990portal.rsmus.com Open in urlscan Pro
13.67.239.131 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://990portal.rsmus.com/
Effective URL:
https://990portal.rsmus.com/
Submission: On March 20 via manual (March 20th 2020, 11:34:05 pm UTC) from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 5 domains to perform 19 HTTP transactions. The main IP is 13.67.239.131, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 990portal.rsmus.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on October 25th 2018. Valid for: 2 years.

This is the only time 990portal.rsmus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	13.67.239.131 13.67.239.131	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	204.79.197.234 204.79.197.234	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a01:4180:200... 2a01:4180:2001::3f2	200517 (MS-DEUTSC...) (MS-DEUTSCHLAND)
2	2603:1040:c01::2 2603:1040:c01::2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2603:1010:200... 2603:1010:200::ff	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.165.18.80 52.165.18.80	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
2	51.140.6.23 51.140.6.23	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
19	9

6 13.67.239.131 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

990portal.rsmus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.79.197.234 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.atmrum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4180:2001::3f2 (Frankfurt am Main, Germany)

ASN200517 (MS-DEUTSCHLAND, DE)

052ea0cc1bcaea00938d756ce00a822e.azr.footprintdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1040:c01::2 (Chennai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

4a5f911b4b13d12e666d656949d20214.azr.footprintdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1010:200::ff (Melbourne, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

7d2c290657bc83e418709c7c2b6c68f9.azr.footprintdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.165.18.80 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ssoext.rsmus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	rsmus.com 1 redirects 990portal.rsmus.com ssoext.rsmus.com	1 MB
6	footprintdns.com 052ea0cc1bcaea00938d756ce00a822e.azr.footprintdns.com 4a5f911b4b13d12e666d656949d20214.azr.footprintdns.com 7d2c290657bc83e418709c7c2b6c68f9.azr.footprintdns.com	970 B
4	atmrum.net www.atmrum.net	4 KB
2	visualstudio.com dc.services.visualstudio.com	830 B
1	msecnd.net az416426.vo.msecnd.net	22 KB
19	5

	Domain	Requested by
6	990portal.rsmus.com	1 redirects 990portal.rsmus.com
4	www.atmrum.net	990portal.rsmus.com www.atmrum.net az416426.vo.msecnd.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	7d2c290657bc83e418709c7c2b6c68f9.azr.footprintdns.com	990portal.rsmus.com
2	4a5f911b4b13d12e666d656949d20214.azr.footprintdns.com	990portal.rsmus.com
2	052ea0cc1bcaea00938d756ce00a822e.azr.footprintdns.com	990portal.rsmus.com
1	az416426.vo.msecnd.net	990portal.rsmus.com
1	ssoext.rsmus.com	990portal.rsmus.com
19	8

This site contains no links.

Subject Issuer	Validity	Valid
*.rsmus.com DigiCert SHA2 High Assurance Server CA	`2018-10-25` - `2020-06-10`	2 years	crt.sh
*.atmrum.net Microsoft IT TLS CA 5	`2019-08-26` - `2021-08-26`	2 years	crt.sh
*.footprintdns.com D-TRUST SSL Class 3 CA 1 2009	`2019-12-11` - `2021-12-11`	2 years	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2020-03-18` - `2022-03-18`	2 years	crt.sh
dc.services.visualstudio.com Microsoft IT TLS CA 5	`2020-03-17` - `2022-03-17`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://990portal.rsmus.com/
Frame ID: AAF82D85B359C2DF031965F7CB5BDAA7
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://990portal.rsmus.com/ HTTP 307
https://990portal.rsmus.com/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

19
Requests

100 %
HTTPS

38 %
IPv6

5
Domains

8
Subdomains

9
IPs

5
Countries

1390 kB
Transfer

3917 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://990portal.rsmus.com/ HTTP 307
https://990portal.rsmus.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
990portal.rsmus.com/
Redirect Chain

http://990portal.rsmus.com/
https://990portal.rsmus.com/

34 KB
25 KB

504ms
134ms

Document
text/html

13.67.239.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://990portal.rsmus.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.239.131 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0a7dfa85815f2c9f20dafd5e082d10095b55fcffdbc613d21663bf334a28c940

Request headers

Host: 990portal.rsmus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 17 Mar 2020 18:37:14 GMT
Accept-Ranges: bytes
ETag: "0a9ca138bfcd51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=0005439c6bbf6b946d5f3db857cbbbd2625a282a8b19ff46f377d943592f4d46;Path=/;HttpOnly;Domain=990portal.rsmus.com
X-Powered-By: ASP.NET
Date: Fri, 20 Mar 2020 23:33:42 GMT
Content-Length: 25030

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://990Portal.rsmus.com/
Server: Microsoft-IIS/10.0
Date: Fri, 20 Mar 2020 23:33:41 GMT
Content-Length: 151

GET
H/1.1 200
OK 2.157a592c.chunk.css
990portal.rsmus.com/static/css/ 2 KB
1 KB 253ms
148ms Stylesheet
text/css 13.67.239.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://990portal.rsmus.com/static/css/2.157a592c.chunk.css
Requested by: Host: 990portal.rsmus.com
URL: https://990portal.rsmus.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.239.131 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e39c72afb678d61fdb2f266fc6c425ede9b624940abce4f30664f90c01f3a222

Request headers

Referer: https://990portal.rsmus.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 20 Mar 2020 23:33:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Mar 2020 18:37:08 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "02237108bfcd51:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 799

GET
H/1.1 200
OK main.a86aac37.chunk.css
990portal.rsmus.com/static/css/ 217 KB
49 KB 394ms
140ms Stylesheet
text/css 13.67.239.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://990portal.rsmus.com/static/css/main.a86aac37.chunk.css
Requested by: Host: 990portal.rsmus.com
URL: https://990portal.rsmus.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.239.131 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3a556bb48c0a789243874ad09edd17da1674b717ea2960ce6fbffafbce92f7f6

Request headers

Referer: https://990portal.rsmus.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 20 Mar 2020 23:33:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Mar 2020 18:37:08 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "02237108bfcd51:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 49536

GET
H2 200 rum.js Show response
www.atmrum.net/ 301 B
588 B 88ms
16ms Script
application/javascript 204.79.197.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.atmrum.net/rum.js

Requested by

Host: 990portal.rsmus.com
URL: https://990portal.rsmus.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80afdcdab5af95e11f8edac404947668a91582b9799723a8d5272483a010f23d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://990portal.rsmus.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 23:33:41 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Mar 2020 21:29:32 GMT
x-msedge-ref: Ref A: F5FFBB04FA43458FBE9B88F33438A877 Ref B: FRAEDGE0422 Ref C: 2020-03-20T23:33:42Z
access-control-allow-origin: *
etag: 0x8D4FC0223F2F653
content-type: application/javascript
status: 200
access-control-expose-headers: X-MSEdge-Ref
cache-control: no-store
accept-ranges: bytes
timing-allow-origin: *
content-length: 301

GET
H/1.1 200
OK 2.3fbe3dbc.chunk.js Show response
990portal.rsmus.com/static/js/ 3 MB
995 KB 416ms
169ms Script
application/x-javascript 13.67.239.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://990portal.rsmus.com/static/js/2.3fbe3dbc.chunk.js
Requested by: Host: 990portal.rsmus.com
URL: https://990portal.rsmus.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.239.131 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3cebb1c29107e58723c1eb1e385d1adf5ade4f23bf8df12f4ae4329f3f68d032

Request headers

Referer: https://990portal.rsmus.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 20 Mar 2020 23:33:42 GMT
Content-Encoding: gzip
ETag: "02237108bfcd51:0"
Last-Modified: Tue, 17 Mar 2020 18:37:08 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK main.f7a8ee2c.chunk.js Show response
990portal.rsmus.com/static/js/ 818 KB
266 KB 426ms
180ms Script
application/x-javascript 13.67.239.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://990portal.rsmus.com/static/js/main.f7a8ee2c.chunk.js
Requested by: Host: 990portal.rsmus.com
URL: https://990portal.rsmus.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.239.131 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42cb7e56b6f4d358a748543686238192d85d4a6ca6649474f88453ef44985bbb

Request headers

Referer: https://990portal.rsmus.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 20 Mar 2020 23:33:42 GMT
Content-Encoding: gzip
ETag: "0a9ca138bfcd51:0"
Last-Modified: Tue, 17 Mar 2020 18:37:14 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H2 200 fpv2.min.js Show response
www.atmrum.net/client/v1/atm/ 3 KB
3 KB 21ms
20ms Script
application/javascript 204.79.197.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.atmrum.net/client/v1/atm/fpv2.min.js

Requested by

Host: www.atmrum.net
URL: https://www.atmrum.net/rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

32ea28e4cc9fb2662d406bc5e859f774b58f927861c31864c33cb81aa8263aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://990portal.rsmus.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 23:33:42 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Mar 2020 21:29:32 GMT
x-msedge-ref: Ref A: 07E59611E624481D9BFB0523E9D02D60 Ref B: FRAEDGE0422 Ref C: 2020-03-20T23:33:42Z
access-control-allow-origin: *
etag: 0x8D501F7AFB7338D
content-type: application/javascript
status: 200
access-control-expose-headers: X-MSEdge-Ref
cache-control: no-store
accept-ranges: bytes
timing-allow-origin: *
content-length: 2983

GET
DATA 200
OK truncated
/ 11 KB
11 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0da5b0c8d18c6d26da4ab99717cd08dc5e20cb917d47e655ba24ebf9720f0fe9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 12 KB
12 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af55f4abe0fd224cef8fad170d95c28c74f3af0867bd06b80c792c86b1684721

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
H2 200 fpconfig.min.json Show response
www.atmrum.net/conf/v1/atm/ 191 B
473 B 48ms
17ms XHR
application/json 204.79.197.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.atmrum.net/conf/v1/atm/fpconfig.min.json

Requested by

Host: www.atmrum.net
URL: https://www.atmrum.net/client/v1/atm/fpv2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

72766f736186eb5c7c6d08502f3bf28da0092e8ea85cf3b5413c9daf8dc2d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://990portal.rsmus.com/
Origin: https://990portal.rsmus.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Mar 2020 23:33:42 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Mar 2020 21:29:32 GMT
x-msedge-ref: Ref A: 4C15A924713C416AB96F16E9E73E9574 Ref B: FRAEDGE0819 Ref C: 2020-03-20T23:33:42Z
etag: 0x8D501F7AFB7338D
status: 200
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-MSEdge-Ref
cache-control: no-store
accept-ranges: bytes
timing-allow-origin: *
content-length: 191

GET
H2 200 trans.gif
052ea0cc1bcaea00938d756ce00a822e.azr.footprintdns.com/apc/ 43 B
243 B 59ms
7ms Image
image/gif 2a01:4180:2001::3f2
MS-DEUTSCHLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://052ea0cc1bcaea00938d756ce00a822e.azr.footprintdns.com/apc/trans.gif?1a867c0e1f5d305273d5913da5f02840

Requested by

Host: 990portal.rsmus.com
URL: https://990portal.rsmus.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:4180:2001::3f2 Frankfurt am Main, Germany, ASN200517 (MS-DEUTSCHLAND, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://990portal.rsmus.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 01 Jan 2020 04:05:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/gif
status: 200
date: Fri, 20 Mar 2020 23:33:42 GMT
accept-ranges: bytes
content-length: 43
etag: "aad731b458c0d51:0"

GET
H2 200 trans.gif
052ea0cc1bcaea00938d756ce00a822e.azr.footprintdns.com/apc/ 43 B
81 B 9ms
9ms Image
image/gif 2a01:4180:2001::3f2
MS-DEUTSCHLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://052ea0cc1bcaea00938d756ce00a822e.azr.footprintdns.com/apc/trans.gif?1ca5cf0aef9964a7cea230abdc48c730

Requested by

Host: 990portal.rsmus.com
URL: https://990portal.rsmus.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:4180:2001::3f2 Frankfurt am Main, Germany, ASN200517 (MS-DEUTSCHLAND, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://990portal.rsmus.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 01 Jan 2020 04:05:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/gif
status: 200
date: Fri, 20 Mar 2020 23:33:42 GMT
accept-ranges: bytes
content-length: 43
etag: "aad731b458c0d51:0"

GET
H2 200 trans.gif
4a5f911b4b13d12e666d656949d20214.azr.footprintdns.com/apc/ 43 B
242 B 452ms
136ms Image
image/gif 2603:1040:c01::2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4a5f911b4b13d12e666d656949d20214.azr.footprintdns.com/apc/trans.gif?cefa88b64556869ef317559f9d907e5a

Requested by

Host: 990portal.rsmus.com
URL: https://990portal.rsmus.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1040:c01::2 Chennai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://990portal.rsmus.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 19:15:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/gif
status: 200
date: Fri, 20 Mar 2020 23:33:43 GMT
accept-ranges: bytes
content-length: 43
etag: "0e46cda6ad8d51:0"

GET
H2 200 trans.gif
4a5f911b4b13d12e666d656949d20214.azr.footprintdns.com/apc/ 43 B
81 B 136ms
135ms Image
image/gif 2603:1040:c01::2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4a5f911b4b13d12e666d656949d20214.azr.footprintdns.com/apc/trans.gif?5feb5541e7b5454ce34584dc57e4d032

Requested by

Host: 990portal.rsmus.com
URL: https://990portal.rsmus.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1040:c01::2 Chennai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://990portal.rsmus.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 19:15:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/gif
status: 200
date: Fri, 20 Mar 2020 23:33:43 GMT
accept-ranges: bytes
content-length: 43
etag: "0e46cda6ad8d51:0"

GET
H2 200 trans.gif
7d2c290657bc83e418709c7c2b6c68f9.azr.footprintdns.com/apc/ 43 B
242 B 773ms
245ms Image
image/gif 2603:1010:200::ff
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7d2c290657bc83e418709c7c2b6c68f9.azr.footprintdns.com/apc/trans.gif?8c1ede6f8a763e5a3f32e24215c65e3f

Requested by

Host: 990portal.rsmus.com
URL: https://990portal.rsmus.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1010:200::ff Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://990portal.rsmus.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 19:15:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/gif
status: 200
date: Fri, 20 Mar 2020 23:33:43 GMT
accept-ranges: bytes
content-length: 43
etag: "0e46cda6ad8d51:0"

GET
H/1.1 200
OK openid-configuration Show response
ssoext.rsmus.com/.well-known/ 3 KB
3 KB 674ms
125ms XHR
application/json 52.165.18.80
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ssoext.rsmus.com:9031/.well-known/openid-configuration

Requested by

Host: 990portal.rsmus.com
URL: https://990portal.rsmus.com/static/js/2.3fbe3dbc.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.165.18.80 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ba562459c09795b37be2b15f8e1c1ec2b52b8928cae54302fd18178ad3af955c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://990portal.rsmus.com/
Origin: https://990portal.rsmus.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Mar 2020 23:33:44 GMT
Referrer-Policy: origin
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://990portal.rsmus.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Vary: Origin
Content-Length: 2640
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 32ms
7ms Script
application/x-javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: 990portal.rsmus.com
URL: https://990portal.rsmus.com/static/js/2.3fbe3dbc.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer: https://990portal.rsmus.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 20 Mar 2020 23:33:44 GMT
content-encoding: gzip
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 722
x-cache: HIT
status: 200
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Tue, 04 Feb 2020 19:23:51 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D7A9A7C460F06C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4c14d697-001e-0095-490e-ff85d7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19

GET
H2 200 trans.gif
7d2c290657bc83e418709c7c2b6c68f9.azr.footprintdns.com/apc/ 43 B
81 B 244ms
244ms Image
image/gif 2603:1010:200::ff
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7d2c290657bc83e418709c7c2b6c68f9.azr.footprintdns.com/apc/trans.gif?2f75aeefddb1224b75c3b8cd3e48b795

Requested by

Host: 990portal.rsmus.com
URL: https://990portal.rsmus.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1010:200::ff Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://990portal.rsmus.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 19:15:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/gif
status: 200
date: Fri, 20 Mar 2020 23:33:43 GMT
accept-ranges: bytes
content-length: 43
etag: "0e46cda6ad8d51:0"

GET
H2 200 r.gif Show response
www.atmrum.net/report/v1/atm/ 42 B
194 B 17ms
16ms XHR
image/gif 204.79.197.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.atmrum.net/report/v1/atm/r.gif?MonitorID=atm&rid=be28e06f5175a685199eedcbcb1ff53e&w3c=true&prot=https:&v=2017061301&tag=be003091d40090dc9d90010e06ec0ac0&DATA=[{%22RequestID%22:%22052ea0cc1bcaea00938d756ce00a822e%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:60},{%22RequestID%22:%22052ea0cc1bcaea00938d756ce00a822e%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:10},{%22RequestID%22:%224a5f911b4b13d12e666d656949d20214%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:452},{%22RequestID%22:%224a5f911b4b13d12e666d656949d20214%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:136},{%22RequestID%22:%227d2c290657bc83e418709c7c2b6c68f9%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:773},{%22RequestID%22:%227d2c290657bc83e418709c7c2b6c68f9%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:245}]
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://990portal.rsmus.com/
Origin: https://990portal.rsmus.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 20 Mar 2020 23:33:43 GMT
cache-control: no-store
x-msedge-ref: Ref A: B602B99E46C6400AA19213BE6FB6C4A9 Ref B: FRAEDGE0819 Ref C: 2020-03-20T23:33:44Z
access-control-allow-origin: https://990portal.rsmus.com
content-type: image/gif

OPTIONS
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 0
311 B 96ms
22ms XHR
text/plain 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://990portal.rsmus.com
Referer: https://990portal.rsmus.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,sdk-context

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 20 Mar 2020 23:33:59 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 0
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST

POST
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 96 B
519 B 560ms
560ms XHR
application/json 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1b0e95a85ee114dc60a49ab1d5233929205594c5a668f9bd87071a6a09967be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://990portal.rsmus.com/
Origin: https://990portal.rsmus.com
Sec-Fetch-Dest: empty
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 041080A0-1CDD-4BCB-A94E-24D31F6F0F5D
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 20 Mar 2020 23:33:59 GMT
Access-Control-Max-Age: 3600
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 96

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			990portal.rsmus.com/	1970-01-19 16:58:03	Name: ai_user Value: FqbGb\|2020-03-20T23:33:44.250Z
			.990portal.rsmus.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 0005439c6bbf6b946d5f3db857cbbbd2625a282a8b19ff46f377d943592f4d46

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

052ea0cc1bcaea00938d756ce00a822e.azr.footprintdns.com
4a5f911b4b13d12e666d656949d20214.azr.footprintdns.com
7d2c290657bc83e418709c7c2b6c68f9.azr.footprintdns.com
990portal.rsmus.com
az416426.vo.msecnd.net
dc.services.visualstudio.com
ssoext.rsmus.com
www.atmrum.net
13.67.239.131
152.199.19.160
204.79.197.234
2603:1010:200::ff
2603:1040:c01::2
2a01:4180:2001::3f2
51.140.6.23
52.165.18.80
0a7dfa85815f2c9f20dafd5e082d10095b55fcffdbc613d21663bf334a28c940
0da5b0c8d18c6d26da4ab99717cd08dc5e20cb917d47e655ba24ebf9720f0fe9
32ea28e4cc9fb2662d406bc5e859f774b58f927861c31864c33cb81aa8263aac
3a556bb48c0a789243874ad09edd17da1674b717ea2960ce6fbffafbce92f7f6
3cebb1c29107e58723c1eb1e385d1adf5ade4f23bf8df12f4ae4329f3f68d032
42cb7e56b6f4d358a748543686238192d85d4a6ca6649474f88453ef44985bbb
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
72766f736186eb5c7c6d08502f3bf28da0092e8ea85cf3b5413c9daf8dc2d94a
80afdcdab5af95e11f8edac404947668a91582b9799723a8d5272483a010f23d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1b0e95a85ee114dc60a49ab1d5233929205594c5a668f9bd87071a6a09967be
af55f4abe0fd224cef8fad170d95c28c74f3af0867bd06b80c792c86b1684721
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba562459c09795b37be2b15f8e1c1ec2b52b8928cae54302fd18178ad3af955c
e39c72afb678d61fdb2f266fc6c425ede9b624940abce4f30664f90c01f3a222
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

990portal.rsmus.com Open in urlscan Pro 13.67.239.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

38 %IPv6

5 Domains

8 Subdomains

9 IPs

5 Countries

1390 kBTransfer

3917 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

2 Cookies

Indicators

990portal.rsmus.com Open in urlscan Pro
13.67.239.131 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

38 %
IPv6

5
Domains

8
Subdomains

9
IPs

5
Countries

1390 kB
Transfer

3917 kB
Size

2
Cookies

19 HTTP transactions
2 data transactions