restructuring.ra.kroll.com
Open in
urlscan Pro
108.138.7.117
Public Scan
Effective URL: https://restructuring.ra.kroll.com/MallinckrodtTPPTrust/Home-ForgotPassword
Submission: On September 08 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on April 7th 2023. Valid for: a year.
This is the only time restructuring.ra.kroll.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.89.118.35 167.89.118.35 | 11377 (SENDGRID) (SENDGRID) | |
9 | 108.138.7.117 108.138.7.117 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a02:26f0:350... 2a02:26f0:3500:16::215:148f | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2606:4700:e0:... 2606:4700:e0::ac40:660b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a02:26f0:480... 2a02:26f0:480:f::213:7ee1 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
19 | 7 |
ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net
u26247528.ct.sendgrid.net |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-117.fra56.r.cloudfront.net
restructuring.ra.kroll.com |
ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
kroll.com
restructuring.ra.kroll.com — Cisco Umbrella Rank: 512423 |
79 KB |
4 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 536 p.typekit.net — Cisco Umbrella Rank: 690 |
92 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 249 |
29 KB |
2 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1204 |
86 KB |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1977 |
262 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
85 KB |
1 |
sendgrid.net
1 redirects
u26247528.ct.sendgrid.net |
278 B |
19 | 7 |
Domain | Requested by | |
---|---|---|
9 | restructuring.ra.kroll.com |
restructuring.ra.kroll.com
|
3 | use.typekit.net |
restructuring.ra.kroll.com
use.typekit.net |
2 | cdnjs.cloudflare.com |
restructuring.ra.kroll.com
|
2 | use.fontawesome.com |
restructuring.ra.kroll.com
use.fontawesome.com |
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | p.typekit.net |
use.typekit.net
|
1 | www.googletagmanager.com |
restructuring.ra.kroll.com
|
1 | u26247528.ct.sendgrid.net | 1 redirects |
19 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
kroll.com |
www.kroll.com |
twitter.com |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ra.kroll.com Amazon RSA 2048 M01 |
2023-04-07 - 2024-03-07 |
a year | crt.sh |
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-14 - 2023-10-15 |
a year | crt.sh |
use.fontawesome.com GTS CA 1P5 |
2023-09-01 - 2023-11-30 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://restructuring.ra.kroll.com/MallinckrodtTPPTrust/Home-ForgotPassword
Frame ID: B1E355B547208D8CCDB486E0D0B83AFD
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Kroll Restructuring AdministrationPage URL History Show full URLs
-
https://u26247528.ct.sendgrid.net/ls/click?upn=6XOoDlyE6i41LJEyQM8-2F0AAfBJSX7DwPaN3Xllin8FDwWKOdsjSsFJtb7VYDC...
HTTP 302
https://restructuring.ra.kroll.com/MallinckrodtTPPTrust/Home-ForgotPassword Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Typekit (Font Scripts) Expand
Detected patterns
- <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: <img src="/images/pccw/prime-clerk-logo-rgb.png" alt="">
Search URL Search Domain Scan URL
Title: team
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://u26247528.ct.sendgrid.net/ls/click?upn=6XOoDlyE6i41LJEyQM8-2F0AAfBJSX7DwPaN3Xllin8FDwWKOdsjSsFJtb7VYDC6JD6RnbpA0X3WC1iq2b55ltIl-2BXeKouSzfpy8pxcMcTIMDkWIzs7B1bECuSk6dN5zjeBfK4_gNEsV37htOoy7bx6mcYot1s49GZ68fp3dQDoZE3sDt3-2FSoD4Hza9qZQ8LXe4nat-2BBy99o2UacmQl3tszS4U1xn4AML41qUaAJF3HbFQHFqeUAzqRzbOK6Kz7-2B0a8XWbLP9jHkvFzg081w6KsFz1wOtey3a0qlua-2FNmcWLac-2FI-2Fgzt34Yebyh5DbvGGu2Odcwn-2Boqijd02QBkcboA8VzNZqjL3pmkee0BaI7Pc0eQPXnIl31yQNd5G-2FUbWwIFt6JC-2Fl3TgU0XRppGRrk2aRc05Sni-2B5WIpf7S7woIzqSSQcHvcxiJqHckJlJybJjfk1az1rea1fFKk92KVdcy-2Ftjq9aEskyJW-2FgxxLnAbZYV4bTMQcWwCU7ptvReOyEiErCdKQ-2FKmsFDcCBNgUWf-2Bct5i7ACu1CfPDfH4Hn4kM8Qkwphb634od4TMKXFndLXgA5l9RaoEF15QZh-2FS84TawCpUIj-2FnHCtxirMAXru7rBZ5c6IhTariB1JfbPmlyl6LloY9vZU2qVMb9uQyeb-2B0yzOtDJbq3zgEsM-2FMHxh7zOsg2tlBbgotdLmIh3CX3b5OtO-2F8VAv0-2F3R0Xpkg5yGuqtZVbFaIfZjsXLe-2F6iza9q6km-2FchjNtbojdrgAh0ATk-2BrkoFgqjkihq8ukFHXAl3oYXoWTeWEiU3KoLDHdw1z0TzW2FjDYDTdnfAQwWLnXlNZu10wBU1yhUZT4IWw2NstCtDbKl4BG-2BuJpgLLqRKuBpXJ1ZQpd53urIEL-2F3GTZanCOUXNzbBuURpc7VhVFPdykFHJtjBp2ANzyDW9KJPiKtxO6kt9mJyWn6F6dZN02dK9vAPp6ETmvLOn-2BLReTURZxjtNIT-2FAEJfsjU4Pq0Utkldjv8PsoZgD18EQsdOh0HMHeeSpwPICTee2a03J2NcLhMa5IIsGan2wZo35X-2BXh7cK6y5ql8GscpDhrdL2vUuRJ2LdjOZ0V6s1fA-2BtgMxtFigr4YPk1uoPN4CF8OTsu-2B6Z0chhVRGdvC8oeboNwwvQl3pI
HTTP 302
https://restructuring.ra.kroll.com/MallinckrodtTPPTrust/Home-ForgotPassword Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Home-ForgotPassword
restructuring.ra.kroll.com/MallinckrodtTPPTrust/ Redirect Chain
|
11 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sxt5qdw.css
use.typekit.net/ |
2 KB 870 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.10.0/css/ |
55 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
restructuring.ra.kroll.com/Content/css/ |
215 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-protectedcase.css
restructuring.ra.kroll.com/Content/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
headroom.min.js
cdnjs.cloudflare.com/ajax/libs/headroom/0.9.4/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chosen.jquery.min.js
restructuring.ra.kroll.com/Scripts/js/vendor/ |
29 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
outdatedbrowser.min.css
restructuring.ra.kroll.com/Content/css/plugins/outdatedbrowser/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
249 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KROLL_LOGO_KNOCKOUT.svg
restructuring.ra.kroll.com/images/pccw/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
outdatedbrowser.js
restructuring.ra.kroll.com/Scripts/js/plugins/outdatedbrowser/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prod.js
restructuring.ra.kroll.com/Scripts/js/ |
77 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.js
restructuring.ra.kroll.com/Scripts/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 172 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/99cda7/000000000000000000013631/27/ |
53 KB 53 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
use.fontawesome.com/releases/v5.10.0/webfonts/ |
73 KB 74 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/9d033e/000000000000000000013633/27/ |
38 KB 38 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 262 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery function| Headroom function| gtag object| dataLayer undefined| footerWindow function| openTerms function| openPrivacyNotes function| slidemsg function| outdatedBrowser object| google_tag_manager object| google_tag_data object| gaGlobal function| clamp object| elHighlights7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
restructuring.ra.kroll.com/ | Name: AWSALBTG Value: Z0kPGjwPRM/wA02+ZlASCjCIZ9K1BpJ0sPz6TeMUwAvylzqY2okwlgtEhu7avsZSwXPQyOESXpIYZ8FwfHhBGRrNEFWHm9MEdLlky9JTc2og9YXkllmRUbtCLrS41Me7F6AI5wNGkjgy4FssCytNX0yVrPy/LinQxDAdg8jiX68m |
|
restructuring.ra.kroll.com/ | Name: AWSALBTGCORS Value: Z0kPGjwPRM/wA02+ZlASCjCIZ9K1BpJ0sPz6TeMUwAvylzqY2okwlgtEhu7avsZSwXPQyOESXpIYZ8FwfHhBGRrNEFWHm9MEdLlky9JTc2og9YXkllmRUbtCLrS41Me7F6AI5wNGkjgy4FssCytNX0yVrPy/LinQxDAdg8jiX68m |
|
restructuring.ra.kroll.com/ | Name: AWSALB Value: HuyiIe8ogXOShRpudts6fEcWy2sTBJ09Vuf9D+IDBYh9UvAgCL4lj4IT1/xCcXW/dC5EDBYARB4uY787n7jBeGTYSrZrrE3Mn5JuWusKYPJBrSx7uYF3klAjc2es |
|
restructuring.ra.kroll.com/ | Name: AWSALBCORS Value: HuyiIe8ogXOShRpudts6fEcWy2sTBJ09Vuf9D+IDBYh9UvAgCL4lj4IT1/xCcXW/dC5EDBYARB4uY787n7jBeGTYSrZrrE3Mn5JuWusKYPJBrSx7uYF3klAjc2es |
|
restructuring.ra.kroll.com/ | Name: psi Value: 4785b054-a91e-4232-823f-ffb4c9d283c0 |
|
.kroll.com/ | Name: _ga_D5N0JEWGPF Value: GS1.1.1694211906.1.0.1694211906.0.0.0 |
|
.kroll.com/ | Name: _ga Value: GA1.1.1618469615.1694211907 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | img-src 'self' *.b2c.com https://dmp.truoptik.com/ https://uipglob.semasio.net/ https://c1.adform.net/ https://odr.mookie1.com/ https://loadm.exelator.com/ https://x.bidswitch.net/ https://insight.adsrvr.org/ s3.amazonaws.com/PrimeClerk-Public/ primeclerk.com kroll.com *.primeclerk.com *.kroll.com *.krollbusinessservices.com *.lpsnmedia.net *.gstatic.com *.google.com *.google-analytics.com *.doubleclick.net *.googleapis.com data:; script-src 'self' *.b2c.com *.list-manage.com *.s3.amazonaws.com *.captcha.com *.lpsnmedia.net *.liveperson.net https://cdnjs.cloudflare.com *.google-analytics.com *.translate.google.com *.gstatic.com *.google.com *.code.jquery.com *.liveperson.net *.maps.googleapis.com 'unsafe-eval' *.primeclerk.com *.kroll.com 'unsafe-inline' *.adobesign.com *.echosign.com https://code.jquery.com *.google.com *.translate.google.com https://translate.googleapis.com *.googleapis.com *.liveperson.net *.google-analytics.com https://maps.googleapis.com *.lpsnmedia.net https://s3.amazonaws.com *.googletagmanager.com; style-src 'self' *.cloudflare.com *.typekit.net *.fontawesome.com *.googleapis.com 'unsafe-inline' https://cdnjs.cloudflare.com *.typekit.net *.fontawesome.com *.gstatic.com data:; font-src 'self' *.typekit.net *.fontawesome.com *.gstatic.com data:; frame-src *.kroll.com *.adobesign.com *.echosign.com *.lpsnmedia.net *.liveperson.net *.google.com; media-src *.lpsnmedia.net; |
Strict-Transport-Security | max-age=63072000; includeSubdomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
p.typekit.net
region1.google-analytics.com
restructuring.ra.kroll.com
u26247528.ct.sendgrid.net
use.fontawesome.com
use.typekit.net
www.googletagmanager.com
108.138.7.117
167.89.118.35
2001:4860:4802:32::36
2606:4700::6811:190e
2606:4700:e0::ac40:660b
2a00:1450:4001:80b::2008
2a02:26f0:3500:16::215:148f
2a02:26f0:480:f::213:7ee1
0c024d2a256d2b5d006aee9e2d2995ce1dc7c2bbaa51d284f6218f6b2784e31c
0c9142d64a8885e954464bb36b402f61a97947132da732e3161b275487ae93e5
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
28d7d392ca7ff8f726249d28c1da3cc812e2fd254c42b1ff3cd3e6db99d1fe92
32abdb2da214f19fa27b7e2f1c32cea355364a136738e45ed25ff67d899331b6
4bdae60271274001f123ad459a614da1dd86da4c80364eddeeda1a2e117e86fe
777b55b28af23b9ac63eee51cc9695265b7b428c700dac94c3a680230a255add
7b77a6e544b92dcdc624a80f1513a3a05923525adbac315aba153a65a75c172a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
936b8240dbf28ebe4b7a724ae4f541c66de3470fc92bca5e95ed70fc4858558e
957fc6e5e2e5d23f1ba5c1c3c9efdf39a23849b56ef9b0fc2f5e990c69614c72
a774ee730b4a9ec7ec5df93b7a447235c67364b570a65a59e2a5779eaed22b43
a94a13d4e9df8dc2bc696a168930cd511f83498136bba3bb0b968d7556f0b807
bb11dabdbe11e641b8bb37438cefb4de520fbe8f1a0729545b91bb8fbdc8ab49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63029eaeb84b1833f232e1ea8b154f8be012530fd36db38dccabbf21705d17b
ea2998835713562208a236e788094cbfca9ca8e05af77908b92baa3d1e65ef19
f6290b07aebda589e4a57590e4767af4b8f6839df3b54ee4c5372759d04fe374
fe85646af222500a866fd63beedb6ae00576c4afab4e0d28b15d9d6d92cb7da5