfCze8RkqLtUTPYhZ7GVFnUEXpd6c6EJUvUrLx3MdyIIU5Tm1ptHdPu6CdxVQw
.kroll.com/	1970-01-21 03:55:34	Name: _fbp Value: fb.1.1734358106120.283957255815721039
.linkedin.com/	1970-01-21 01:47:24	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3433:u=1:x=1:i=1734358106:t=1734444506:v=2:sig=AQFCI6uRPf-f2TBy8omaZ4gFOgvbKGOY"
.linkedin.com/	1970-01-21 10:31:34	Name: bcookie Value: "v=2&42d867ac-00a7-448d-81f6-c17a3878747c"
.linkedin.com/	1970-01-21 06:05:10	Name: li_gc Value: MTswOzE3MzQzNTgxMDY7MjswMjFEgqjned4o2zc5wXYeIA4NTWOJp/jJSDERPqgDCF7S4A==
www.kroll.com/	1970-01-21 11:07:34	Name: hasNoConsentForAnalytics Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
bat.bing.net
cdn.cookielaw.org
challenges.cloudflare.com
code.jquery.com
connect.facebook.net
geolocation.onetrust.com
learn.kroll.com
media-cdn.kroll.com
p.typekit.net
pagead2.googlesyndication.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
snap.licdn.com
unpkg.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.kroll.com
104.18.94.41
104.18.95.41
13.107.42.14
142.250.184.226
157.240.0.35
157.240.253.1
2001:4860:4802:32::36
2606:4700:4400::6812:2089
2606:4700:4400::ac40:9077
2606:4700::6811:f9cb
2606:4700::6812:572a
2620:1ec:21::14
2620:1ec:33:3::10
2620:1ec:c11::237
2a00:1450:4001:810::2008
2a00:1450:4001:827::200e
2a02:26f0:280:13::213:b73
2a02:26f0:780::210:a419
2a02:26f0:780::210:a45b
2a04:4e42:400::649
0aaa817ba4763ed01b1cab3f64ad7f8d440d264fdf6de4fa9dad1687d89346d3
108f822bf7960469b476fb3790e46b3777c89908358f2d294eb4772b367cce1a
11f3d85595702fd77aeb8063e61c2fb43582a254f27e280cab4bbf2f7396c202
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1fc671898ad010ba690b89d83f8c813088990a6018b21818096387fe4a2c8e67
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
284a78fd00332df534a9af9e6267e0991ade57811e3fd3fcd56355875755d6f9
2cb43fcb2a053b758441c8dac6d1738dd6d9fee19b7530fd7c21a14b7bf21832
2de034672ea0432edf7f12a2d698c8c3f4d764d18922e5013cf3056d9b61103d
308a9c476c3561fadda0e17654698bd328ee9f4cd743f6a714a784e217ec0b7b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4545672f64d3c96a1cfd8b95f2f190b6f5ff9617f682fb2ae71b77c07a737ffd
46b0dc3066786d9507f347b076d34abc4c6f92f32ba5ff9d61d109c6b2b9b2d2
47bbe04bc037b59eed1c4ed0957263ae563750676dafabe84e68e00b1064472e
4abbd110d8f49d8cc9288968d1597dd1db9b6b77625c8ce03bf396b7af7cbda1
4d612da165bfae98c86fde27c80b48ee65eabc425f8d2c916f6dca0e09fe02b3
4ea0730e49c32b34cc4fc424b53e7faa7980c5f9c072841d7ab148d390245a9c
4f01f775c3514e2743e7496b786d241e3687bb6b2556698663cf0158e8eb1ccb
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
57adeb2bd8e2fa22e037a2a2f6d09b25b577d0b7e06fef73aeb320dc2d3a9be2
59a9b4eb9429e391a51e7264384a2fb6799952714cd2340c080fbadaf9861c92
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69ea2cf5decd69fee9230fb040971b61d5b2ccd2b6e264e2088e4f04ec8786c0
6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6
6fd8322f5c526793a2d09c67de160ce0cf14752efd8c8bf12e05ecf0f7585171
74bfd6cab6c8204b1b9a82df0724714101b96af65bc74df3ed192c10471e3323
7f0113ec130a3eeaa0bbed2b5f81b1238ed5cca880bdc2a7b3e4509fc44931e7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88158137f0bd3e348d6d208070e5b0176fb2e06f53847dbf849ae86632444dd0
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
93c1e9d2c070fc5ff1ee543f6025e4de64e8c779016d4e941595cae8e336bb29
99cbdade95a82cbd3df64bc9f3cb474548e8f457365dd9f2b8bfa8e1ade35568
9e9dddedc7603210ab47959449ab07291a9032faa84a98940207aa2db0ace94a
a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ab41a32c3f45a096440dc3b3d87777d584d883eaace9d2248d83fa8b8806cd8f
b434ea4d6c04b6e6e1c9207f2424eb2f8b035e0fde27fdbab5d08fb8bb9ef7e8
bb60550070f9a5ce5d91b9cb0d34ee6777a3dcb25de950cb185d1c2b624b2590
bbc9afb080826c41e45a20d57ae8e4852ada3895441ddbb93a2cf2222aea007b
c57865ec6a6956797b18dc7d23a3ade16e7ced5271f4dc0796b2ed0a10f934dc
d15c48611b9c47c0e2f62ccde572a3925911ee9bbbbd47a2f686d294594d07fb
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea91713e3c5fce65c2d418ce476563bee6e0d02b530ecdc1a5276258d4b1055c
ec39dd6552da15a8904979103c9936f7cca5ea14cc7174df537364f2234644ee
ef4dfeb8629df21ab8939a77ed8c83a0cd69142b66e3bf2d94f1c1284092c40d
f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

www.kroll.com Open in urlscan Pro 2606:4700:4400::ac40:9077 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

96 %HTTPS

70 %IPv6

16 Domains

21 Subdomains

20 IPs

3 Countries

1534 kBTransfer

6136 kBSize

11 Cookies

9 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kroll.com Open in urlscan Pro
2606:4700:4400::ac40:9077 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

96 %
HTTPS

70 %
IPv6

16
Domains

21
Subdomains

20
IPs

3
Countries

1534 kB
Transfer

6136 kB
Size

11
Cookies

71 HTTP transactions
0 data transactions