urlscan.io logo urlscan.io
SecurityTrails logo

login.tst.railinc.com Open in urlscan Pro
13.248.236.251  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clearing-house-exercise.tst.railinc.com/
Effective URL: https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa12kdz6awt9roDS0h8&code_challenge=3ro80XnNe...
Submission: On January 04 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 13.248.236.251, located in United States and belongs to AMAZON-02, US. The main domain is login.tst.railinc.com.
TLS certificate: Issued by Thawte TLS RSA CA G1 on November 2nd 2023. Valid for: a year.
This is the only time login.tst.railinc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 18.160.60.127 16509 (AMAZON-02)
4 13.248.236.251 16509 (AMAZON-02)
1 3.163.101.90 16509 (AMAZON-02)
10 3
Apex Domain
Subdomains		 Transfer
9 railinc.com
clearing-house-exercise.tst.railinc.com
login.tst.railinc.com
3 MB
1 oktacdn.com
op1static.oktacdn.com — Cisco Umbrella Rank: 89997
3 KB
10 2
Domain Requested by
5 clearing-house-exercise.tst.railinc.com clearing-house-exercise.tst.railinc.com
4 login.tst.railinc.com clearing-house-exercise.tst.railinc.com
login.tst.railinc.com
1 op1static.oktacdn.com login.tst.railinc.com
10 3

This site contains no links.

Subject Issuer Validity Valid
*.clearing-house-exercise.tst.railinc.com
Amazon RSA 2048 M03		 2024-01-03 -
2025-01-31		 a year crt.sh
login.tst.railinc.com
Thawte TLS RSA CA G1		 2023-11-02 -
2024-12-02		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-15 -
2025-01-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa12kdz6awt9roDS0h8&code_challenge=3ro80XnNeQumPHxQFokHqA7UvfLO3oo3Ih8xtag8iNc&code_challenge_method=S256&nonce=xfpYVIzzayKigrYdJy7YVIEwF1PZXQtX3waerPKrPGxqEPVhCIs8SFhW0kyaHrdf&redirect_uri=https%3A%2F%2Fclearing-house-exercise.tst.railinc.com&response_type=code&state=X6X0sDzo82CXzElA8X0cRa9X3FK0DWWu0huZKO9JEAQ0sb9TcS7iCLed4z24Y3VA&scope=openid%20profile%20email
Frame ID: 39AF384E995210EA1BBB92D8D3D23377
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

test-ssorailinc - Bad Request

Page URL History Show full URLs

  1. https://clearing-house-exercise.tst.railinc.com/ Page URL
  2. https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa12kdz6awt9roDS0h8&code... Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

2805 kB
Transfer

2796 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clearing-house-exercise.tst.railinc.com/ Page URL
  2. https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa12kdz6awt9roDS0h8&code_challenge=3ro80XnNeQumPHxQFokHqA7UvfLO3oo3Ih8xtag8iNc&code_challenge_method=S256&nonce=xfpYVIzzayKigrYdJy7YVIEwF1PZXQtX3waerPKrPGxqEPVhCIs8SFhW0kyaHrdf&redirect_uri=https%3A%2F%2Fclearing-house-exercise.tst.railinc.com&response_type=code&state=X6X0sDzo82CXzElA8X0cRa9X3FK0DWWu0huZKO9JEAQ0sb9TcS7iCLed4z24Y3VA&scope=openid%20profile%20email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
clearing-house-exercise.tst.railinc.com/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clearing-house-exercise.tst.railinc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.60.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-60-127.atl59.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e394b83714e4e69ae691c3653eba47a7e2bd6b2a99e8bded3eeb8e848b0d0b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
21187
content-length
3510
content-type
text/html
date
Wed, 03 Jan 2024 19:02:09 GMT
etag
"3f139fc91613606aaaee622b950c09a2"
last-modified
Thu, 23 Mar 2023 13:09:44 GMT
server
AmazonS3
via
1.1 901cac3bf821e4f6dea13c04dae17082.cloudfront.net (CloudFront)
x-amz-cf-id
wXKEnOG8R2PRfRQxQzXGap5J2Cf-FQk5A7yTKer0taZjogCvnst-TQ==
x-amz-cf-pop
ATL59-P1
x-amz-id-2
8lhidRs0OjwBz09Id/hqKEIUl7gxFlHAJ5CLy1s7zulDiq4hb43R3QrIZOaVRTqUvVmq7RPZYaU=
x-amz-request-id
AQCF90S4S03ANAY9
x-amz-server-side-encryption
AES256
x-amz-version-id
k2ZPKZpgVoG6F.5LKlxkMmna6JOxvUQ.
x-cache
Hit from cloudfront
runtime.273887880cc1e689.js
clearing-house-exercise.tst.railinc.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clearing-house-exercise.tst.railinc.com/runtime.273887880cc1e689.js
Requested by
Host: clearing-house-exercise.tst.railinc.com
URL: https://clearing-house-exercise.tst.railinc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.60.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-60-127.atl59.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e588663dfc6496b78757b77ac14a216d5d6c76e89d440e1e46756ea5a90445f3

Request headers

Referer
https://clearing-house-exercise.tst.railinc.com/
Origin
https://clearing-house-exercise.tst.railinc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:02:09 GMT
x-amz-version-id
eQBBO7qJbcfhcUwczQ13eG5rD5knyX7A
via
1.1 901cac3bf821e4f6dea13c04dae17082.cloudfront.net (CloudFront)
x-amz-request-id
AQCCHP8Y9GETAN0M
x-amz-cf-pop
ATL59-P1
x-amz-server-side-encryption
AES256
age
21187
x-cache
Hit from cloudfront
content-length
3041
x-amz-id-2
z9uQ9RkS7zbcyjBDspO0dJ8wysmUOhOTxK/+pMboHeXYEgA9bSAYiczxrrExhR3LCnl/RdAvjGI=
last-modified
Thu, 23 Mar 2023 13:09:44 GMT
server
AmazonS3
etag
"85951b486a17d16e1eb9114d4d305130"
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
brOIEqRVnPGrBuG50hnSJ9KTPxHsU4yna44xNFeYJsYtv2_VcEgulQ==
polyfills.058aa3ff3efbee04.js
clearing-house-exercise.tst.railinc.com/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clearing-house-exercise.tst.railinc.com/polyfills.058aa3ff3efbee04.js
Requested by
Host: clearing-house-exercise.tst.railinc.com
URL: https://clearing-house-exercise.tst.railinc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.60.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-60-127.atl59.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d79112121d0f60a42d9b924e6bbab840d8a3cc47f509cb293674817711dc070e

Request headers

Referer
https://clearing-house-exercise.tst.railinc.com/
Origin
https://clearing-house-exercise.tst.railinc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:02:09 GMT
x-amz-version-id
UI0b_o02yBTPR.cDTozC7bC2UrcSU2rS
via
1.1 901cac3bf821e4f6dea13c04dae17082.cloudfront.net (CloudFront)
x-amz-request-id
AQC5Q367FW0FF24K
x-amz-cf-pop
ATL59-P1
x-amz-server-side-encryption
AES256
age
21187
x-cache
Hit from cloudfront
content-length
33915
x-amz-id-2
lmzUDUhkv8Dqt/7suE+2S5Pri3Qo3bnnjrAMpLmuTZiiIzlJZ0zMhg+TIZdh46O7UB5ErFagij4=
last-modified
Thu, 23 Mar 2023 13:09:44 GMT
server
AmazonS3
etag
"01b61b61ddca477f9d62f868504b7dc6"
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
vHr5Ud9lfWkEcEOqDnn4mRJQksxyyB5PbECy_gbz77EV0PCvuPsJ5Q==
main.97aea29a28ced69c.js
clearing-house-exercise.tst.railinc.com/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://clearing-house-exercise.tst.railinc.com/main.97aea29a28ced69c.js
Requested by
Host: clearing-house-exercise.tst.railinc.com
URL: https://clearing-house-exercise.tst.railinc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.60.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-60-127.atl59.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fb76e5a86b9d1c0533afe77e16d260fe46e7baaba40a9f885618ede69db3ad0

Request headers

Referer
https://clearing-house-exercise.tst.railinc.com/
Origin
https://clearing-house-exercise.tst.railinc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:02:09 GMT
x-amz-version-id
GLNdGTmOUQTLQhKn4WsMgwhxHq.MoP8T
via
1.1 901cac3bf821e4f6dea13c04dae17082.cloudfront.net (CloudFront)
x-amz-request-id
AQC2SDCP2C86T154
x-amz-cf-pop
ATL59-P1
x-amz-server-side-encryption
AES256
age
21187
x-cache
Hit from cloudfront
content-length
2216481
x-amz-id-2
ckGari79PqzBaSUjoY6tUk/dc/o5uVYskaaRZI7HSMf+DN0wO2C2itQH2FmuM0tW1Bu9KYUj+3E=
last-modified
Thu, 23 Mar 2023 13:09:44 GMT
server
AmazonS3
etag
"57f4bab935a7309758b5adf94e008faf"
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
H9MRY4tZCazZuk1hoD1Ab9B4PN_TC6g8J3gseNFbMfc7TbQ-1Fxhfg==
styles.e26606d5b9489b4c.css
clearing-house-exercise.tst.railinc.com/ 		582 KB
583 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clearing-house-exercise.tst.railinc.com/styles.e26606d5b9489b4c.css
Requested by
Host: clearing-house-exercise.tst.railinc.com
URL: https://clearing-house-exercise.tst.railinc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.60.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-60-127.atl59.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c6303b81e3c7ae0ef81d096bf4ba0c021dc2c8043b355f0567482d3b1e6cdd2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://clearing-house-exercise.tst.railinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:02:09 GMT
x-amz-version-id
ve6zKPeF4N72mR5p8ym_LvQV_Vj29gg1
via
1.1 901cac3bf821e4f6dea13c04dae17082.cloudfront.net (CloudFront)
x-amz-request-id
AQC4RPV582TTDDPV
x-amz-cf-pop
ATL59-P1
x-amz-server-side-encryption
AES256
age
21187
x-cache
Hit from cloudfront
content-length
596343
x-amz-id-2
+EdkKZ5Tc4Sps1WXoc3Zd7T0YyMSkhb5orEPmVrVeHpdeMeEtSFuRZnj8l+dvHm0w31Svcv4aMA=
last-modified
Thu, 23 Mar 2023 13:09:44 GMT
server
AmazonS3
etag
"11da1da905c2fa711af85639db03b707"
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
WQ6027jl4plhdMp5fE5gUZeLCYldLB_BtEFUpUAZ-gh6vr4uIMSv7w==
openid-configuration
login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/.well-known/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/.well-known/openid-configuration
Requested by
Host: clearing-house-exercise.tst.railinc.com
URL: https://clearing-house-exercise.tst.railinc.com/polyfills.058aa3ff3efbee04.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.236.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9dcaea81ce6d4aa6.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://clearing-house-exercise.tst.railinc.com/
X-Okta-User-Agent-Extended
okta-auth-js/6.9.0 @okta/okta-angular/5.3.0 Angular/13.3.12
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

X-Okta-Request-Id
ZZYB9DcLLRTOvSK1GTmn3gAAB14
Date
Thu, 04 Jan 2024 00:55:16 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' test-ssorailinc.oktapreview.com login.tst.railinc.com *.oktacdn.com; connect-src 'self' test-ssorailinc.oktapreview.com test-ssorailinc-admin.oktapreview.com login.tst.railinc.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.oktapreview.com test-ssorailinc.kerberos.oktapreview.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' test-ssorailinc.oktapreview.com login.tst.railinc.com *.oktacdn.com; style-src 'unsafe-inline' 'self' test-ssorailinc.oktapreview.com login.tst.railinc.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' test-ssorailinc.oktapreview.com test-ssorailinc-admin.oktapreview.com login.tst.railinc.com login.okta.com; img-src 'self' test-ssorailinc.oktapreview.com login.tst.railinc.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' test-ssorailinc.oktapreview.com login.tst.railinc.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://clearing-house-exercise.tst.railinc.com
cache-control
max-age=86400, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5, max=99
expires
Fri, 05 Jan 2024 00:55:16 GMT
openid-configuration
login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/.well-known/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/.well-known/openid-configuration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.236.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9dcaea81ce6d4aa6.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
GET
Origin
https://clearing-house-exercise.tst.railinc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type,x-okta-user-agent-extended
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
https://clearing-house-exercise.tst.railinc.com
Access-Control-Max-Age
3600
Connection
Keep-Alive
Content-Length
0
Content-Type
application/octet-stream
Date
Thu, 04 Jan 2024 00:55:16 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Vary
Origin
X-Okta-Request-Id
ZZYB9DcLLRTOvSK1GTmn3QAAB14
Primary Request authorize
login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa12kdz6awt9roDS0h8&code_challenge=3ro80XnNeQumPHxQFokHqA7UvfLO3oo3Ih8xtag8iNc&code_challenge_method=S256&nonce=xfpYVIzzayKigrYdJy7YVIEwF1PZXQtX3waerPKrPGxqEPVhCIs8SFhW0kyaHrdf&redirect_uri=https%3A%2F%2Fclearing-house-exercise.tst.railinc.com&response_type=code&state=X6X0sDzo82CXzElA8X0cRa9X3FK0DWWu0huZKO9JEAQ0sb9TcS7iCLed4z24Y3VA&scope=openid%20profile%20email
Requested by
Host: clearing-house-exercise.tst.railinc.com
URL: https://clearing-house-exercise.tst.railinc.com/main.97aea29a28ced69c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.236.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9dcaea81ce6d4aa6.awsglobalaccelerator.com
Software
nginx /
Resource Hash
afc5a0944fe6c221c2878a2914e4120cdb82a520bf763fa4982255bbd5da3208
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://clearing-house-exercise.tst.railinc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
2672
Content-Type
text/html;charset=utf-8
Date
Thu, 04 Jan 2024 00:55:17 GMT
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
accept-ch
Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store
content-language
en
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
x-content-type-options
nosniff
x-okta-request-id
ZZYB9Jb_VC1o8Ta6uHgRQgAADpE
x-rate-limit-limit
1200
x-rate-limit-remaining
1199
x-rate-limit-reset
1704329777
x-xss-protection
0
errors-v2.css
login.tst.railinc.com/assets/css/sections/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.tst.railinc.com/assets/css/sections/errors-v2.css
Requested by
Host: login.tst.railinc.com
URL: https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa12kdz6awt9roDS0h8&code_challenge=3ro80XnNeQumPHxQFokHqA7UvfLO3oo3Ih8xtag8iNc&code_challenge_method=S256&nonce=xfpYVIzzayKigrYdJy7YVIEwF1PZXQtX3waerPKrPGxqEPVhCIs8SFhW0kyaHrdf&redirect_uri=https%3A%2F%2Fclearing-house-exercise.tst.railinc.com&response_type=code&state=X6X0sDzo82CXzElA8X0cRa9X3FK0DWWu0huZKO9JEAQ0sb9TcS7iCLed4z24Y3VA&scope=openid%20profile%20email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.236.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9dcaea81ce6d4aa6.awsglobalaccelerator.com
Software
nginx /
Resource Hash
07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 00:55:17 GMT
x-amz-meta-sha1sum
a0af4ecf251187b0203ff095d16f850cc57a38c1
Content-Encoding
gzip
Strict-Transport-Security
max-age=315360000; includeSubDomains
Last-Modified
Thu, 27 Oct 2022 02:12:48 GMT
Server
nginx
ETag
W/"80127ba5c47706686501006723ba83da"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Expires
Fri, 03 Jan 2025 00:55:17 GMT
fs01nl8e2a12yYnWa0h8
op1static.oktacdn.com/fs/bco/1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://op1static.oktacdn.com/fs/bco/1/fs01nl8e2a12yYnWa0h8
Requested by
Host: login.tst.railinc.com
URL: https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa12kdz6awt9roDS0h8&code_challenge=3ro80XnNeQumPHxQFokHqA7UvfLO3oo3Ih8xtag8iNc&code_challenge_method=S256&nonce=xfpYVIzzayKigrYdJy7YVIEwF1PZXQtX3waerPKrPGxqEPVhCIs8SFhW0kyaHrdf&redirect_uri=https%3A%2F%2Fclearing-house-exercise.tst.railinc.com&response_type=code&state=X6X0sDzo82CXzElA8X0cRa9X3FK0DWWu0huZKO9JEAQ0sb9TcS7iCLed4z24Y3VA&scope=openid%20profile%20email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.163.101.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-163-101-90.atl58.r.cloudfront.net
Software
nginx /
Resource Hash
770ed0f7bbac90a14bd5f03d5f5d02708911d86ac38eb0b336c722395373567c
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 17:40:38 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 411a138b57fcc63d50621369efff4a7a.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL58-P8
age
198879
x-cache
Hit from cloudfront
content-length
2712
last-modified
Fri, 12 May 2023 12:07:59 GMT
server
nginx
etag
"e96cafd17932dc6f15f290dec46acd4a"
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
rHIyWN66M68209ylno9ARWe0CCQIa7_3rwqwp5rOpEZgs9cZIasw1w==
expires
Tue, 31 Dec 2024 17:40:38 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

6 Cookies

Domain/Path Name / Value
clearing-house-exercise.tst.railinc.com/ Name: okta-oauth-redirect-params
Value: {%22responseType%22:%22code%22%2C%22state%22:%22X6X0sDzo82CXzElA8X0cRa9X3FK0DWWu0huZKO9JEAQ0sb9TcS7iCLed4z24Y3VA%22%2C%22nonce%22:%22xfpYVIzzayKigrYdJy7YVIEwF1PZXQtX3waerPKrPGxqEPVhCIs8SFhW0kyaHrdf%22%2C%22scopes%22:[%22openid%22%2C%22profile%22%2C%22email%22]%2C%22clientId%22:%220oa12kdz6awt9roDS0h8%22%2C%22urls%22:{%22issuer%22:%22https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8%22%2C%22authorizeUrl%22:%22https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize%22%2C%22userinfoUrl%22:%22https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/userinfo%22%2C%22tokenUrl%22:%22https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/token%22%2C%22revokeUrl%22:%22https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/revoke%22%2C%22logoutUrl%22:%22https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/logout%22}%2C%22ignoreSignature%22:false}
clearing-house-exercise.tst.railinc.com/ Name: okta-oauth-nonce
Value: xfpYVIzzayKigrYdJy7YVIEwF1PZXQtX3waerPKrPGxqEPVhCIs8SFhW0kyaHrdf
clearing-house-exercise.tst.railinc.com/ Name: okta-oauth-state
Value: X6X0sDzo82CXzElA8X0cRa9X3FK0DWWu0huZKO9JEAQ0sb9TcS7iCLed4z24Y3VA
login.tst.railinc.com/ Name: JSESSIONID
Value: FF8A1F279B7BF64542BC5364870F8A58
login.tst.railinc.com/ Name: t
Value: default
login.tst.railinc.com/ Name: DT
Value: DI1kg6W3KqgRYeQ8Ou0ITdy3g

1 Console Messages

Source Level URL
Text
network error URL: https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa12kdz6awt9roDS0h8&code_challenge=3ro80XnNeQumPHxQFokHqA7UvfLO3oo3Ih8xtag8iNc&code_challenge_method=S256&nonce=xfpYVIzzayKigrYdJy7YVIEwF1PZXQtX3waerPKrPGxqEPVhCIs8SFhW0kyaHrdf&redirect_uri=https%3A%2F%2Fclearing-house-exercise.tst.railinc.com&response_type=code&state=X6X0sDzo82CXzElA8X0cRa9X3FK0DWWu0huZKO9JEAQ0sb9TcS7iCLed4z24Y3VA&scope=openid%20profile%20email
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)