Submitted URL: http://rmrgroup.predictap.com/
Effective URL: https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redirect_uri=http%3A%2F%...
Submission: On March 24 via manual from US — Scanned from DE

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 32 HTTP transactions. The main IP is 52.207.48.31, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is auth-us3.predictap.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 23rd 2023. Valid for: 6 months.
This is the only time auth-us3.predictap.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 34.230.222.81 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
4 151.101.194.217 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 52.20.90.27 14618 (AMAZON-AES)
14 52.207.48.31 14618 (AMAZON-AES)
1 13.248.151.210 16509 (AMAZON-02)
1 2a0b:4d07:102::1 44239 (PROINITY ...)
32 9
Apex Domain
Subdomains
Transfer
19 predictap.com
rmrgroup.predictap.com
auth-us3.predictap.com
3 MB
7 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 1470
events.launchdarkly.com — Cisco Umbrella Rank: 1155
clientstream.launchdarkly.com — Cisco Umbrella Rank: 1254
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 q4cdn.com
s21.q4cdn.com — Cisco Umbrella Rank: 104261
7 KB
1 lr-in-prod.com
cdn.lr-in-prod.com — Cisco Umbrella Rank: 13640
163 KB
0 segment.com Failed
cdn.segment.com Failed
32 6
Domain Requested by
14 auth-us3.predictap.com rmrgroup.predictap.com
auth-us3.predictap.com
5 rmrgroup.predictap.com rmrgroup.predictap.com
4 app.launchdarkly.com rmrgroup.predictap.com
2 events.launchdarkly.com rmrgroup.predictap.com
2 fonts.googleapis.com rmrgroup.predictap.com
auth-us3.predictap.com
1 s21.q4cdn.com auth-us3.predictap.com
1 clientstream.launchdarkly.com
1 cdn.lr-in-prod.com rmrgroup.predictap.com
0 cdn.segment.com Failed rmrgroup.predictap.com
32 9

This site contains links to these domains. Also see Links.

Domain
rmrgroup.predictap.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-09-28 -
2023-10-30
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-13 -
2024-03-12
a year crt.sh
events.launchdarkly.com
Amazon RSA 2048 M01
2023-02-28 -
2023-09-16
7 months crt.sh
*.predictap.com
Amazon RSA 2048 M01
2023-02-23 -
2023-08-19
6 months crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M02
2023-02-10 -
2023-10-07
8 months crt.sh
s21.q4cdn.com
R3
2023-02-04 -
2023-05-05
3 months crt.sh

This page contains 2 frames:

Primary Page: https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redirect_uri=http%3A%2F%2Frmrgroup.predictap.com%2Finvoices&state=f47dbc13-ea39-48de-823c-f37a697b4b75&response_mode=fragment&response_type=code&scope=openid&nonce=6bb04c7f-cb0e-459e-8bcc-5613f2dff330&code_challenge=mygEKybhNpVpUz1KHG91GkQXaRl_08gvrmilUdcXLes&code_challenge_method=S256
Frame ID: 458361E5EF9EA00D165F65D8A09A2B39
Requests: 27 HTTP requests in this frame

Frame: https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/3p-cookies/step2.html
Frame ID: F8F4F2490A336AF099A003028A0881BA
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Sign in to The RMR Group

Page URL History Show full URLs

  1. http://rmrgroup.predictap.com/ Page URL
  2. https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Page Statistics

32
Requests

78 %
HTTPS

38 %
IPv6

6
Domains

9
Subdomains

9
IPs

3
Countries

3171 kB
Transfer

5809 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rmrgroup.predictap.com/ Page URL
  2. https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redirect_uri=http%3A%2F%2Frmrgroup.predictap.com%2Finvoices&state=f47dbc13-ea39-48de-823c-f37a697b4b75&response_mode=fragment&response_type=code&scope=openid&nonce=6bb04c7f-cb0e-459e-8bcc-5613f2dff330&code_challenge=mygEKybhNpVpUz1KHG91GkQXaRl_08gvrmilUdcXLes&code_challenge_method=S256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
rmrgroup.predictap.com/
4 KB
4 KB
Document
General
Full URL
http://rmrgroup.predictap.com/
Protocol
HTTP/1.1
Server
34.230.222.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-222-81.compute-1.amazonaws.com
Software
/
Resource Hash
0e031196736f159e5699ab891679cba015294ea09a295ccaa3e359b022d7f2ad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
4066
Content-Type
text/html
Date
Fri, 24 Mar 2023 10:21:02 GMT
ETag
"641b4834-fe2"
Last-Modified
Wed, 22 Mar 2023 18:25:56 GMT
css2
fonts.googleapis.com/
3 KB
907 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500
Requested by
Host: rmrgroup.predictap.com
URL: http://rmrgroup.predictap.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b1008aa2cdbe3e55541b4a63d27a0a2c693fc0a938dcc1b40ff7f7a3378ea18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://rmrgroup.predictap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Mar 2023 10:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 10:21:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Mar 2023 10:21:02 GMT
config.js
rmrgroup.predictap.com/
61 B
199 B
Script
General
Full URL
http://rmrgroup.predictap.com/config.js
Requested by
Host: rmrgroup.predictap.com
URL: http://rmrgroup.predictap.com/
Protocol
HTTP/1.1
Server
34.230.222.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-222-81.compute-1.amazonaws.com
Software
/
Resource Hash
991f499db7458929d596145218eb25f824c44eeca424007c608d1d6c488a2188

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://rmrgroup.predictap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 10:21:02 GMT
Connection
keep-alive
Content-Length
61
Content-Type
application/javascript
index.47edc0ea.js
rmrgroup.predictap.com/assets/
3 MB
3 MB
Script
General
Full URL
http://rmrgroup.predictap.com/assets/index.47edc0ea.js
Requested by
Host: rmrgroup.predictap.com
URL: http://rmrgroup.predictap.com/
Protocol
HTTP/1.1
Server
34.230.222.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-222-81.compute-1.amazonaws.com
Software
/
Resource Hash
aa095ce68fe9c310180dfbb1abc30f0be77001aa2baee9f81155f3ac88385e2b

Request headers

Referer
http://rmrgroup.predictap.com/
Origin
http://rmrgroup.predictap.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 10:21:02 GMT
Last-Modified
Wed, 22 Mar 2023 18:25:57 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
"641b4835-29e290"
Content-Length
2744976
Content-Type
application/javascript
index.8e333b62.css
rmrgroup.predictap.com/assets/
2 KB
3 KB
Stylesheet
General
Full URL
http://rmrgroup.predictap.com/assets/index.8e333b62.css
Requested by
Host: rmrgroup.predictap.com
URL: http://rmrgroup.predictap.com/
Protocol
HTTP/1.1
Server
34.230.222.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-222-81.compute-1.amazonaws.com
Software
/
Resource Hash
8e333b62016d50e7d676efe9d712f9b3200ad49871e3b8eeb630cc371d5ecdc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://rmrgroup.predictap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 10:21:02 GMT
Last-Modified
Wed, 22 Mar 2023 18:25:56 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
"641b4834-955"
Content-Length
2389
Content-Type
text/css
6346d1a3f5900315b70a01a0
app.launchdarkly.com/sdk/goals/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/goals/6346d1a3f5900315b70a01a0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
http://rmrgroup.predictap.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 24 Mar 2023 10:21:04 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230024-FRA
x-timer
S1679653264.009061,VS0,VE353
logger-1.min.js
cdn.lr-in-prod.com/
819 KB
163 KB
Script
General
Full URL
https://cdn.lr-in-prod.com/logger-1.min.js
Requested by
Host: rmrgroup.predictap.com
URL: http://rmrgroup.predictap.com/assets/index.47edc0ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:41c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ef06c95cc0871401f8fa12a01d8ad8788e836ccfdadc1450ee76df4d85dde1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://rmrgroup.predictap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:03 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
last-modified
Thu, 23 Mar 2023 22:48:23 GMT
server
cloudflare
x-timer
S1679611885.191089,VS0,VE1
etag
W/"de58edb15f4c97188180bc67e7188c48456365b3288d91530ca8e0c5f8f50cd8"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0EfhJo6XEES%2F2GxvFP9axUXfhJvwMxEhUL2KOM9dAFd26gs%2FZwS1itUwFfsk2ZBId4c7EDDDpR17Yo6wA2eViGjKyfzJjG0hItkr4yaSSxbjd4QRHZQJxU80RODxkkKB8sbRYANNDR45mclHA%2F217Hc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
7ace2f635da03838-FRA
x-cache-hits
1
6346d1a3f5900315b70a01a0
app.launchdarkly.com/sdk/goals/
2 B
178 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/goals/6346d1a3f5900315b70a01a0
Requested by
Host: rmrgroup.predictap.com
URL: http://rmrgroup.predictap.com/assets/index.47edc0ea.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://rmrgroup.predictap.com/
X-LaunchDarkly-Wrapper
react-client-sdk/2.29.2
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Fri, 24 Mar 2023 10:21:04 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
MISS
content-length
26
x-served-by
cache-fra-eddf8230024-FRA
x-timer
S1679653264.369991,VS0,VE119
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
0
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6Ijk0ZjQ3MDYwLWNhMmQtMTFlZC05YTYwLWI1ZmYzODMwMjYxNSJ9
app.launchdarkly.com/sdk/evalx/6346d1a3f5900315b70a01a0/users/
830 B
603 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/evalx/6346d1a3f5900315b70a01a0/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6Ijk0ZjQ3MDYwLWNhMmQtMTFlZC05YTYwLWI1ZmYzODMwMjYxNSJ9
Requested by
Host: rmrgroup.predictap.com
URL: http://rmrgroup.predictap.com/assets/index.47edc0ea.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
24092e05b08a53a9d88b1f273db65fd54bf4a3043fecc064e8b642c3ff978e1e

Request headers

Referer
http://rmrgroup.predictap.com/
X-LaunchDarkly-Wrapper
react-client-sdk/2.29.2
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:04 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
230
x-served-by
cache-fra-eddf8230071-FRA, cache-fra-eddf8230024-FRA
x-timer
S1679653264.375418,VS0,VE515
etag
"70dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
0
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6Ijk0ZjQ3MDYwLWNhMmQtMTFlZC05YTYwLWI1ZmYzODMwMjYxNSJ9
app.launchdarkly.com/sdk/evalx/6346d1a3f5900315b70a01a0/users/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/evalx/6346d1a3f5900315b70a01a0/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6Ijk0ZjQ3MDYwLWNhMmQtMTFlZC05YTYwLWI1ZmYzODMwMjYxNSJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
http://rmrgroup.predictap.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 24 Mar 2023 10:21:04 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230024-FRA
x-timer
S1679653264.009411,VS0,VE358
stream
rmrgroup.predictap.com/api/v1/sse/
0
0
EventSource
General
Full URL
http://rmrgroup.predictap.com/api/v1/sse/stream?stream_invoice_upload_activity&stream_invoice_activity&stream_docusign_activity
Requested by
Host: rmrgroup.predictap.com
URL: http://rmrgroup.predictap.com/
Protocol
HTTP/1.1
Server
34.230.222.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-222-81.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
http://rmrgroup.predictap.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 10:21:04 GMT
cache-control
no-cache
Connection
keep-alive
transfer-encoding
chunked
Content-Type
text/event-stream
94e4e6f6-f020-485e-88d8-45b96073e517
http://rmrgroup.predictap.com/
455 KB
0
Other
General
Full URL
blob:http://rmrgroup.predictap.com/94e4e6f6-f020-485e-88d8-45b96073e517
Requested by
Host: rmrgroup.predictap.com
URL: http://rmrgroup.predictap.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
806f364357b42872a9324cf4013990b38e6ee96b5c236ff2bc20c952af02ea64

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://rmrgroup.predictap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Length
465641
Content-Type
6346d1a3f5900315b70a01a0
events.launchdarkly.com/events/diagnostic/
0
344 B
XHR
General
Full URL
https://events.launchdarkly.com/events/diagnostic/6346d1a3f5900315b70a01a0
Requested by
Host: rmrgroup.predictap.com
URL: http://rmrgroup.predictap.com/assets/index.47edc0ea.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.90.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-90-27.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://rmrgroup.predictap.com/
X-LaunchDarkly-Wrapper
react-client-sdk/2.29.2
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Mar 2023 10:21:04 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
6346d1a3f5900315b70a01a0
events.launchdarkly.com/events/diagnostic/ Frame
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/diagnostic/6346d1a3f5900315b70a01a0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.90.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-90-27.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
http://rmrgroup.predictap.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Fri, 24 Mar 2023 10:21:04 GMT
strict-transport-security
max-age=31536000
analytics.min.js
cdn.segment.com/analytics.js/v1/folcZP89t6bEYL4oQPZkFVCuFBKWeirB/
0
0

step1.html
auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/3p-cookies/ Frame F8F4
757 B
1 KB
Document
General
Full URL
https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/3p-cookies/step1.html
Requested by
Host: rmrgroup.predictap.com
URL: http://rmrgroup.predictap.com/assets/index.47edc0ea.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.48.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-48-31.compute-1.amazonaws.com
Software
/
Resource Hash
669a31a113b7353d324d3b19ad3181cd33116c691b1aeb130823848bd7b52dd1
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://rmrgroup.predictap.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate, no-transform, no-store
content-length
757
content-security-policy
frame-src 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Fri, 24 Mar 2023 10:21:05 GMT
p3p
CP="This is not a P3P policy!"
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-robots-tag
none
x-xss-protection
1; mode=block
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6Ijk0ZjQ3MDYwLWNhMmQtMTFlZC05YTYwLWI1ZmYzODMwMjYxNSJ9
clientstream.launchdarkly.com/eval/6346d1a3f5900315b70a01a0/
851 B
0
EventSource
General
Full URL
https://clientstream.launchdarkly.com/eval/6346d1a3f5900315b70a01a0/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6Ijk0ZjQ3MDYwLWNhMmQtMTFlZC05YTYwLWI1ZmYzODMwMjYxNSJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.151.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
http://rmrgroup.predictap.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:05 GMT
strict-transport-security
max-age=31536000
ld-region
eu-west-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-content-length
1016
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
step2.html
auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/3p-cookies/ Frame F8F4
442 B
775 B
Document
General
Full URL
https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/3p-cookies/step2.html
Requested by
Host: auth-us3.predictap.com
URL: https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/3p-cookies/step1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.48.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-48-31.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate, no-transform, no-store
content-length
442
content-security-policy
frame-src 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Fri, 24 Mar 2023 10:21:05 GMT
p3p
CP="This is not a P3P policy!"
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-robots-tag
none
x-xss-protection
1; mode=block
Primary Request auth
auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/
2 KB
2 KB
Document
General
Full URL
https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redirect_uri=http%3A%2F%2Frmrgroup.predictap.com%2Finvoices&state=f47dbc13-ea39-48de-823c-f37a697b4b75&response_mode=fragment&response_type=code&scope=openid&nonce=6bb04c7f-cb0e-459e-8bcc-5613f2dff330&code_challenge=mygEKybhNpVpUz1KHG91GkQXaRl_08gvrmilUdcXLes&code_challenge_method=S256
Requested by
Host: rmrgroup.predictap.com
URL: http://rmrgroup.predictap.com/assets/index.47edc0ea.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.48.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-48-31.compute-1.amazonaws.com
Software
/
Resource Hash
a762556b5c58b8995dc1347d21bd36bc719107671f4846c88940113761ef9c2b
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://rmrgroup.predictap.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-language
en
content-length
2197
content-security-policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Fri, 24 Mar 2023 10:21:05 GMT
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
none
x-xss-protection
1; mode=block
base.css
auth-us3.predictap.com/resources/gfilc/common/keycloak/web_modules/@patternfly/react-core/dist/styles/
42 KB
6 KB
Stylesheet
General
Full URL
https://auth-us3.predictap.com/resources/gfilc/common/keycloak/web_modules/@patternfly/react-core/dist/styles/base.css
Requested by
Host: auth-us3.predictap.com
URL: https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redirect_uri=http%3A%2F%2Frmrgroup.predictap.com%2Finvoices&state=f47dbc13-ea39-48de-823c-f37a697b4b75&response_mode=fragment&response_type=code&scope=openid&nonce=6bb04c7f-cb0e-459e-8bcc-5613f2dff330&code_challenge=mygEKybhNpVpUz1KHG91GkQXaRl_08gvrmilUdcXLes&code_challenge_method=S256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.48.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-48-31.compute-1.amazonaws.com
Software
/
Resource Hash
4891821ebc2db4c531ab849f7ce3231cde07f577c15656d7e0ace02e15f047ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
content-length
6133
x-xss-protection
1; mode=block
app.css
auth-us3.predictap.com/resources/gfilc/common/keycloak/web_modules/@patternfly/react-core/dist/styles/
1 MB
112 KB
Stylesheet
General
Full URL
https://auth-us3.predictap.com/resources/gfilc/common/keycloak/web_modules/@patternfly/react-core/dist/styles/app.css
Requested by
Host: auth-us3.predictap.com
URL: https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redirect_uri=http%3A%2F%2Frmrgroup.predictap.com%2Finvoices&state=f47dbc13-ea39-48de-823c-f37a697b4b75&response_mode=fragment&response_type=code&scope=openid&nonce=6bb04c7f-cb0e-459e-8bcc-5613f2dff330&code_challenge=mygEKybhNpVpUz1KHG91GkQXaRl_08gvrmilUdcXLes&code_challenge_method=S256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.48.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-48-31.compute-1.amazonaws.com
Software
/
Resource Hash
686e99384a0589e2852a0a1401f20b1378b360e1b2a7f35c04ccd060d88adc24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
x-xss-protection
1; mode=block
patternfly.min.css
auth-us3.predictap.com/resources/gfilc/common/keycloak/node_modules/patternfly/dist/css/
178 KB
31 KB
Stylesheet
General
Full URL
https://auth-us3.predictap.com/resources/gfilc/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Requested by
Host: auth-us3.predictap.com
URL: https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redirect_uri=http%3A%2F%2Frmrgroup.predictap.com%2Finvoices&state=f47dbc13-ea39-48de-823c-f37a697b4b75&response_mode=fragment&response_type=code&scope=openid&nonce=6bb04c7f-cb0e-459e-8bcc-5613f2dff330&code_challenge=mygEKybhNpVpUz1KHG91GkQXaRl_08gvrmilUdcXLes&code_challenge_method=S256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.48.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-48-31.compute-1.amazonaws.com
Software
/
Resource Hash
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
x-xss-protection
1; mode=block
patternfly-additions.min.css
auth-us3.predictap.com/resources/gfilc/common/keycloak/node_modules/patternfly/dist/css/
220 KB
30 KB
Stylesheet
General
Full URL
https://auth-us3.predictap.com/resources/gfilc/common/keycloak/node_modules/patternfly/dist/css/patternfly-additions.min.css
Requested by
Host: auth-us3.predictap.com
URL: https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redirect_uri=http%3A%2F%2Frmrgroup.predictap.com%2Finvoices&state=f47dbc13-ea39-48de-823c-f37a697b4b75&response_mode=fragment&response_type=code&scope=openid&nonce=6bb04c7f-cb0e-459e-8bcc-5613f2dff330&code_challenge=mygEKybhNpVpUz1KHG91GkQXaRl_08gvrmilUdcXLes&code_challenge_method=S256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.48.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-48-31.compute-1.amazonaws.com
Software
/
Resource Hash
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
x-xss-protection
1; mode=block
pficon.css
auth-us3.predictap.com/resources/gfilc/common/keycloak/lib/pficon/
577 B
555 B
Stylesheet
General
Full URL
https://auth-us3.predictap.com/resources/gfilc/common/keycloak/lib/pficon/pficon.css
Requested by
Host: auth-us3.predictap.com
URL: https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redirect_uri=http%3A%2F%2Frmrgroup.predictap.com%2Finvoices&state=f47dbc13-ea39-48de-823c-f37a697b4b75&response_mode=fragment&response_type=code&scope=openid&nonce=6bb04c7f-cb0e-459e-8bcc-5613f2dff330&code_challenge=mygEKybhNpVpUz1KHG91GkQXaRl_08gvrmilUdcXLes&code_challenge_method=S256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.48.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-48-31.compute-1.amazonaws.com
Software
/
Resource Hash
81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
content-length
323
x-xss-protection
1; mode=block
login.css
auth-us3.predictap.com/resources/gfilc/login/predictap/css/
10 KB
3 KB
Stylesheet
General
Full URL
https://auth-us3.predictap.com/resources/gfilc/login/predictap/css/login.css
Requested by
Host: auth-us3.predictap.com
URL: https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redirect_uri=http%3A%2F%2Frmrgroup.predictap.com%2Finvoices&state=f47dbc13-ea39-48de-823c-f37a697b4b75&response_mode=fragment&response_type=code&scope=openid&nonce=6bb04c7f-cb0e-459e-8bcc-5613f2dff330&code_challenge=mygEKybhNpVpUz1KHG91GkQXaRl_08gvrmilUdcXLes&code_challenge_method=S256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.48.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-48-31.compute-1.amazonaws.com
Software
/
Resource Hash
3b1bb09f65428eb08efc361c2dbc05b3993a8b1cc2f3301e1a15c3f4523d31c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
content-length
2714
x-xss-protection
1; mode=block
fonts.css
auth-us3.predictap.com/resources/gfilc/login/predictap/css/
71 B
322 B
Stylesheet
General
Full URL
https://auth-us3.predictap.com/resources/gfilc/login/predictap/css/fonts.css
Requested by
Host: auth-us3.predictap.com
URL: https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redirect_uri=http%3A%2F%2Frmrgroup.predictap.com%2Finvoices&state=f47dbc13-ea39-48de-823c-f37a697b4b75&response_mode=fragment&response_type=code&scope=openid&nonce=6bb04c7f-cb0e-459e-8bcc-5613f2dff330&code_challenge=mygEKybhNpVpUz1KHG91GkQXaRl_08gvrmilUdcXLes&code_challenge_method=S256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.48.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-48-31.compute-1.amazonaws.com
Software
/
Resource Hash
7805e1daef55a648e5486b176cb5cbc2e93bc83361bef174f23c9930428206a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
content-length
91
x-xss-protection
1; mode=block
predictap.css
auth-us3.predictap.com/resources/gfilc/login/predictap/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://auth-us3.predictap.com/resources/gfilc/login/predictap/css/predictap.css
Requested by
Host: auth-us3.predictap.com
URL: https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redirect_uri=http%3A%2F%2Frmrgroup.predictap.com%2Finvoices&state=f47dbc13-ea39-48de-823c-f37a697b4b75&response_mode=fragment&response_type=code&scope=openid&nonce=6bb04c7f-cb0e-459e-8bcc-5613f2dff330&code_challenge=mygEKybhNpVpUz1KHG91GkQXaRl_08gvrmilUdcXLes&code_challenge_method=S256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.48.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-48-31.compute-1.amazonaws.com
Software
/
Resource Hash
9bfb795fb781f589347de7d863572342c6d19258dfa9a5836aea6f2957174d58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
content-length
955
x-xss-protection
1; mode=block
rmr-logo.png
s21.q4cdn.com/317921054/files/design/
7 KB
7 KB
Image
General
Full URL
https://s21.q4cdn.com/317921054/files/design/rmr-logo.png
Requested by
Host: auth-us3.predictap.com
URL: https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redirect_uri=http%3A%2F%2Frmrgroup.predictap.com%2Finvoices&state=f47dbc13-ea39-48de-823c-f37a697b4b75&response_mode=fragment&response_type=code&scope=openid&nonce=6bb04c7f-cb0e-459e-8bcc-5613f2dff330&code_challenge=mygEKybhNpVpUz1KHG91GkQXaRl_08gvrmilUdcXLes&code_challenge_method=S256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
161f98d236e699c32f2d74018feee69539bf51713bac8e04c09912f6980178ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:05 GMT
last-modified
Thu, 27 Oct 2016 11:05:24 GMT
server
keycdn-engine
x-amz-request-id
2DPYNQQGP7ZYR5DF
x-edge-location
defr
etag
"66b658ff96e97a5ffa69a113a5e31d39"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
7103
x-amz-id-2
ypLYmzVucA1CdBq2JPydBoe/qLdQirUdBt6YA2hmvOykQmXqYfWvLRrOVDDtWyY/3vrC+jvhB6s=
expires
Fri, 24 Mar 2023 11:21:05 GMT
css
fonts.googleapis.com/
2 KB
554 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,500
Requested by
Host: auth-us3.predictap.com
URL: https://auth-us3.predictap.com/resources/gfilc/login/predictap/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5af6bb764a6e23d452c3a11ad647cb8368cb1df2553aeae3696964a2c7397985
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Mar 2023 10:21:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 10:21:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Mar 2023 10:21:06 GMT
logo_text.svg
auth-us3.predictap.com/resources/gfilc/login/predictap/img/
4 KB
2 KB
Image
General
Full URL
https://auth-us3.predictap.com/resources/gfilc/login/predictap/img/logo_text.svg
Requested by
Host: auth-us3.predictap.com
URL: https://auth-us3.predictap.com/resources/gfilc/login/predictap/css/predictap.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.48.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-48-31.compute-1.amazonaws.com
Software
/
Resource Hash
dd11ee5dc24f90944c19c363171a7e8c1b85bf0181b0e9403645bc319e2b0648
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
content-type
image/svg+xml
cache-control
max-age=2592000
content-length
1684
x-xss-protection
1; mode=block
OpenSans-Light-webfont.woff2
auth-us3.predictap.com/resources/gfilc/common/keycloak/node_modules/patternfly/dist/fonts/
62 KB
60 KB
Font
General
Full URL
https://auth-us3.predictap.com/resources/gfilc/common/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.woff2
Requested by
Host: auth-us3.predictap.com
URL: https://auth-us3.predictap.com/resources/gfilc/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.48.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-48-31.compute-1.amazonaws.com
Software
/
Resource Hash
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://auth-us3.predictap.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
content-type
application/octet-stream
cache-control
max-age=2592000
x-xss-protection
1; mode=block
OpenSans-Regular-webfont.woff2
auth-us3.predictap.com/resources/gfilc/common/keycloak/node_modules/patternfly/dist/fonts/
61 KB
59 KB
Font
General
Full URL
https://auth-us3.predictap.com/resources/gfilc/common/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Regular-webfont.woff2
Requested by
Host: auth-us3.predictap.com
URL: https://auth-us3.predictap.com/resources/gfilc/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.48.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-48-31.compute-1.amazonaws.com
Software
/
Resource Hash
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://auth-us3.predictap.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:21:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
content-type
application/octet-stream
cache-control
max-age=2592000
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.segment.com
URL
https://cdn.segment.com/analytics.js/v1/folcZP89t6bEYL4oQPZkFVCuFBKWeirB/analytics.min.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

4 Cookies

Domain/Path Name / Value
auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/3p-cookies Name: KEYCLOAK_3P_COOKIE_SAMESITE
Value: supported
rmrgroup.predictap.com/ Name: _lr_tabs_-wymk9e%2Fproduction
Value: {%22sessionID%22:0%2C%22recordingID%22:%225-ad5e9531-4177-44f4-a238-af5785580a29%22%2C%22lastActivity%22:1679653264925}
rmrgroup.predictap.com/ Name: _lr_hb_-wymk9e%2Fproduction
Value: {%22heartbeat%22:1679653264925}
rmrgroup.predictap.com/ Name: _lr_uf_-wymk9e
Value: 921d3e02-9eb1-4f78-9ddc-8793e18559a5

1 Console Messages

Source Level URL
Text
network error URL: https://auth-us3.predictap.com/realms/rmrgroup/protocol/openid-connect/auth?client_id=predictap-webapp&redirect_uri=http%3A%2F%2Frmrgroup.predictap.com%2Finvoices&state=f47dbc13-ea39-48de-823c-f37a697b4b75&response_mode=fragment&response_type=code&scope=openid&nonce=6bb04c7f-cb0e-459e-8bcc-5613f2dff330&code_challenge=mygEKybhNpVpUz1KHG91GkQXaRl_08gvrmilUdcXLes&code_challenge_method=S256
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
auth-us3.predictap.com
cdn.lr-in-prod.com
cdn.segment.com
clientstream.launchdarkly.com
events.launchdarkly.com
fonts.googleapis.com
rmrgroup.predictap.com
s21.q4cdn.com
cdn.segment.com
13.248.151.210
151.101.194.217
2606:4700:3030::6815:41c3
2a00:1450:4001:828::200a
2a0b:4d07:102::1
34.230.222.81
52.20.90.27
52.207.48.31
0e031196736f159e5699ab891679cba015294ea09a295ccaa3e359b022d7f2ad
12ef06c95cc0871401f8fa12a01d8ad8788e836ccfdadc1450ee76df4d85dde1
161f98d236e699c32f2d74018feee69539bf51713bac8e04c09912f6980178ef
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
24092e05b08a53a9d88b1f273db65fd54bf4a3043fecc064e8b642c3ff978e1e
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
3b1008aa2cdbe3e55541b4a63d27a0a2c693fc0a938dcc1b40ff7f7a3378ea18
3b1bb09f65428eb08efc361c2dbc05b3993a8b1cc2f3301e1a15c3f4523d31c1
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
4891821ebc2db4c531ab849f7ce3231cde07f577c15656d7e0ace02e15f047ed
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5af6bb764a6e23d452c3a11ad647cb8368cb1df2553aeae3696964a2c7397985
669a31a113b7353d324d3b19ad3181cd33116c691b1aeb130823848bd7b52dd1
686e99384a0589e2852a0a1401f20b1378b360e1b2a7f35c04ccd060d88adc24
7805e1daef55a648e5486b176cb5cbc2e93bc83361bef174f23c9930428206a2
806f364357b42872a9324cf4013990b38e6ee96b5c236ff2bc20c952af02ea64
81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd
8e333b62016d50e7d676efe9d712f9b3200ad49871e3b8eeb630cc371d5ecdc8
991f499db7458929d596145218eb25f824c44eeca424007c608d1d6c488a2188
9bfb795fb781f589347de7d863572342c6d19258dfa9a5836aea6f2957174d58
a762556b5c58b8995dc1347d21bd36bc719107671f4846c88940113761ef9c2b
aa095ce68fe9c310180dfbb1abc30f0be77001aa2baee9f81155f3ac88385e2b
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
dd11ee5dc24f90944c19c363171a7e8c1b85bf0181b0e9403645bc319e2b0648
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855