www.kroll.com Open in urlscan Pro
2606:4700::6812:1243 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kroll.com/
Effective URL:
https://www.kroll.com/en
Submission: On July 17 via api (July 17th 2023, 1:45:00 pm UTC) from US — Scanned from US

Summary HTTP 100 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 31 IPs in 2 countries across 27 domains to perform 100 HTTP transactions. The main IP is 2606:4700::6812:1243, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kroll.com. The Cisco Umbrella rank of the primary domain is 326152.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 3rd 2023. Valid for: a year.

This is the only time www.kroll.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 32	2606:4700::68... 2606:4700::6812:1243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2600:141b:13:... 2600:141b:13::17d7:82ab	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
12	2606:4700::68... 2606:4700::6812:aa72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e6:... 2606:4700:e6::ac40:c726	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:141b:13:... 2600:141b:13::17d7:82a3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:402... 2607:f8b0:4020:804::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4020:806::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21b... 2600:9000:21b8:5400:1e:d7b:ca80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1c26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.237.62.211 104.237.62.211	18450 (WEBNX) (WEBNX)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
5	2607:f8b0:402... 2607:f8b0:4020:805::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	99.84.160.83 99.84.160.83	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:21b... 2600:9000:21b8:1a00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	99.84.160.67 99.84.160.67	16509 (AMAZON-02) (AMAZON-02)
1	99.84.160.58 99.84.160.58	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20e9:9600:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2600:1f18:612... 2600:1f18:612b:4216:fca7:6f27:4f1c:9be8	14618 (AMAZON-AES) (AMAZON-AES)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
100	31

32 2606:4700::6812:1243 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

kroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.kroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:141b:13::17d7:82ab (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7aaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:c726 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82a3 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21b8:5400:1e:d7b:ca80:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.searchstax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1c26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.237.62.211 (El Segundo, United States)

ASN18450 (WEBNX, US)
PTR: hosted-by.racknerd.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.160.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-160-83.ord52.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21b8:1a00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.160.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-160-67.ord52.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.160.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-160-58.ord52.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e9:9600:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:fca7:6f27:4f1c:9be8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	kroll.com 2 redirects kroll.com — Cisco Umbrella Rank: 119733 www.kroll.com — Cisco Umbrella Rank: 326152	2 MB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 407	165 KB
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 614 p.typekit.net — Cisco Umbrella Rank: 795	133 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 544 px4.ads.linkedin.com — Cisco Umbrella Rank: 6544	5 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 235 www.google.com — Cisco Umbrella Rank: 10	864 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	301 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1037	8 KB
3	company-target.com s.company-target.com — Cisco Umbrella Rank: 1995 segments.company-target.com — Cisco Umbrella Rank: 1827 api.company-target.com — Cisco Umbrella Rank: 3913	2 KB
3	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031	1 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 390	13 KB
3	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 10642	7 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	2 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 717	775 B
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 4924 tag-logger.demandbase.com — Cisco Umbrella Rank: 4700	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	67 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	6 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	65 KB
2	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 6166	166 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	31 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 374	764 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1248	393 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	186 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2382	222 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 678	306 B
1	searchstax.com static.searchstax.com — Cisco Umbrella Rank: 50191	3 KB
100	27

	Domain	Requested by
31	www.kroll.com	1 redirects www.kroll.com cdnjs.cloudflare.com
12	cdn.cookielaw.org	www.kroll.com cdn.cookielaw.org
7	use.typekit.net	www.kroll.com use.typekit.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.kroll.com
4	www.googletagmanager.com	www.kroll.com www.googletagmanager.com cdnjs.cloudflare.com
4	unpkg.com	2 redirects www.kroll.com
3	px.ads.linkedin.com	3 redirects
3	cdn.linkedin.oribi.io	snap.licdn.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.kroll.com
3	api.fouanalytics.com	www.kroll.com api.fouanalytics.com
2	dsum-sec.casalemedia.com	1 redirects s.company-target.com
2	id.rlcdn.com	2 redirects
2	www.google.com	www.kroll.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	www.kroll.com connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.youtube.com	cdnjs.cloudflare.com www.youtube.com
2	vjs.zencdn.net	www.kroll.com
2	cdnjs.cloudflare.com	www.kroll.com
1	pixel.rubiconproject.com	s.company-target.com
1	partners.tremorhub.com	s.company-target.com
1	tag-logger.demandbase.com	tag.demandbase.com
1	api.company-target.com	tag.demandbase.com
1	segments.company-target.com	www.kroll.com
1	s.company-target.com	tag.demandbase.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.facebook.com	www.kroll.com
1	px4.ads.linkedin.com	www.kroll.com
1	www.linkedin.com	1 redirects
1	tag.demandbase.com	www.kroll.com
1	api.ipify.org	cdnjs.cloudflare.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	static.searchstax.com	www.kroll.com
1	p.typekit.net	use.typekit.net
1	kroll.com	1 redirects
100	36

This site contains links to these domains. Also see Links.

Domain
careers.kroll.com
br.linkedin.com
www.linkedin.com
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
www.onetrust.com

Subject Issuer	Validity	Valid
kroll.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-03` - `2024-07-04`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
searchstax.com Sectigo RSA Organization Validation Secure Server CA	`2022-10-26` - `2023-11-26`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-25` - `2023-07-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.company-target.com R3	`2023-06-18` - `2023-09-16`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.kroll.com/en
Frame ID: D56C333B2500A4C7A9935ABD42831BDC
Requests: 96 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 39F8A678D8AC62AD8B82916B590092C9
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kroll | Risk and Financial Advisory SolutionsArrow LeftArrow RightCalendar (Dark)CloseSend MessageDownload vCardGoogle PodcastAmazon MusicApple PodcastSpotifyStitcheriHeartRadioRSS FeedFacebookWeChatFilterLinkedinDuff And Phelps, A Kroll BussinessDuff And Phelps, A Kroll BussinessKrollMy accountKrollKrollKrollPhonePlayPrintSub-servicesTickTwitterPlay AudioYoutubePagemill Partners, A Kroll BussinessPagemill Partners, A Kroll BussinessPrime Clerk, A Kroll BussinessPrime Clerk, A Kroll BussinessKroll Business ServicesKroll Business ServicesKroll lensInstagramOur CapabilitiesPhoneContactKrollKrollKrollKrollContactPhoneSearchSearchGlobalGlobalPhonePhonePhonePhonePhonePhonePhoneOnline EventOnline EventOnline EventOnline EventKrollLinkedInTwitterFacebookInstagramYouTubeGlobalGlobalGlobalBack ButtonFilter Button

Page URL History Show full URLs

https://kroll.com/ HTTP 301
https://www.kroll.com/ HTTP 302
https://www.kroll.com/en Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

100
Requests

95 %
HTTPS

73 %
IPv6

27
Domains

36
Subdomains

31
IPs

2
Countries

2716 kB
Transfer

6365 kB
Size

40
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://careers.kroll.com/
Title: CAREERS

Search URL Search Domain Scan URL

URL: https://careers.kroll.com/culture
Title: Why Kroll?

Search URL Search Domain Scan URL

URL: https://careers.kroll.com/testimonials
Title: Testimonials

Search URL Search Domain Scan URL

URL: https://careers.kroll.com/campus
Title: Students

Search URL Search Domain Scan URL

URL: https://br.linkedin.com/in/fernanda-barroso-carneiro-5184b115
Title: Fernanda Barroso

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/robertbartell/
Title: Robert Bartell

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/giles-derry-0a761/
Title: Giles Derry

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/michael-dolan-03788a1
Title: Michael Dolan

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/srividya-gopal-cva-mrics-ceiv-546856/
Title: Srividya Gopal

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/jason-smolanoff-123b6837
Title: Jason N Smolanoff

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/jessica-stamelman
Title: Jessica Stamelman

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/kroll/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/KrollWire
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wearekroll
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wearekroll
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/kroll
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kroll.com/ HTTP 301
https://www.kroll.com/ HTTP 302
https://www.kroll.com/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@10.0.4/swiper-bundle.min.css

Request Chain 51

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@3.4.0/dist/web-vitals.iife.js

Request Chain 79

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1689601493747&url=https%3A%2F%2Fwww.kroll.com%2Fen HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1689601493747&url=https%3A%2F%2Fwww.kroll.com%2Fen&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D654419%26time%3D1689601493747%26url%3Dhttps%253A%252F%252Fwww.kroll.com%252Fen%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1689601493747&url=https%3A%2F%2Fwww.kroll.com%2Fen&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1689601493747&url=https%3A%2F%2Fwww.kroll.com%2Fen&cookiesTest=true&liSync=true&e_ipv6=AQJ30HeNu6DnfwAAAYlkGMyX3rX4L-aooPexL-nBWJkyG69wEFtQOfdYKQcUWcbYhX5Zzw

Request Chain 86

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCNaL1aUGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297bV6m10M6M4_ga4XDKCsVOW2KRg8DJfBbIQFxwi2Hj20

Request Chain 91

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705499094&external_user_id=9bd391eb-b0eb-469b-ac4c-00cfe12e4cfe HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705499094&external_user_id=9bd391eb-b0eb-469b-ac4c-00cfe12e4cfe&C=1

100 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request en Show response
www.kroll.com/
Redirect Chain

https://kroll.com/
https://www.kroll.com/
https://www.kroll.com/en

451 KB
69 KB

392ms
391ms

Document
text/html

2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a06178107bf97df16eab208a794a227d593caffd976ce2f7c90ec85579525855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-Ray: 7e82ec083f1009b2-MIA
Cache-Control: no-cache, no-store,public
Connection: keep-alive
Content-Encoding: br
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Content-Type: text/html; charset=utf-8
Date: Mon, 17 Jul 2023 13:44:51 GMT
Expires: -1
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Pragma: no-cache
Referrer-Policy: strict-origin
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-Ray: 7e82ec069d8a09b2-MIA
Cache-Control: public
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Date: Mon, 17 Jul 2023 13:44:51 GMT
Location: /en
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Referrer-Policy: strict-origin
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-SFUM-Redirect: true
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 304ms
36ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.kroll.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 453101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNifXhRvDr4n2u6b3stFNaIDd51umSGYaL9lCFkQjBnlT98M6O0ZNTL%2BnCwcFCvQDW45XsOFonlIsw90ka3%2BkZpIvBPV4B7n7xkJ5exIn0cyp3cnjhn61Si%2Bqanvkl2vj4rv2BCi6qMvi37IEJdZoMVu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e82ec0c5ebb333d-MIA
expires: Sat, 06 Jul 2024 13:44:51 GMT

GET
H/1.1 200
OK main.css
www.kroll.com/assets/css/ 521 KB
81 KB 205ms
135ms Stylesheet
text/css 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/assets/css/main.css?130720230918pm

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff3bd68fac5de3a6dcba74d488725d38bf328bb25234c3182949add82214eb85

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:51 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Content-Encoding: br
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 350879
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Thu, 13 Jul 2023 12:07:46 GMT
Server: cloudflare
ETag: W/"09573a282b5d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: public,max-age=31536000,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 7e82ec0b2cac25a3-MIA

GET
H2 200 pmd7cky.css
use.typekit.net/ 7 KB
1 KB 342ms
75ms Stylesheet
text/css 2600:141b:13::17d7:82ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/pmd7cky.css

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:82ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

dc7e603e4934e82bfb83acf5e448dbbe8e91326cfaaeab3b47e11ff2f0078d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 17 Jul 2023 13:44:51 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 968

GET
H/1.1 200
OK main-new.js Show response
www.kroll.com/assets/js/ 461 KB
114 KB 118ms
117ms Script
application/x-javascript 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/assets/js/main-new.js?040720230407pm1

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dca3221674b09fc5cb87dc0ef816d6b3b692d69a1fd9d952c8a277eb318a7088

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Content-Encoding: br
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 860100
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Fri, 07 Jul 2023 14:44:58 GMT
Server: cloudflare
ETag: W/"011e299e1b0d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public,max-age=31536000,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 7e82ec0d98b525a3-MIA

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@10.0.4/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.css
https://unpkg.com/swiper@10.0.4/swiper-bundle.min.css

18 KB
5 KB

46ms
45ms

Stylesheet
text/css

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@10.0.4/swiper-bundle.min.css

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22ca5f8cf6163044273a874e9e5b232fbc9e299b6e034aa5d5d8492d79f6bf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:51 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 797494
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H4T8ZWGNBE1HT6ZR3Y4K25Y6-mia
server: cloudflare
etag: W/"47fd-lFa8Ol5sGpQnRLY/zjs8/EE1yWk"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e82ec0cabd0b3c1-MIA

Redirect headers

date: Mon, 17 Jul 2023 13:44:51 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H5J1GPNTK13PN4D9792PC490-mia
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 26
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@10.0.4/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7e82ec0c5b7ab3c1-MIA

GET
H2 200 video-js.css
vjs.zencdn.net/8.0.4/ 44 KB
11 KB 297ms
30ms Stylesheet
text/css 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/8.0.4/video-js.css
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 61cc855be8d8c7a1f983036ee68a1bd120ae48064ebd4bf2f0ee4dd575e000ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: cache-mia-kmia1760052-MIA
date: Mon, 17 Jul 2023 13:44:51 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 16:06:44 GMT
etag: "dc59cba2ee80e8a1a06a5ddb567278ed"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10820
x-cache-hits: 3

GET
H2 200 video.min.js Show response
vjs.zencdn.net/8.0.4/ 540 KB
156 KB 301ms
35ms Script
text/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/8.0.4/video.min.js
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ebe8dc4b16c090303bd55b9b24c185e8bfee559ce9e21a2a0f7b1f3068287749

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: cache-mia-kmia1760052-MIA
date: Mon, 17 Jul 2023 13:44:51 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 16:06:44 GMT
etag: "5234312d388f7774a7f7aef2918f8d80"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
timing-allow-origin: *
content-length: 159143
x-cache-hits: 1

GET
H2 200 Youtube.min.js Show response
cdnjs.cloudflare.com/ajax/libs/videojs-youtube/3.0.0/ 13 KB
3 KB 314ms
48ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/videojs-youtube/3.0.0/Youtube.min.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f92c103734d0e349e776ee5fc47c61fb21cb735fec2b7344af0cb61cdc418118

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.kroll.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3554594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3240
last-modified: Fri, 17 Mar 2023 23:30:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6414f82f-ca8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgDRR8GwKPCVyUJBVH82u1RRu7yxVGNWmB7%2BAArFaVhf1sULtUHguSBXMax9mZesk4yb2x7FryQ6dl5W8MIhK1gl0Eci8SJVMcFCMPQ0kUBspskONeqj7%2FKZJO7vhfVUBdny6e2UHisAPZGoZXNTeeVw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e82ec0c5ebe333d-MIA
expires: Sat, 06 Jul 2024 13:44:51 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/ 26 KB
5 KB 323ms
57ms Script
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/OtAutoBlock.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f950adf2ecd56fadc5f7b7a00ac999da072fb26a0c9fb911a3f1874a15d8519d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jul 2023 13:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 60309
content-md5: +N77G6X1gGiSUr62zrtExg==
content-length: 5214
x-ms-lease-status: unlocked
last-modified: Tue, 31 Jan 2023 18:08:02 GMT
server: cloudflare
etag: 0x8DB03B618256243
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0faec836-b01e-0022-54e1-5ab6d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e82ec0c5ef00329-MIA
expires: Tue, 18 Jul 2023 13:44:51 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 305ms
39ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jul 2023 13:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ss3gfiwT9vXTSvNlfc+4JQ==
age: 26199
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6820
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jul 2023 02:45:40 GMT
server: cloudflare
etag: 0x8DB834B3F1108FD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1f8a20f3-f01e-00ad-23c2-b5f88c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e82ec0c5ef50329-MIA

GET
H2 200 init-2064lnzuhipo9z2sh857.js Show response
api.fouanalytics.com/api/ 318 B
728 B 424ms
126ms Script
text/javascript 2606:4700:e6::ac40:c726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-2064lnzuhipo9z2sh857.js
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6eca84fd6469e4423d4d079890fac662412d7cad3a4a416079d62d34a7c7580

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 13:44:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egR%2B9n3ePsjCNZweQLxdMy3MuN%2FVFegFYcAxqKKQelz6JddiE0XdZGibdzfmkbB9%2Fr0pLjW2XMsy%2FxvYUWyre3d09igps2ji%2BoGi%2FymIQ6rcIL28wOEUZH3K7TW02%2Bd8AxnEPX068VEZKaeAdREpZE4h5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7e82ec109f7325af-MIA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H/1.1 200
OK fo-ranking-new-1.gif
www.kroll.com/-/media/kroll-images/homepage/ 777 KB
778 KB 111ms
111ms Image
image/gif 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/homepage/fo-ranking-new-1.gif?extension=webp&h=500&w=500&la=en&hash=A2E46B886E8F6E6A77D87218AFDAFC4A

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a44d8378e3f772fd53978dbdbb9c8fb250b73b03d8d2f071bdbee56316c14c22

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 157903
Cf-Polished: status=not_needed
Content-Disposition: inline; filename="fo-ranking-new-1.gif"
Connection: keep-alive
Content-Length: 795526
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 May 2023 03:20:18 GMT
Cf-Bgj: imgq:85,h2pri
Server: cloudflare
ETag: cffc6e5e4255497baad471d447a898e1
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec0f3b4925a3-MIA

GET
H/1.1 200
OK email-decode.min.js Show response
www.kroll.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 37ms
37ms Script
application/javascript 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Jul 2023 16:27:41 GMT
Server: cloudflare
Content-Encoding: gzip
ETag: W/"64ad82fd-4d7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
Connection: keep-alive
CF-RAY: 7e82ec0d585825a3-MIA
Expires: Wed, 19 Jul 2023 13:44:52 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
153 B 321ms
74ms Stylesheet
text/css 2600:141b:13::17d7:82a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=pmd7cky&ht=tk&f=28901.40484.40485.40486.40487.40488.40490.40492.40494&a=91935826&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/pmd7cky.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:52 GMT
last-modified: Thu, 09 Mar 2023 17:19:04 GMT
server: nginx
etag: "640a1508-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 iframe_api Show response
www.youtube.com/ 1006 B
2 KB 294ms
116ms Script
text/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/videojs-youtube/3.0.0/Youtube.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4d97de65cd9e6bf5ee2724452b46b314480d7d6649f53ee771df32271422b86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 17 Jul 2023 13:44:52 GMT

GET
H2 200 db8fa0ce-73a5-4e3f-9b55-60b230386b60.json Show response
cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/ 4 KB
2 KB 125ms
58ms XHR
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/db8fa0ce-73a5-4e3f-9b55-60b230386b60.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8de27b221f876e610d82c3f0cf5f6226c3dedd950099c99d09e46eca3b654bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jul 2023 13:44:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 36354
content-md5: krXmYLxUD+o+5s3yaUOqdA==
content-length: 1579
x-ms-lease-status: unlocked
last-modified: Tue, 31 Jan 2023 18:08:03 GMT
server: cloudflare
etag: 0x8DB03B61861ECF7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5390ae92-e01e-00b9-1ce1-5a3be8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e82ec0fdfc72577-MIA
expires: Tue, 18 Jul 2023 13:44:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 466 KB
109 KB 323ms
145ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a96966887e6fd04a92af3b69a41ed3cceeb8d2c0c28d3db1b13b0edf006bfa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111352
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Jul 2023 13:44:52 GMT

GET
H2 200 studio-analytics.js Show response
static.searchstax.com/studio-js/v3/js/ 9 KB
3 KB 250ms
68ms Script
application/javascript 2600:9000:21b8:5400:1e:d7b:ca80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.searchstax.com/studio-js/v3/js/studio-analytics.js
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21b8:5400:1e:d7b:ca80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ffc1e56f86f5e529cb75ee9449c1d5554da173d868aa742b0ae272c0767cd48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:18:14 GMT
content-encoding: gzip
via: 1.1 a95d0bd9bae1f1eb4c84a6ff2807d02e.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 14:21:53 GMT
server: AmazonS3
x-amz-cf-pop: ORD52-C1
age: 20607
x-amz-server-side-encryption: AES256
etag: W/"9c2fc42cd1a85dced97ebb8abefa52b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: AL7TwZt1jOHQXJZkvC1M8PS3eejsInNOQleoc6EkV320Ry-QBoLeOw==

GET
H/1.1 200
OK bg-img.svg
www.kroll.com/assets/img/ 1 KB
1 KB 124ms
123ms Image
image/svg+xml 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/assets/img/bg-img.svg

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/assets/css/main.css?130720230918pm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8e3d242eebc97800755d84b97981d57e57d9d5f9371ee9ae132d2bd5d3a2230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Content-Encoding: br
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 71039
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Fri, 07 Jul 2023 09:32:14 GMT
Server: cloudflare
ETag: W/"0e3aae9b5b0d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: public,max-age=31536000,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 7e82ec0fdec109b2-MIA

GET
H2 200 l
use.typekit.net/af/42930b/00000000000000007735b8f6/30/ 22 KB
22 KB 276ms
83ms Font
application/font-woff2 2600:141b:13::17d7:82ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/42930b/00000000000000007735b8f6/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/pmd7cky.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d15c48611b9c47c0e2f62ccde572a3925911ee9bbbbd47a2f686d294594d07fb

Request headers

Referer: https://use.typekit.net/pmd7cky.css
Origin: https://www.kroll.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:52 GMT
server: nginx
etag: "eded4f04a82d452a8cbdbd77cbfeb2827dc8164b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22596

GET
H2 200 l
use.typekit.net/af/cc6127/00000000000000007735b904/30/ 22 KB
22 KB 269ms
76ms Font
application/font-woff2 2600:141b:13::17d7:82ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cc6127/00000000000000007735b904/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/pmd7cky.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8b3d63582f102c09b0569a1c48c09cbfdd5379138c2284db554f52a4a005a46f

Request headers

Referer: https://use.typekit.net/pmd7cky.css
Origin: https://www.kroll.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:52 GMT
server: nginx
etag: "a75b36b43118707b7b5c1ffadc4989706090b88e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22608

GET
H2 200 l
use.typekit.net/af/0fa94e/00000000000000007735a098/30/ 20 KB
20 KB 594ms
466ms Font
application/font-woff2 2600:141b:13::17d7:82ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0fa94e/00000000000000007735a098/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/pmd7cky.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4d612da165bfae98c86fde27c80b48ee65eabc425f8d2c916f6dca0e09fe02b3

Request headers

Referer: https://use.typekit.net/pmd7cky.css
Origin: https://www.kroll.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:53 GMT
server: nginx
etag: "e6cdd128d302fc151cf53e279ed70d832b77d2aa"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20024

GET
H/1.1 200
OK fernanda-barroso.webp
www.kroll.com/-/media/kroll-images/headshots/ 11 KB
12 KB 111ms
90ms Image
image/webp 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/headshots/fernanda-barroso.webp?extension=webp&la=en&hash=3BCA9163D26EED14369142D8BC7203AF

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35c79a14032fe93eb9c53fc48b0262d134e6d832d319134b2a2b678c3caf4845

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 134920
Content-Disposition: inline; filename="fernanda-barroso.webp"
Connection: keep-alive
Content-Length: 11470
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:f515b5ec-281f-4c24-812a-8e2c3ab458b3
Referrer-Policy: strict-origin
Last-Modified: Thu, 27 Oct 2022 11:02:12 GMT
Server: cloudflare
ETag: 8e15b0f3c0044ceaad11cc651bc19165
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/webp
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec109d9425a3-MIA

GET
H/1.1 200
OK bob-bartell.jpg
www.kroll.com/-/media/kroll-images/headshots/ 4 KB
5 KB 199ms
173ms Image
image/jpeg 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/headshots/bob-bartell.jpg?extension=webp&h=160&w=140&la=en&hash=4C31B788846A2F49CC805D91506AA5A4

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f807d87d420435ed78103b8fef630592835c85b0c75702de969346c41f2f536

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 48844
Cf-Polished: degrade=85, origSize=11117
Content-Disposition: inline; filename="bob-bartell.jpg"
Connection: keep-alive
Content-Length: 4443
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Thu, 10 Mar 2022 07:30:39 GMT
Cf-Bgj: imgq:85,h2pri
Server: cloudflare
ETag: 6005df36c3734eb2972eb2049ec7e9e2
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec109fa009b2-MIA

GET
H/1.1 200
OK giles-derry.png
www.kroll.com/-/media/kroll/images/headshots/expert-services-bios/ 2 KB
3 KB 359ms
291ms Image
image/webp 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll/images/headshots/expert-services-bios/giles-derry.png?extension=webp&h=160&w=140&la=en&hash=C118C12B9BD522F26EA687C7E62618DF

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8fe32e7b0d6f16aa0ea987be8049750b939d671cf4c5c9ae617e48bb4524749

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: REVALIDATED
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Content-Disposition: inline; filename="giles-derry.webp"
Connection: keep-alive
Content-Length: 1848
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:f515b5ec-281f-4c24-812a-8e2c3ab458b3
Referrer-Policy: strict-origin
Last-Modified: Mon, 19 Dec 2022 12:02:02 GMT
Server: cloudflare
ETag: 6a1fddc9f7544a7eb3467681936aca53
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/webp
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec10d82431e4-MIA

GET
H/1.1 200
OK michael-dolan.jpg
www.kroll.com/-/media/kroll-images/headshots/ 3 KB
4 KB 184ms
116ms Image
image/jpeg 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/headshots/michael-dolan.jpg?extension=webp&h=160&w=140&la=en&hash=76FB3D50ED4D5520EF7A1A3C062210A6

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d14da0ef8abd879eb8b311bd69c6c9ea26e4ef6a818b25dbd677660bf39df2d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 317680
Cf-Polished: origSize=3384
Content-Disposition: inline; filename="michael-dolan.jpg"
Connection: keep-alive
Content-Length: 3353
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Thu, 10 Mar 2022 07:31:02 GMT
Cf-Bgj: imgq:85,h2pri
Server: cloudflare
ETag: 335a852dd82541099d629240b6fb30c7
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec10d9b8da6b-MIA

GET
H/1.1 200
OK srividya-gopalakrishnan.png
www.kroll.com/-/media/kroll-images/headshots/ 28 KB
29 KB 190ms
139ms Image
image/png 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/headshots/srividya-gopalakrishnan.png?extension=webp&h=160&w=140&la=en&hash=5FDCA1572D4D214BD067C7AFC5EA557B

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2e156c56c003a75bd87b699945e1cec4f7b07ba44c95bd4e60af0d57594386a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 59450
Cf-Polished: origSize=40776
Content-Disposition: inline; filename="srividya-gopalakrishnan.png"
Connection: keep-alive
Content-Length: 28326
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Fri, 17 Feb 2023 12:18:24 GMT
Cf-Bgj: imgq:85,h2pri
Server: cloudflare
ETag: 5cab6ee5bc4c41a18dee7e43e4d1fbb4
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec10ee51b3b9-MIA

GET
H/1.1 200
OK jason-n-smolanoff.jpg
www.kroll.com/-/media/kroll-images/headshots/ 3 KB
4 KB 176ms
129ms Image
image/jpeg 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/headshots/jason-n-smolanoff.jpg?extension=webp&h=160&w=140&la=en&hash=B2F1A385EBE9D4C69EC64B1AEEA4A32E

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15ddd5a5ee41cd12c0f2e237dab8fe9dcea2aafc8862a796f1176b4434252e3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 189469
Cf-Polished: origSize=3157
Content-Disposition: inline; filename="jason-n-smolanoff.jpg"
Connection: keep-alive
Content-Length: 3104
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Thu, 10 Mar 2022 07:30:51 GMT
Cf-Bgj: imgq:85,h2pri
Server: cloudflare
ETag: 8e915e082a6b419485d7200920383c6a
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec10ec1731ef-MIA

GET
H/1.1 200
OK jessica-stamelman.jpg
www.kroll.com/-/media/kroll-images/headshots/ 3 KB
4 KB 163ms
163ms Image
image/webp 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/headshots/jessica-stamelman.jpg?extension=webp&h=160&w=140&la=en&hash=3B3276B87D6B70D39711DF1A90E8B5EC

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3fc233b5d46286243977b03290386aaee47d4b1f7597392de4392c980e2a05f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 6438
Content-Disposition: inline; filename="jessica-stamelman.webp"
Connection: keep-alive
Content-Length: 3578
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:f515b5ec-281f-4c24-812a-8e2c3ab458b3
Referrer-Policy: strict-origin
Last-Modified: Thu, 10 Mar 2022 07:30:52 GMT
Server: cloudflare
ETag: db0b8233667946e6a3f97c7133000af9
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/webp
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec112e7925a3-MIA

GET
H/1.1 200
OK fraud-and-financial-crime-report-mobile-banner-300-200.png
www.kroll.com/-/media/kroll-images/insights/ffcr-report/landing-page-banners/ 126 KB
127 KB 135ms
135ms Image
image/png 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/insights/ffcr-report/landing-page-banners/fraud-and-financial-crime-report-mobile-banner-300-200.png?extension=webp&h=200&w=300&la=en&hash=F466736C15F2A39B3E720A0E55247E8A

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

424f9ab1c942d26564825e27514245c512fafdaffe48347ae5bb3c5dd46c0a06

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 31584
Cf-Polished: origSize=154944
Content-Disposition: inline; filename="fraud-and-financial-crime-report-mobile-banner-300-200.png"
Connection: keep-alive
Content-Length: 128740
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Wed, 28 Jun 2023 11:26:42 GMT
Cf-Bgj: imgq:85,h2pri
Server: cloudflare
ETag: 6091696a04504e98a702c25450afcc76
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec11bd5a31ef-MIA

GET
H/1.1 200
OK how-technology-transforming-aml-160-180.png
www.kroll.com/-/media/kroll-images/insights/ffcr-report/web-images/ 8 KB
9 KB 364ms
364ms Image
image/webp 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/insights/ffcr-report/web-images/how-technology-transforming-aml-160-180.png?extension=webp&h=180&w=160&la=en&hash=EB442E35B2BC6797981D2713CD14CAA6

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da51e3bcc3fec3653a0e87db60961cf3d2838b9c2e48cd7095ce8b4aef97f34

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: REVALIDATED
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Content-Disposition: inline; filename="how-technology-transforming-aml-160-180.webp"
Connection: keep-alive
Content-Length: 8114
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:f515b5ec-281f-4c24-812a-8e2c3ab458b3
Referrer-Policy: strict-origin
Last-Modified: Tue, 27 Jun 2023 06:23:21 GMT
Server: cloudflare
ETag: 608bcd3e57254818923b956db456b1a3
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/webp
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec11cf6db3b9-MIA

GET
H/1.1 200
OK unraveling-global-impact-corruption-and-bribery-160-180.png
www.kroll.com/-/media/kroll-images/insights/ffcr-report/web-images/ 8 KB
9 KB 208ms
206ms Image
image/webp 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/insights/ffcr-report/web-images/unraveling-global-impact-corruption-and-bribery-160-180.png?extension=webp&h=180&w=160&la=en&hash=374528EF4013BA15D8531C9AF042CBFA

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdcd615e5e42e61d1cc28409c7919564cee7896a5a6d30e4815e9a49a2241bad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 326850
Content-Disposition: inline; filename="unraveling-global-impact-corruption-and-bribery-160-180.webp"
Connection: keep-alive
Content-Length: 8060
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:f515b5ec-281f-4c24-812a-8e2c3ab458b3
Referrer-Policy: strict-origin
Last-Modified: Fri, 23 Jun 2023 06:14:38 GMT
Server: cloudflare
ETag: 85a0493e8457483f9afab4f142cb8bc9
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/webp
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec12386225a3-MIA

GET
H2 200 l
use.typekit.net/af/7ac87a/00000000000000007735b8f0/30/ 22 KB
22 KB 215ms
144ms Font
application/font-woff2 2600:141b:13::17d7:82ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7ac87a/00000000000000007735b8f0/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/pmd7cky.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ef4dfeb8629df21ab8939a77ed8c83a0cd69142b66e3bf2d94f1c1284092c40d

Request headers

Referer: https://use.typekit.net/pmd7cky.css
Origin: https://www.kroll.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:52 GMT
server: nginx
etag: "0e49eef4170a0f869d093451710f6ed87674d9c1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22388

GET
H/1.1 200
OK impact-sec-form-pf-amendments-fund-advisers-th.jpg
www.kroll.com/-/media/kroll-images/insights/thumbnail/ 7 KB
8 KB 120ms
120ms Image
image/jpeg 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/insights/thumbnail/impact-sec-form-pf-amendments-fund-advisers-th.jpg?extension=webp

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e008fb3fac987b5f7c14dd28735cc065e0c65121748b29c2eb5147a982b8428e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 87782
Cf-Polished: degrade=85, origSize=14509
Content-Disposition: inline; filename="impact-sec-form-pf-amendments-fund-advisers-th.jpg"
Connection: keep-alive
Content-Length: 7274
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Wed, 10 May 2023 14:09:22 GMT
Cf-Bgj: imgq:85,h2pri
Server: cloudflare
ETag: 8708332445ad46e0bcc3ee2104a98272
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec12baa631e4-MIA

GET
H/1.1 200
OK cost-trend-update-bulletin-june-2022-external.png
www.kroll.com/-/media/kroll-images/insights/ 198 KB
199 KB 137ms
136ms Image
image/png 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/insights/cost-trend-update-bulletin-june-2022-external.png?extension=webp

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93af0e7a94874512aa4443f615545a38bf3f7a99ee5679b12a3534cd04cdb2d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 87782
Cf-Polished: origSize=212585
Content-Disposition: inline; filename="cost-trend-update-bulletin-june-2022-external.png"
Connection: keep-alive
Content-Length: 202802
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Fri, 12 Aug 2022 13:03:42 GMT
Cf-Bgj: imgq:85,h2pri
Server: cloudflare
ETag: 45eba44ca7e249fbb6fe6b5d2e689edf
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec12ce72da6b-MIA

GET
H/1.1 200
OK cactus-ransomware-th.png
www.kroll.com/-/media/kroll-images/insights/ 6 KB
7 KB 132ms
132ms Image
image/webp 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/insights/cactus-ransomware-th.png?extension=webp

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

071f4dc723ecb7a9ee6c13af7a3fc3695e3dfea927bb810bf3104839044844f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 599017
Content-Disposition: inline; filename="cactus-ransomware-th.webp"
Connection: keep-alive
Content-Length: 5732
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:f515b5ec-281f-4c24-812a-8e2c3ab458b3
Referrer-Policy: strict-origin
Last-Modified: Wed, 10 May 2023 13:34:11 GMT
Server: cloudflare
ETag: 44d9c5103e9447818302afdbc74ec285
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/webp
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec130f8c31ef-MIA

GET
H/1.1 200
OK sec-article-feature-th.png
www.kroll.com/-/media/kroll-images/insights/ 64 KB
65 KB 337ms
336ms Image
image/png 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/insights/sec-article-feature-th.png?extension=webp

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

831775b4daa76992271824cc4d36b27b3f57be781a921e98f7d321540b26f763

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Content-Disposition: inline; filename="sec-article-feature-th.png"
Connection: keep-alive
Content-Length: 65750
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Wed, 12 Apr 2023 10:04:34 GMT
Server: cloudflare
ETag: 2dbfff43ed00492ca10afa81223eb8e7
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec137bb231e4-MIA

GET
H2 200 l
use.typekit.net/af/3e4147/00000000000000007735b8fb/30/ 22 KB
22 KB 109ms
89ms Font
application/font-woff2 2600:141b:13::17d7:82ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3e4147/00000000000000007735b8fb/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/pmd7cky.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 13f5407c439427a5e1635a408202c605e234c321bd0491fbbe71c62e33fc9496

Request headers

Referer: https://use.typekit.net/pmd7cky.css
Origin: https://www.kroll.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:52 GMT
server: nginx
etag: "cc0ce0cfd70d3f7e4a2edf7b0141f298d7b7215e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22676

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 132ms
53ms XHR
application/json 2606:4700::6812:1c26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.kroll.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7e82ec118e83dab5-MIA
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK globalsearch Show response
www.kroll.com/api/duff/search/ 1 KB
1 KB 202ms
191ms Fetch
application/json 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/api/duff/search/globalsearch?websiteName=kroll&language=en

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/assets/js/main-new.js?040720230407pm1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

634f2f767011cf902fb5d85a49dd90705356d2ecc8901b3fff3b429556f8e4cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Pragma: no-cache
Referrer-Policy: strict-origin
Server: cloudflare
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 7e82ec119afbda6b-MIA
Expires: -1

GET
H/1.1 200
OK globalsearch Show response
www.kroll.com/api/duff/search/ 1 KB
1 KB 380ms
358ms Fetch
application/json 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/api/duff/search/globalsearch?websiteName=kroll&language=en

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/assets/js/main-new.js?040720230407pm1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

634f2f767011cf902fb5d85a49dd90705356d2ecc8901b3fff3b429556f8e4cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Pragma: no-cache
Referrer-Policy: strict-origin
Server: cloudflare
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 7e82ec11b8c309b2-MIA
Expires: -1

GET
H/1.1 200
OK madoff-cs-feature.png
www.kroll.com/-/media/kroll-images/insights/client-stories/ 38 KB
39 KB 136ms
136ms Image
image/png 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/insights/client-stories/madoff-cs-feature.png?extension=webp

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/assets/js/main-new.js?040720230407pm1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93db2d417656188d33f7299b8613b40c85aa60907badc4cebf612d26051f5023

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 54843
Cf-Polished: origSize=48306
Content-Disposition: inline; filename="madoff-cs-feature.png"
Connection: keep-alive
Content-Length: 39031
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Thu, 25 May 2023 12:35:17 GMT
Cf-Bgj: imgq:85,h2pri
Server: cloudflare
ETag: 9c17f5cc737b4df7946936df3fd2c17d
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec137a6125a3-MIA

GET
H/1.1 200
OK regulatory-update-first-quarter-2023-th.png
www.kroll.com/-/media/kroll-images/insights/thumbnail/ 34 KB
35 KB 201ms
200ms Image
image/png 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/insights/thumbnail/regulatory-update-first-quarter-2023-th.png?extension=webp

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/assets/js/main-new.js?040720230407pm1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c44e841a5d0aa6f55fec6653b7b0a86a98f539af11e9e834ed005d153301a1be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 54166
Cf-Polished: origSize=39021
Content-Disposition: inline; filename="regulatory-update-first-quarter-2023-th.png"
Connection: keep-alive
Content-Length: 34670
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Fri, 05 May 2023 13:40:30 GMT
Cf-Bgj: imgq:85,h2pri
Server: cloudflare
ETag: 352e88beb5914137bbe36a5f84549787
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec13d91e31ef-MIA

GET
H/1.1 200
OK microsoft-threat-detection-and-response.svg
www.kroll.com/-/media/kroll-images/insights/feature-images/ 438 KB
81 KB 134ms
134ms Image
image/svg+xml 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/kroll-images/insights/feature-images/microsoft-threat-detection-and-response.svg?extension=webp

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/assets/js/main-new.js?040720230407pm1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4faa4868440aa2b7f9dcffd1f9864630e9456a6b51a89c4d94a2d3e7f199cba4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Content-Encoding: br
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 29467
Transfer-Encoding: chunked
Content-Disposition: inline; filename="microsoft-threat-detection-and-response.svg"
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Fri, 21 Apr 2023 10:16:50 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 7e82ec13fadd09b2-MIA

GET
H/1.1 200
OK mifid-ii-regime-challenges.jpg
www.kroll.com/-/media/assets/images/news/thumbnails/2020/ 7 KB
8 KB 127ms
127ms Image
image/jpeg 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kroll.com/-/media/assets/images/news/thumbnails/2020/mifid-ii-regime-challenges.jpg?extension=webp

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/assets/js/main-new.js?040720230407pm1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

579be2cb1d8121390b1bf1c14da3966a2500a751e022b23ef60d97c74f69278a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Age: 119144
Cf-Polished: degrade=85, origSize=18946
Content-Disposition: inline; filename="mifid-ii-regime-challenges.jpg"
Connection: keep-alive
Content-Length: 6910
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Referrer-Policy: strict-origin
Last-Modified: Fri, 03 Jan 2020 07:12:22 GMT
Cf-Bgj: imgq:85,h2pri
Server: cloudflare
ETag: 80718b86228b403badeadc67c9938718
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, max-age=604800,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
CF-Ray: 7e82ec141a77b3b9-MIA

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
222 B 399ms
113ms XHR
application/json 104.237.62.211
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.211 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: hosted-by.racknerd.com
Software: nginx/1.25.1 /
Resource Hash: c3f0c5bd17ead8dcb853264a2c853c2b6612212c0c17d0742d458412886257f6

Request headers

Accept: */*
Referer: https://www.kroll.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 17 Jul 2023 13:44:53 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 22
Vary: Origin
Content-Type: application/json

GET
H2 200 l
use.typekit.net/af/ff2f63/00000000000000007735b8ff/30/ 22 KB
23 KB 78ms
72ms Font
application/font-woff2 2600:141b:13::17d7:82ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ff2f63/00000000000000007735b8ff/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/pmd7cky.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 308a9c476c3561fadda0e17654698bd328ee9f4cd743f6a714a784e217ec0b7b

Request headers

Referer: https://use.typekit.net/pmd7cky.css
Origin: https://www.kroll.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:52 GMT
server: nginx
etag: "575f27d0430e8d1712e555d32fac51d3e2d0419a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22944

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/ 395 KB
94 KB 44ms
44ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jul 2023 13:44:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: TPatHKMti4L8TVrK0PWkxg==
age: 50042
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 96303
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:35 GMT
server: cloudflare
etag: 0x8DB14866ADAA84A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bdce70f4-f01e-00ad-093e-79f88c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e82ec126f590329-MIA

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4cc5d082/www-widgetapi.vflset/ 203 KB
63 KB 75ms
72ms Script
text/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4cc5d082/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5de4b128a933b726d8b2987bb31607134c187abf301c5e288f6e232de26fe925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 08:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 452088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64262
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 02:37:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 11 Jul 2024 08:10:04 GMT

GET
H2 200 pp.js Show response
api.fouanalytics.com/s/ 15 KB
6 KB 41ms
39ms Script
text/javascript 2606:4700:e6::ac40:c726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/pp.js
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/api/init-2064lnzuhipo9z2sh857.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20d3e3cc1340e218d30035033398ccfe72086801df5dfc6fc53d36ec04965a75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 18:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4972
etag: W/"648cac83-3bd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0wDwjf7MWV94YP73lHRTKqij71QROX5BDcftRcW4oZlMJx%2BBrtzfGBUkZqGZ%2By9KaavSWEYeDvAnArSUHDZk%2FumMKgeJShH%2BZisl1FvoXjzGqNW9E8u8VNfZ34laEKJr0xvGfp1uRN0zb1HMvN9LMretA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7e82ec12cae925af-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 148ms
61ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 17 Jul 2023 13:44:52 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2674B9BA03FB4B25B1CD850EED9769C3 Ref B: MIAEDGE2019 Ref C: 2023-07-17T13:44:53Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.4.0/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@3.4.0/dist/web-vitals.iife.js

7 KB
3 KB

42ms
41ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.4.0/dist/web-vitals.iife.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a85cb4f69ef025b2b86a217f8e999a8f30f43181f15017115e807dd5b021766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 587876
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H50GX0VYFANJJK3S78Z6HSX7-mia
server: cloudflare
etag: W/"1b98-Vi0si64rTaloQm7ZXLxPFpdaTq8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e82ec14dfebb3c1-MIA

Redirect headers

date: Mon, 17 Jul 2023 13:44:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H5J17ESWN1HNECHNEV6EJP5V-mia
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 331
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.4.0/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7e82ec135dacb3c1-MIA

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
703 B 260ms
76ms Script
application/x-javascript 2600:141b:13::17d7:82ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:82ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ddb06e7a4aa617032f2bdebe1845d4d69010eaf90b19be754fe8985b594e1c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 17 Jul 2023 08:18:47 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=67277
accept-ranges: bytes
content-length: 491

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 225ms
74ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Jul 2023 13:44:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: 3DpxCFPWIdJKqYFJ+6Fg4toNCIyfxrWG+3I0wApR9S2Bs2Rn2iiZFlXF4rihgzKdc4l90sd025lDGeONnwCW7w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
84 KB 114ms
113ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S0E5692XKD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e29fefc515f7329c0b7dcd4d8a7daa33169f1bcb49ebc1dd6f3a6e4d81d7d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86266
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 17 Jul 2023 13:44:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 247ms
80ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Jul 2023 13:18:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1573
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 17 Jul 2023 15:18:40 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/b060559d-0a1c-4506-b41d-5819d2c618ae/ 101 KB
20 KB 51ms
50ms Fetch
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db8fa0ce-73a5-4e3f-9b55-60b230386b60/b060559d-0a1c-4506-b41d-5819d2c618ae/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17eb24f59dd5a0918c95c3b0b9da3d981ceb50038efab067ee417e2e4b8ec88e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jul 2023 13:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 71319
content-md5: s7g9bNZJI+YpjA/L526aYQ==
content-length: 20442
x-ms-lease-status: unlocked
last-modified: Tue, 31 Jan 2023 18:08:07 GMT
server: cloudflare
etag: 0x8DB03B61ADDFF50
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 729b982c-101e-002f-1b88-6d59dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e82ec137d5e2577-MIA
expires: Tue, 18 Jul 2023 13:44:53 GMT

GET
H/1.1 200
OK getipdata Show response
www.kroll.com/api/duff/navigation/ 40 B
933 B 266ms
266ms XHR
application/json 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/api/duff/navigation/getipdata?res=38.132.118.73

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691f0cf97478768879247b8adaf894e0132ec36c3622483256f6ccc57a03dc56

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.kroll.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Pragma: no-cache
Referrer-Policy: strict-origin
Server: cloudflare
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 7e82ec14ebccb3b9-MIA
Expires: -1

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 13 KB
3 KB 155ms
155ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jul 2023 13:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JRquOrwnT+1fACynxEiZlA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:28 GMT
server: cloudflare
etag: 0x8DB148666B3B223
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 78b22501-c01e-00c3-5ae1-5a51a5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e82ec15f9752577-MIA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/ 62 KB
13 KB 147ms
147ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9c89c2a0df62b9bd73d859ae616ffe92cb9e86e1428a1a0fc797418f3e03dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jul 2023 13:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5x5OTvRos5JBKPa+Qbpqxg==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13354
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:30 GMT
server: cloudflare
etag: 0x8DB148668308060
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 58a8552f-501e-012c-10e1-5a1c8e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e82ec15f9782577-MIA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 21 KB
4 KB 44ms
43ms Fetch
text/css 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jul 2023 13:44:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 36354
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 0844ecf6-e01e-017a-6ae1-5af4fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e82ec15f97a2577-MIA

POST
H2 204 collect
analytics.google.com/g/ 0
245 B 132ms
46ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-S0E5692XKD&gtm=45je37c0&_p=1779312598&_gaz=1&cid=732762107.1689601493&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689601493&sct=1&seg=0&dl=https%3A%2F%2Fwww.kroll.com%2Fen&dt=Kroll%20%7C%20Risk%20and%20Financial%20Advisory%20Solutions&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&ep.gtm_container_and_version_id=GTM-PWHXW75%3B%20version%20ID%3A%20250&ep.hit_timestamp=2023-07-17%20Time%3A%2013%3A44%3A52.985%20%2B00%3A00&ep.tag_name=GA4%20-%20Configuration
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S0E5692XKD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 13:44:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kroll.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 195ms
65ms Ping
text/plain 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S0E5692XKD&cid=732762107.1689601493&gtm=45je37c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S0E5692XKD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 13:44:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kroll.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1043474835687043 Show response
connect.facebook.net/signals/config/ 74 KB
20 KB 66ms
65ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1043474835687043?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c122defc95133653c1be9aa461f8eadb1886dd58c1201e787e26b54c508a357d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Jul 2023 13:44:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20637
x-xss-protection: 0
pragma: public
x-fb-debug: UVdsvc+Xg+OYuxF1EEXvj06Fif25weU/kJBYN72mkMNsrYTrxyhzoYmB6vkC1ev0b8FkOZMywYJigIcTT7GKKg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 56180571.js Show response
bat.bing.com/p/action/ 0
118 B 96ms
96ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56180571.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 17 Jul 2023 13:44:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 535989D3E18B486C9CFA264A30781D3F Ref B: MIAEDGE2019 Ref C: 2023-07-17T13:44:53Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
361 B 59ms
59ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56180571&tm=gtm002&Ver=2&mid=aef23d3c-f3a1-477d-9162-7023f8749bbc&sid=1bd4dfb024a811eeaca47f0bc96aec93&vid=1bd5350024a811eeb4fffb781f7c44a7&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Kroll%20%7C%20Risk%20and%20Financial%20Advisory%20Solutions&kw=Kroll,%20Cyber%20risk%20firms,%20Compliance%20risk%20firms&p=https%3A%2F%2Fwww.kroll.com%2Fen&r=&lt=2274&evt=pageLoad&sv=1&rn=761356

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Jul 2023 13:44:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A1302430AC924F5F8D54AF8AF6FC90B3 Ref B: MIAEDGE2019 Ref C: 2023-07-17T13:44:53Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 66ms
66ms Script
application/x-javascript 2600:141b:13::17d7:82ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:82ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jul 2023 13:00:14 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=32289
accept-ranges: bytes
content-length: 4862

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 92ms
92ms XHR
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1779312598&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kroll.com%2Fen&ul=en-us&de=UTF-8&dt=Kroll%20%7C%20Risk%20and%20Financial%20Advisory%20Solutions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAEK~&jid=793199701&gjid=1136972561&cid=732762107.1689601493&tid=UA-7299730-1&_gid=1747922832.1689601494&_r=1&_slc=1&gtm=45He37c0n81PWHXW75&cd5=1689601493008.imnwtwae&cd6=2023-07-17%20Time%3A%2013%3A44%3A53.08%20%2B00%3A00&cd8=&cd9=GTM-PWHXW75%3B%20version%20ID%3A%20250&cd4=732762107.1689601493&cd7=pageview&z=2137745099

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 13:44:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kroll.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 x
api.fouanalytics.com/api/ 0
449 B 199ms
199ms Ping
text/plain 2606:4700:e6::ac40:c726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kroll.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 Jul 2023 13:44:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4U4icxxT8jl5RRlx6MT8Ht41wUTiqoG%2BRZbehOQQIH3iI4FLwC3xb6KHzcA1Jar2FqaIkRpnrPoYfjbJRNZrn7tit0mSHMpzyUB%2BJXM20uWq1TltRqv7yzD%2BgHjyUO2HzPAM7u8aZVi13ymretDeLENZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7e82ec16c80db3c8-MIA
alt-svc: h3=":443"; ma=86400
priority: u=4,i

GET
H2 200 FDwiyD6L.min.js Show response
tag.demandbase.com/ 76 KB
21 KB 245ms
78ms Script
application/javascript 99.84.160.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/FDwiyD6L.min.js

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/assets/js/main-new.js?040720230407pm1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.160.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-160-83.ord52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

03692c2d6097d853844cfcbfd1b8bb6fed04c9bb4a3fb85367cc77f9c9ddac92

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Y_qOLpkQAIkCzxnsUfmqsvrINYw.GTtq
content-encoding: gzip
via: 1.1 c8a21a7610b30a71d259ed6dd5d8a6ba.cloudfront.net (CloudFront)
date: Mon, 17 Jul 2023 13:36:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD52-C2
age: 2403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Jun 2023 22:01:10 GMT
server: AmazonS3
etag: W/"66301a5cb5f1877ab241e438fbd627e0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: UWtx4HNfMSSnJXjwO25iPJ5ml0mDP_YdJ_K18cV_ftj29xrNayYhoA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 140 KB
54 KB 110ms
110ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-968938677

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d1401fd3fe1ff1475b26117e736f8973acfb2d1b884b2e56ac74877c4e1e7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55006
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Jul 2023 13:44:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 141 KB
54 KB 113ms
113ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-968938677&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWHXW75

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

499aba5e5d275e137c4032529b1700e88765802fadfa43fc9abe65e6949c43fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55083
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Jul 2023 13:44:53 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
150 B 66ms
66ms XHR
text/plain 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-7299730-1&cid=732762107.1689601493&jid=793199701&gjid=1136972561&_gid=1747922832.1689601494&_u=YCDACEAABAAAACAEK~&z=1286818624

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kroll.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 17 Jul 2023 13:44:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kroll.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK giveconsent Show response
www.kroll.com/api/duff/trackingconsent/ 0
1 KB 1455ms
1454ms XHR
text/plain 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/api/duff/trackingconsent/giveconsent?url=https%3A%2F%2Fwww.kroll.com%2Fen

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.kroll.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 17 Jul 2023 13:44:55 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Pragma: no-cache
Referrer-Policy: strict-origin
Server: cloudflare
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Cache-Control: no-cache, no-store,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 7e82ec17bf5eb3b9-MIA
Expires: -1

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
625 B 41ms
41ms Image
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jul 2023 13:44:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 81137
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jul 2023 02:45:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a24db149-e01e-0090-6557-b54daa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e82ec17cdc80329-MIA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
491 B 43ms
37ms Fetch
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jul 2023 13:44:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 36354
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jul 2023 02:45:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 39def778-e01e-00d4-378d-b591c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e82ec17ecab2577-MIA

GET
H2 200 Kroll.png
cdn.cookielaw.org/logos/0453826c-66bd-4b22-8370-04eafb384ea3/db8fa0ce-73a5-4e3f-9b55-60b230386b60/cfc094b9-8d06-43f4-ba32-1d34cd6a668d/ 12 KB
12 KB 41ms
41ms Image
image/png 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/0453826c-66bd-4b22-8370-04eafb384ea3/db8fa0ce-73a5-4e3f-9b55-60b230386b60/cfc094b9-8d06-43f4-ba32-1d34cd6a668d/Kroll.png

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74bfd6cab6c8204b1b9a82df0724714101b96af65bc74df3ed192c10471e3323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jul 2023 13:44:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /pX6N7rNfVMyKKEcFftBrQ==
age: 48828
content-length: 12029
x-ms-lease-status: unlocked
last-modified: Mon, 24 Jan 2022 12:37:00 GMT
server: cloudflare
etag: 0x8D9DF36377B5B26
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 90e0be72-201e-0123-0ce1-5af178000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e82ec17fde70329-MIA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 46ms
45ms Image
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jul 2023 13:44:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 81086
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jul 2023 02:45:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 0985be72-c01e-0166-4fb4-b52ce9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e82ec17fde80329-MIA

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/654419/domain/kroll.com/ 36 B
377 B 421ms
69ms XHR
application/json 2600:9000:21b8:1a00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/654419/domain/kroll.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21b8:1a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.kroll.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:17:23 GMT
content-encoding: gzip
via: 1.1 b892209f8d3dd056b68bdca7e0c07418.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C1
age: 1651
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: xxNvjPGbuKL_ECOCIq2Kuo2WtppSRrVPuUnP73Np4hZYZS-P2FR7nw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1689601493747&url=https%3A%2F%2Fwww.kroll.com%2Fen
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1689601493747&url=https%3A%2F%2Fwww.kroll.com%2Fen&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D654419%26time%3D1689601493747%26url%3Dhttps%253A%252F%252Fwww.kroll.com%252Fen%26...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1689601493747&url=https%3A%2F%2Fwww.kroll.com%2Fen&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1689601493747&url=https%3A%2F%2Fwww.kroll.com%2Fen&cookiesTest=true&liSync=true&e_ipv6=AQJ30HeNu6DnfwAAAYlkGMyX3rX4L-aooPexL-nBWJkyG6...

0
491 B

178ms
96ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1689601493747&url=https%3A%2F%2Fwww.kroll.com%2Fen&cookiesTest=true&liSync=true&e_ipv6=AQJ30HeNu6DnfwAAAYlkGMyX3rX4L-aooPexL-nBWJkyG69wEFtQOfdYKQcUWcbYhX5Zzw
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:44:53 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F77CD71AA99343B9AFF4DB25D853A85C Ref B: MIAEDGE1712 Ref C: 2023-07-17T13:44:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYArwDhmUbv3NY9m9xn+g==

Redirect headers

date: Mon, 17 Jul 2023 13:44:53 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 3103BDE95C054772ABA970DC077365BB Ref B: MIA301000101019 Ref C: 2023-07-17T13:44:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=654419&time=1689601493747&url=https%3A%2F%2Fwww.kroll.com%2Fen&cookiesTest=true&liSync=true&e_ipv6=AQJ30HeNu6DnfwAAAYlkGMyX3rX4L-aooPexL-nBWJkyG69wEFtQOfdYKQcUWcbYhX5Zzw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYArwDfE8o3jMNViCBn1A==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/654419/domain/kroll.com/ 36 B
373 B 422ms
72ms XHR
application/json 2600:9000:21b8:1a00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/654419/domain/kroll.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21b8:1a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.kroll.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:17:23 GMT
content-encoding: gzip
via: 1.1 b892209f8d3dd056b68bdca7e0c07418.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C1
age: 1651
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: n_e-FApi_ii3cR82MWOj6iCatajoj-WDiQOltI14J6sTQ9CoBi9qOw==

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 403ms
64ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1043474835687043&ev=PageView&dl=https%3A%2F%2Fwww.kroll.com%2Fen&rl=&if=false&ts=1689601493760&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=28&fbp=fb.1.1689601493756.120894338&it=1689601493483&coo=false&rqm=GET

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Jul 2023 13:44:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
409 B 405ms
96ms Image
image/gif 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7299730-1&cid=732762107.1689601493&jid=793199701&_u=YCDACEAABAAAACAEK~&z=877109878

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 13:44:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/654419/domain/kroll.com/ 36 B
375 B 360ms
71ms XHR
application/json 2600:9000:21b8:1a00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/654419/domain/kroll.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21b8:1a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.kroll.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:17:23 GMT
content-encoding: gzip
via: 1.1 b892209f8d3dd056b68bdca7e0c07418.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C1
age: 1651
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 5mac1-Mtv9E25YN3moyIm62FDOWVC4ZbfziNbHVK72OMFhUGp99u6w==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/968938677/ 2 KB
2 KB 356ms
139ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968938677/?random=1689601493867&cv=11&fst=1689601493867&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kroll.com%2Fen&hn=www.googleadservices.com&frm=0&tiba=Kroll%20%7C%20Risk%20and%20Financial%20Advisory%20Solutions&auid=1934843242.1689601493&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-968938677&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c04f966dce6747a987ffb6c89ae5da10192d307d869c16055763ffae6e7b65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 13:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
s.company-target.com/s/ Frame 39F8 634 B
977 B 160ms
62ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/FDwiyD6L.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 81c54beae0eab4ff104e7d4fcff7bb23d7fc58e3553b8a249ec2deafbcfe4182

Request headers

Referer: https://www.kroll.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Mon, 17 Jul 2023 13:44:54 GMT
via: 1.1 google

GET
H/1.1

200
OK

log
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCNaL1aUGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297bV6m10M6M4_ga4XDKCsVOW2KRg8DJfBbIQFxwi2Hj20

26 B
409 B

248ms
90ms

Image
image/gif

99.84.160.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297bV6m10M6M4_ga4XDKCsVOW2KRg8DJfBbIQFxwi2Hj20
Requested by: Host: www.kroll.com
URL: https://www.kroll.com/en
Protocol: HTTP/1.1
Server: 99.84.160.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-160-67.ord52.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:54 GMT
Via: 1.1 bffe83de7594be28771c4164d4617e3a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ORD52-C2
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: image/gif
Vary: Origin
Connection: keep-alive
trace-id: 8477e5338bb1ac8f
X-Amz-Cf-Id: H_Nc22vLK1hWlCMI0E6ZpDrkrDXf3jUZg3ehF8vDCVS_Cwbj0DpraQ==

Redirect headers

date: Mon, 17 Jul 2023 13:44:54 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297bV6m10M6M4_ga4XDKCsVOW2KRg8DJfBbIQFxwi2Hj20
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 478 B
978 B 283ms
107ms XHR
application/json 99.84.160.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.kroll.com%2Fen&page_title=Kroll%20%7C%20Risk%20and%20Financial%20Advisory%20Solutions
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/FDwiyD6L.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.160.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-160-58.ord52.r.cloudfront.net
Software: nginx /
Resource Hash: fb491e19227b8b37b69d131a62c988490f61ff43f32fb2667037da71c6c83349

Request headers

Referer: https://www.kroll.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 Jul 2023 13:44:54 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 249aa6f890bf73000af910ed0724d954.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C2
x-cache: Miss from cloudfront
request-id: 7d8fcfef-b92e-402f-98ef-7e6a8d008389
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.kroll.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cK6Luua6rF0wPGHMgKNaWNH4TUBTtluZqMMFvEohwZ9z_Zvm-qc5Tg==
expires: Sun, 16 Jul 2023 13:44:54 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
416 B 266ms
98ms XHR
text/html 2600:9000:20e9:9600:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=cK6Luua6rF0wPGHMgKNaWNH4TUBTtluZqMMFvEohwZ9z_Zvm-qc5Tg==&api-version=v2
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/FDwiyD6L.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e9:9600:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Mon, 17 Jul 2023 11:01:29 GMT
via: 1.1 91e7f6dd5130ccc0c1247b2da038e3de.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C2
age: 9811
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: fCda5GUz3uek5OcHDqEXw9Bjten_zEFUeuroBagGflkYt20EJiW-yg==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 74ms
74ms Image
image/gif 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1779312598&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.kroll.com%2Fen&ul=en-us&de=UTF-8&dt=Kroll%20%7C%20Risk%20and%20Financial%20Advisory%20Solutions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aDDACEABBAAAACAEK~&jid=&gjid=&cid=732762107.1689601493&tid=UA-7299730-1&_gid=1747922832.1689601494&gtm=45He37c0n81PWHXW75&cd5=1689601493008.imnwtwae&cd6=2023-07-17%20Time%3A%2013%3A44%3A53.08%20%2B00%3A00&cd8=&cd9=GTM-PWHXW75%3B%20version%20ID%3A%20250&cd4=732762107.1689601493&cd7=event&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=(Non-Company%20Visitor)&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=Miami&cd16=FL&cd17=(Non-Company%20Visitor)&cd18=(Non-Company%20Visitor)&cd19=US&cd20=(Non-Company%20Visitor)&z=30436803

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 19:29:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65736
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK current Show response
www.kroll.com/api/duff/contact/ 52 B
946 B 1291ms
1289ms XHR
application/json 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/api/duff/contact/current

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a57b7a9d4db8df25638f0a5100797c771189117b0dbdc1c9b8c4b4fe8ef73ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.kroll.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Pragma: no-cache
Referrer-Policy: strict-origin
Server: cloudflare
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 7e82ec1b1e1731e4-MIA
Expires: -1

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 39F8
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705499094&external_user_id=9bd391eb-b0eb-469b-ac4c-00cfe12e4cfe
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705499094&external_user_id=9bd391eb-b0eb-469b-ac4c-00cfe12e4cfe&C=1

43 B
766 B

65ms
65ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705499094&external_user_id=9bd391eb-b0eb-469b-ac4c-00cfe12e4cfe&C=1
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jul 2023 13:44:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 17 Jul 2023 13:44:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=18&expiry=1705499094&external_user_id=9bd391eb-b0eb-469b-ac4c-00cfe12e4cfe&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 39F8 43 B
393 B 181ms
58ms Image
image/gif 2600:1f18:612b:4216:fca7:6f27:4f1c:9be8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDM=9bd391eb-b0eb-469b-ac4c-00cfe12e4cfe
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:fca7:6f27:4f1c:9be8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 17 Jul 2023 13:44:54 GMT
server: nginx
content-type: image/gif

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 39F8 42 B
764 B 273ms
66ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?nid=5578&put=9bd391eb-b0eb-469b-ac4c-00cfe12e4cfe&v=1181926
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 /
www.google.com/pagead/1p-user-list/968938677/ 42 B
155 B 98ms
97ms Image
image/gif 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/968938677/?random=1689601493867&cv=11&fst=1689598800000&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kroll.com%2Fen&frm=0&tiba=Kroll%20%7C%20Risk%20and%20Financial%20Advisory%20Solutions&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=596807029&rmt_tld=0&ipr=y

Requested by

Host: www.kroll.com
URL: https://www.kroll.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 13:44:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 74ms
73ms Image
image/gif 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1779312598&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.kroll.com%2Fen&ul=en-us&de=UTF-8&dt=Kroll%20%7C%20Risk%20and%20Financial%20Advisory%20Solutions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=10%25&el=%2Fen&_u=aDDACEABBAAAACAEK~&jid=&gjid=&cid=732762107.1689601493&tid=UA-7299730-1&_gid=1747922832.1689601494&gtm=45He37c0n81PWHXW75&cd5=1689601494543.49l4q5yd&cd6=2023-07-17%20Time%3A%2013%3A44%3A54.543%20%2B00%3A00&cd8=&cd9=GTM-PWHXW75%3B%20version%20ID%3A%20250&cd4=732762107.1689601493&cd7=event&z=1447865037

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 19:29:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65736
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 74ms
74ms Image
image/gif 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1779312598&t=timing&_s=3&dl=https%3A%2F%2Fwww.kroll.com%2Fen&ul=en-us&de=UTF-8&dt=Kroll%20%7C%20Risk%20and%20Financial%20Advisory%20Solutions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4055&pdt=80&dns=0&rrt=742&srt=391&tcp=0&dit=2161&clt=2273&_gst=2535&_gbt=3049&_u=aDDACEABBAAAACAEK~&jid=&gjid=&cid=732762107.1689601493&tid=UA-7299730-1&_gid=1747922832.1689601494&gtm=45He37c0n81PWHXW75&z=952001044

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kroll.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 19:29:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65736
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK current Show response
www.kroll.com/api/duff/contact/ 52 B
941 B 737ms
737ms XHR
application/json 2606:4700::6812:1243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kroll.com/api/duff/contact/current

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c5bff1c3936f5e8131a3d58d05972b07e6fa16d015a96c6e3b3ddaa50681964

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.kroll.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 13:44:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'self' https://duffandphelps.360learning.com
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:edc340c2-6dfa-4fda-8920-ee12e389c5f9
Pragma: no-cache
Referrer-Policy: strict-origin
Server: cloudflare
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store,public
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
CF-Ray: 7e82ec1d2e2f31ef-MIA
Expires: -1

POST
H2 204 collect
analytics.google.com/g/ 0
55 B 47ms
46ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-S0E5692XKD&gtm=45je37c0&_p=1779312598&cid=732762107.1689601493&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1689601493&sct=1&seg=0&dl=https%3A%2F%2Fwww.kroll.com%2Fen&dt=Kroll%20%7C%20Risk%20and%20Financial%20Advisory%20Solutions&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S0E5692XKD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kroll.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 13:44:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kroll.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.kroll.com/en	1970-01-20 22:05:37	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Jul+17+2023+13%3A44%3A53+GMT%2B0000+(GMT)&version=202301.1.0&isIABGlobal=false&hosts=&consentId=9c4b8650-a3ff-4560-adaf-7591f3e884c7&interactionCount=0&landingPath=https%3A%2F%2Fwww.kroll.com%2Fen&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1
.kroll.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: a3053b2a1619a6aa4b0e7e497e4fa01864cd730cd9c257837f8a0036d6c79b63
.kroll.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: a3053b2a1619a6aa4b0e7e497e4fa01864cd730cd9c257837f8a0036d6c79b63
.kroll.com/	1970-01-20 13:20:03	Name: __cf_bm Value: mGmuY5C__wQddvRww9RUUyDoMCJQwJouesau_Q2vpzQ-1689601490-0-ARpMwbRsMPvOo61kVVLJkHP/WFSrmCe9tQuLtxtGW8exJSYwzO3uf+aGtvLOkEhG4o6ylpCOvIeRMmYcVL3wE3c=
www.kroll.com/	1969-12-31 23:59:59	Name: kroll#lang Value: en
www.kroll.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 3cdqvf5jrueqwlpzzsmplqq5
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: URVIyokus64
.youtube.com/	1970-01-20 17:39:13	Name: VISITOR_INFO1_LIVE Value: cunf9PP13AE
www.kroll.com/	1970-01-20 13:20:05	Name: searchcookie Value: bMHseqVrhBBrb2JrnPP1d3cPm
.kroll.com/	1970-01-20 15:29:37	Name: _gcl_au Value: 1.1.1934843242.1689601493
.kroll.com/	1970-01-20 13:21:27	Name: _uetsid Value: 1bd4dfb024a811eeaca47f0bc96aec93
.kroll.com/	1970-01-20 22:41:37	Name: _uetvid Value: 1bd5350024a811eeb4fffb781f7c44a7
.kroll.com/	1970-01-20 22:56:01	Name: _ga Value: GA1.2.732762107.1689601493
.kroll.com/	1970-01-20 13:21:27	Name: _gid Value: GA1.2.1747922832.1689601494
.kroll.com/	1970-01-20 13:20:01	Name: _gat_UA-7299730-1 Value: 1
.bing.com/	1970-01-20 22:41:37	Name: MUID Value: 3F17538A7E1D6D5C3FC840DB7FA36CC6
.bat.bing.com/	1970-01-20 13:30:06	Name: MR Value: 0
.kroll.com/	1970-01-20 15:29:37	Name: _fbp Value: fb.1.1689601493756.120894338
.linkedin.com/	1970-01-20 15:29:37	Name: li_sugr Value: 01a78ec9-895f-4560-8ab0-5d861938ed29
.linkedin.com/	1970-01-20 22:05:37	Name: bcookie Value: "v=2&4b3f4cfd-983f-4ebe-8398-c32961d06343"
.linkedin.com/	1970-01-20 13:21:27	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3042:u=1:x=1:i=1689601493:t=1689687893:v=2:sig=AQHEZvoyD8m18byEsTmuyyNwWAHxxDvz"
.linkedin.com/	1970-01-20 14:03:13	Name: UserMatchHistory Value: AQJlK7V2O_sbmgAAAYlkGMvgTSXSN0lk81RYYFv9V-fHvyYSbMCx-8d967Ucgq99GowCBz-yT4UvaA
.linkedin.com/	1970-01-20 14:03:13	Name: AnalyticsSyncHistory Value: AQLvoKPExMJRmwAAAYlkGMvgGhgheK5ehUIs-9Hcxxoa0p7VDxPkwujNNbUSPIyIDTHMkhVCLJ_4HioU1futyA
.www.linkedin.com/	1970-01-20 22:05:37	Name: bscookie Value: "v=1&202307171344542332bfa9-bd4e-48bf-8533-7ca669964635AQEjbEIgfWmrXkvfOggD83FYo-0g82ps"
.rlcdn.com/	1970-01-20 22:05:37	Name: rlas3 Value: VLaxPzFFkBBk0OKXVkDGyvjqxLTWSxdterX5YltmyJ4=
www.kroll.com/	1970-01-20 13:21:27	Name: ln_or Value: eyI2NTQ0MTkiOiJkIn0%3D
.company-target.com/	1970-01-20 22:56:01	Name: tuuid Value: 9bd391eb-b0eb-469b-ac4c-00cfe12e4cfe
.company-target.com/	1970-01-20 22:56:01	Name: tuuid_lu Value: 1689601494\|ix:0\|mctv:0\|rp:0
.rlcdn.com/	1970-01-20 14:46:25	Name: pxrc Value: CNaL1aUGEgUI6AcQABIGCMrdKhAA
.doubleclick.net/	1970-01-20 13:20:02	Name: test_cookie Value: CheckForPermission
.tremorhub.com/	1970-01-20 22:05:58	Name: tvid Value: b9bcdb250fd4485fbf32f738b4c316a0
.tremorhub.com/	1970-01-20 22:56:01	Name: tv_UIDM Value: 9bd391eb-b0eb-469b-ac4c-00cfe12e4cfe
.casalemedia.com/	1970-01-20 22:05:37	Name: CMID Value: ZLVF1n5qeKrJLiYBUA72zwAA
.casalemedia.com/	1970-01-20 15:29:37	Name: CMPS Value: 1249
.casalemedia.com/	1970-01-20 15:29:37	Name: CMPRO Value: 1249
.rubiconproject.com/	1970-01-20 22:05:37	Name: khaos Value: LK6X3SVG-H-DS
.rubiconproject.com/	1970-01-20 22:05:37	Name: audit Value: 1\|Sn6AeCXA4Vzzw5W4d1MWwyOIt/4y+xihb1mUzknb1DRiFPGmwOAHU0WLHeGvekPEQq50DPqeiXE9ZrnhJV+oUqdrXnyZB8nbRWCzzSfXpvdw5AX8X4HphkpDA55Zma+v6EXQSadeI5UVG93rFsZrTEdHvLVH9NjNvaT+Sq4lJm6DA1NujibLXw==
.kroll.com/	1970-01-20 22:56:01	Name: _ga_S0E5692XKD Value: GS1.1.1689601493.1.0.1689601494.59.0.0
www.kroll.com/	1970-01-20 22:56:01	Name: SC_TRACKING_CONSENT Value: W3siU2l0ZU5hbWUiOiJrcm9sbCIsIklzQ29uc2VudEdpdmVuIjp0cnVlfV01
www.kroll.com/	1970-01-20 22:56:01	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 5302c6192ec2449b9c02f004ef4ad74e\|False

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://duffandphelps.360learning.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.company-target.com
api.fouanalytics.com
api.ipify.org
bat.bing.com
cdn.cookielaw.org
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
connect.facebook.net
dsum-sec.casalemedia.com
geolocation.onetrust.com
googleads.g.doubleclick.net
id.rlcdn.com
kroll.com
p.typekit.net
partners.tremorhub.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.company-target.com
segments.company-target.com
snap.licdn.com
static.searchstax.com
stats.g.doubleclick.net
tag-logger.demandbase.com
tag.demandbase.com
unpkg.com
use.typekit.net
vjs.zencdn.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.kroll.com
www.linkedin.com
www.youtube.com
104.237.62.211
13.107.42.14
192.40.39.223
2001:4860:4802:38::181
2600:141b:13::17d7:82a3
2600:141b:13::17d7:82ab
2600:1f18:612b:4216:fca7:6f27:4f1c:9be8
2600:9000:20e9:9600:1d:8d6d:3b40:93a1
2600:9000:21b8:1a00:2:53b2:240:93a1
2600:9000:21b8:5400:1e:d7b:ca80:93a1
2606:4700::6810:7aaf
2606:4700::6811:180e
2606:4700::6812:1243
2606:4700::6812:1c26
2606:4700::6812:aa72
2606:4700:e6::ac40:c726
2607:f8b0:4004:c0b::9a
2607:f8b0:4020:804::200e
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2008
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2004
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42::729
34.96.71.22
35.190.60.146
8.43.72.98
99.84.160.58
99.84.160.67
99.84.160.83
03692c2d6097d853844cfcbfd1b8bb6fed04c9bb4a3fb85367cc77f9c9ddac92
071f4dc723ecb7a9ee6c13af7a3fc3695e3dfea927bb810bf3104839044844f8
0a57b7a9d4db8df25638f0a5100797c771189117b0dbdc1c9b8c4b4fe8ef73ab
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
0e29fefc515f7329c0b7dcd4d8a7daa33169f1bcb49ebc1dd6f3a6e4d81d7d7c
13f5407c439427a5e1635a408202c605e234c321bd0491fbbe71c62e33fc9496
15ddd5a5ee41cd12c0f2e237dab8fe9dcea2aafc8862a796f1176b4434252e3d
17eb24f59dd5a0918c95c3b0b9da3d981ceb50038efab067ee417e2e4b8ec88e
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
20d3e3cc1340e218d30035033398ccfe72086801df5dfc6fc53d36ec04965a75
22ca5f8cf6163044273a874e9e5b232fbc9e299b6e034aa5d5d8492d79f6bf61
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2ffc1e56f86f5e529cb75ee9449c1d5554da173d868aa742b0ae272c0767cd48
308a9c476c3561fadda0e17654698bd328ee9f4cd743f6a714a784e217ec0b7b
35c79a14032fe93eb9c53fc48b0262d134e6d832d319134b2a2b678c3caf4845
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
424f9ab1c942d26564825e27514245c512fafdaffe48347ae5bb3c5dd46c0a06
499aba5e5d275e137c4032529b1700e88765802fadfa43fc9abe65e6949c43fb
4c5bff1c3936f5e8131a3d58d05972b07e6fa16d015a96c6e3b3ddaa50681964
4d612da165bfae98c86fde27c80b48ee65eabc425f8d2c916f6dca0e09fe02b3
4faa4868440aa2b7f9dcffd1f9864630e9456a6b51a89c4d94a2d3e7f199cba4
579be2cb1d8121390b1bf1c14da3966a2500a751e022b23ef60d97c74f69278a
5a96966887e6fd04a92af3b69a41ed3cceeb8d2c0c28d3db1b13b0edf006bfa2
5c04f966dce6747a987ffb6c89ae5da10192d307d869c16055763ffae6e7b65b
5d1401fd3fe1ff1475b26117e736f8973acfb2d1b884b2e56ac74877c4e1e7c4
5de4b128a933b726d8b2987bb31607134c187abf301c5e288f6e232de26fe925
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61cc855be8d8c7a1f983036ee68a1bd120ae48064ebd4bf2f0ee4dd575e000ee
634f2f767011cf902fb5d85a49dd90705356d2ecc8901b3fff3b429556f8e4cb
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
691f0cf97478768879247b8adaf894e0132ec36c3622483256f6ccc57a03dc56
6a85cb4f69ef025b2b86a217f8e999a8f30f43181f15017115e807dd5b021766
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
74bfd6cab6c8204b1b9a82df0724714101b96af65bc74df3ed192c10471e3323
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7f807d87d420435ed78103b8fef630592835c85b0c75702de969346c41f2f536
81c54beae0eab4ff104e7d4fcff7bb23d7fc58e3553b8a249ec2deafbcfe4182
831775b4daa76992271824cc4d36b27b3f57be781a921e98f7d321540b26f763
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b3d63582f102c09b0569a1c48c09cbfdd5379138c2284db554f52a4a005a46f
8da51e3bcc3fec3653a0e87db60961cf3d2838b9c2e48cd7095ce8b4aef97f34
8de27b221f876e610d82c3f0cf5f6226c3dedd950099c99d09e46eca3b654bc5
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
93af0e7a94874512aa4443f615545a38bf3f7a99ee5679b12a3534cd04cdb2d6
93db2d417656188d33f7299b8613b40c85aa60907badc4cebf612d26051f5023
a06178107bf97df16eab208a794a227d593caffd976ce2f7c90ec85579525855
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a44d8378e3f772fd53978dbdbb9c8fb250b73b03d8d2f071bdbee56316c14c22
a9c89c2a0df62b9bd73d859ae616ffe92cb9e86e1428a1a0fc797418f3e03dd9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c122defc95133653c1be9aa461f8eadb1886dd58c1201e787e26b54c508a357d
c3f0c5bd17ead8dcb853264a2c853c2b6612212c0c17d0742d458412886257f6
c44e841a5d0aa6f55fec6653b7b0a86a98f539af11e9e834ed005d153301a1be
c4d97de65cd9e6bf5ee2724452b46b314480d7d6649f53ee771df32271422b86
d14da0ef8abd879eb8b311bd69c6c9ea26e4ef6a818b25dbd677660bf39df2d1
d15c48611b9c47c0e2f62ccde572a3925911ee9bbbbd47a2f686d294594d07fb
d8e3d242eebc97800755d84b97981d57e57d9d5f9371ee9ae132d2bd5d3a2230
dc7e603e4934e82bfb83acf5e448dbbe8e91326cfaaeab3b47e11ff2f0078d76
dca3221674b09fc5cb87dc0ef816d6b3b692d69a1fd9d952c8a277eb318a7088
ddb06e7a4aa617032f2bdebe1845d4d69010eaf90b19be754fe8985b594e1c47
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e008fb3fac987b5f7c14dd28735cc065e0c65121748b29c2eb5147a982b8428e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fc233b5d46286243977b03290386aaee47d4b1f7597392de4392c980e2a05f
e8fe32e7b0d6f16aa0ea987be8049750b939d671cf4c5c9ae617e48bb4524749
ebe8dc4b16c090303bd55b9b24c185e8bfee559ce9e21a2a0f7b1f3068287749
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4dfeb8629df21ab8939a77ed8c83a0cd69142b66e3bf2d94f1c1284092c40d
f2e156c56c003a75bd87b699945e1cec4f7b07ba44c95bd4e60af0d57594386a
f6eca84fd6469e4423d4d079890fac662412d7cad3a4a416079d62d34a7c7580
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f92c103734d0e349e776ee5fc47c61fb21cb735fec2b7344af0cb61cdc418118
f950adf2ecd56fadc5f7b7a00ac999da072fb26a0c9fb911a3f1874a15d8519d
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fb491e19227b8b37b69d131a62c988490f61ff43f32fb2667037da71c6c83349
fdcd615e5e42e61d1cc28409c7919564cee7896a5a6d30e4815e9a49a2241bad
ff3bd68fac5de3a6dcba74d488725d38bf328bb25234c3182949add82214eb85
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba

www.kroll.com Open in urlscan Pro 2606:4700::6812:1243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

95 %HTTPS

73 %IPv6

27 Domains

36 Subdomains

31 IPs

2 Countries

2716 kBTransfer

6365 kBSize

40 Cookies

17 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.kroll.com Open in urlscan Pro
2606:4700::6812:1243 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

95 %
HTTPS

73 %
IPv6

27
Domains

36
Subdomains

31
IPs

2
Countries

2716 kB
Transfer

6365 kB
Size

40
Cookies

100 HTTP transactions
0 data transactions