rptpweb.devops.revenuepremier.com Open in urlscan Pro
20.189.128.155 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rptpweb.devops.revenuepremier.com/
Effective URL:
https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQg...
Submission: On June 08 via manual (June 8th 2021, 4:37:29 pm UTC) from US

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 31 HTTP transactions. The main IP is 20.189.128.155, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is rptpweb.devops.revenuepremier.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 15th 2021. Valid for: a year.

This is the only time rptpweb.devops.revenuepremier.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Luno (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
2 27	20.189.128.155 20.189.128.155	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
31	3

27 20.189.128.155 (San Jose, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rptpweb.devops.revenuepremier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	revenuepremier.com 2 redirects rptpweb.devops.revenuepremier.com	1 MB
3	google-analytics.com www.google-analytics.com	19 KB
31	2

	Domain	Requested by
27	rptpweb.devops.revenuepremier.com	2 redirects rptpweb.devops.revenuepremier.com
3	www.google-analytics.com	rptpweb.devops.revenuepremier.com www.google-analytics.com
31	2

This site contains no links.

Subject Issuer	Validity	Valid
*.devops.revenuepremier.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-15` - `2022-04-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
Frame ID: 7E66617074967F19C7FD810A641FE53A
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://rptpweb.devops.revenuepremier.com/ HTTP 301
https://rptpweb.devops.revenuepremier.com/rptp/portal/home HTTP 302
https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQ... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

Page Statistics

31
Requests

90 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1189 kB
Transfer

1545 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rptpweb.devops.revenuepremier.com/ HTTP 301
https://rptpweb.devops.revenuepremier.com/rptp/portal/home HTTP 302
https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
Redirect Chain

https://rptpweb.devops.revenuepremier.com/
https://rptpweb.devops.revenuepremier.com/rptp/portal/home
https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS...

49 KB
49 KB

917ms
916ms

Document
text/html

20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

e0e15f52913686ba1dace32e649a1ff190f2323f279b7cd6cfcf79fca748f077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: rptpweb.devops.revenuepremier.com
:scheme: https
:path: /rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DigestTracker=AAABeex8G44; ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:07 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: POST, GET
x-powered-by: Servlet/3.1
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-location: /rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
pragma: no-cache
vary: Cookie,User-Agent
set-cookie: DigestTracker=AAABeex8HFo; Path=/rptp; SameSite=None; Secure JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1; Path=/; Secure; HttpOnly; SameSite=None;
content-language: en

Redirect headers

date: Tue, 08 Jun 2021 16:37:06 GMT
content-type: text/plain
content-length: 0
location: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: POST, GET
x-powered-by: Servlet/3.1
expires: Thu, 01 Dec 1994 16:00:00 GMT
cache-control: no-cache="set-cookie, set-cookie2"
set-cookie: DigestTracker=AAABeex8G44; Path=/rptp; SameSite=None; Secure
content-language: en-US

GET
H2 200 mashup:ra:collection
rptpweb.devops.revenuepremier.com/rptp/contenthandler/!ut/p/digest!mFjIZs8_U5VzryyDG6g-Nw/sp/ 171 KB
32 KB 595ms
581ms Stylesheet
text/css 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/contenthandler/!ut/p/digest!mFjIZs8_U5VzryyDG6g-Nw/sp/mashup:ra:collection?soffset=0&eoffset=5&themeID=ZJ_MOCCHA82M0Q700AN8112B100G1&locale=en&mime-type=text%2Fcss&lm=1619645788000&entry=rsimobile__0.0%3Ahead_css

Requested by

Host: rptpweb.devops.revenuepremier.com
URL: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

07e9f29418787d01f5f5f33c5748ca562e80646edf8746d819f38167a36fc943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /rptp/contenthandler/!ut/p/digest!mFjIZs8_U5VzryyDG6g-Nw/sp/mashup:ra:collection?soffset=0&eoffset=5&themeID=ZJ_MOCCHA82M0Q700AN8112B100G1&locale=en&mime-type=text%2Fcss&lm=1619645788000&entry=rsimobile__0.0%3Ahead_css
pragma: no-cache
cookie: DigestTracker=AAABeex8HFo; ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Servlet/3.1
content-location: /rptp/contenthandler/!ut/p/digest!mFjIZs8_U5VzryyDG6g-Nw/sp/mashup:ra:collection?soffset=0&eoffset=5&themeID=ZJ_MOCCHA82M0Q700AN8112B100G1&locale=en&mime-type=text/css&lm=1619645788000&entry=rsimobile__0.0%3ahead_css
x-request-digest: rYdS0-o_BJ3m27Qa6mL11g
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Apr 2021 21:36:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: POST, GET
content-language: en-US
x-datasource-digest: mFjIZs8_U5VzryyDG6g-Nw
cache-control: public, max-age=86400
accept-ranges: bytes
content-type: text/css; charset=UTF-8
expires: Wed, 09 Jun 2021 16:37:08 GMT

GET
H2 200 ra:collection Show response
rptpweb.devops.revenuepremier.com/rptp/contenthandler/!ut/p/digest!GEZHweTF0xv_oLsv8dYGZg/mashup/ 276 KB
79 KB 439ms
426ms Script
text/javascript 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/contenthandler/!ut/p/digest!GEZHweTF0xv_oLsv8dYGZg/mashup/ra:collection?themeID=ZJ_MOCCHA82M0Q700AN8112B100G1&locale=en&mime-type=text%2Fjavascript&lm=1605829036000&entry=wp_client_main__0.0%3Ahead_js&entry=wp_client_ext__0.0%3Ahead_js&entry=rsimobile__0.0%3Ahead_js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

7962bed3a69b0457bc7836ea61968feba89d9fdfe86a95364157ce8741c334f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /rptp/contenthandler/!ut/p/digest!GEZHweTF0xv_oLsv8dYGZg/mashup/ra:collection?themeID=ZJ_MOCCHA82M0Q700AN8112B100G1&locale=en&mime-type=text%2Fjavascript&lm=1605829036000&entry=wp_client_main__0.0%3Ahead_js&entry=wp_client_ext__0.0%3Ahead_js&entry=rsimobile__0.0%3Ahead_js
pragma: no-cache
cookie: DigestTracker=AAABeex8HFo; ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Servlet/3.1
content-location: /rptp/contenthandler/!ut/p/digest!GEZHweTF0xv_oLsv8dYGZg/mashup/mashup:cxml/xc5NSwQxDAbgX9PjfDrK4k30oiAIs_chU-Nsh3ZS05Sdhf54p7oexJMoeAoheZMH14f--ugHbQ0uMjgwi2q6mjGo5uKmYi--kgM6fKTnaDFU7lzN6HQ1b_2WGCyckMs5pORgVS1MmHZXXV0XKQZk1WpaBFdJL2ADFkmDPqBqgyaPycfRGl0kzzSjlm_LnmFykBbaJjlXFPjVvO3-jKyJMaf-g83BOBqNxUw-Amfy_b6_3WdwLyBGf-BD9UQsYHflZTbPrxH5pNqmbOqyLZ1Zsvt3N0ciCcLg_-bcJzGaM7MrdQxC7s6Apen9wRtonZHB?themeID=ZJ_MOCCHA82M0Q700AN8112B100G1&locale=en&mime-type=text/javascript&lm=1605829036000&entry=wp_client_main__0.0%3ahead_js&entry=wp_client_ext__0.0%3ahead_js&entry=rsimobile__0.0%3ahead_js
x-request-digest: rYdS0-o_BJ3m27Qa6mL11g
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Nov 2020 23:37:16 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: POST, GET
content-language: en-US
x-datasource-digest: GEZHweTF0xv_oLsv8dYGZg
cache-control: public, max-age=86400
accept-ranges: bytes
content-type: text/javascript; charset=UTF-8
expires: Wed, 09 Jun 2021 16:37:08 GMT

GET
H2 200 RSI_Custom.css
rptpweb.devops.revenuepremier.com/ITSCThemeStatic/themes/Portal8.5/css/rsi/ 5 KB
5 KB 214ms
200ms Stylesheet
text/css 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rptpweb.devops.revenuepremier.com/ITSCThemeStatic/themes/Portal8.5/css/rsi/RSI_Custom.css?modifiedDate=2021-04-28T21:34

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

d9d57573f24e5e5fcade95a3e8d5be04b8560de08882f8d43c0a0c2e0d596345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /ITSCThemeStatic/themes/Portal8.5/css/rsi/RSI_Custom.css?modifiedDate=2021-04-28T21:34
pragma: no-cache
cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 21:36:26 GMT
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
content-length: 5116
x-xss-protection: 1; mode=block

GET
H2 200 jquery-ui-1.10.3.customDatePicker.min.js Show response
rptpweb.devops.revenuepremier.com/ITSCThemeStatic/themes/Portal8.5/js/ 54 KB
54 KB 293ms
279ms Script
application/javascript 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rptpweb.devops.revenuepremier.com/ITSCThemeStatic/themes/Portal8.5/js/jquery-ui-1.10.3.customDatePicker.min.js?modifiedDate=2021-04-28T21:34

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

8db2f8c208abef90b5cdaafaabfbb11a0f349194444f9ea0bd78094d37e23d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /ITSCThemeStatic/themes/Portal8.5/js/jquery-ui-1.10.3.customDatePicker.min.js?modifiedDate=2021-04-28T21:34
pragma: no-cache
cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Aug 2019 22:13:32 GMT
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
content-length: 55287
x-xss-protection: 1; mode=block

GET
H2 200 moment-with-locales.min.js Show response
rptpweb.devops.revenuepremier.com/ITSCThemeStatic/themes/Portal8.5/js/ 301 KB
301 KB 430ms
425ms Script
application/javascript 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rptpweb.devops.revenuepremier.com/ITSCThemeStatic/themes/Portal8.5/js/moment-with-locales.min.js?modifiedDate=2021-04-28T21:34

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

17878c03f9bc44c3d7285d83e9c71cb198bdb6bf2deccb7c27798af6568e6ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /ITSCThemeStatic/themes/Portal8.5/js/moment-with-locales.min.js?modifiedDate=2021-04-28T21:34
pragma: no-cache
cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Aug 2019 22:13:32 GMT
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
content-length: 308076
x-xss-protection: 1; mode=block

GET
H2 200 rsiPortalDateHandlerJS.js Show response
rptpweb.devops.revenuepremier.com/ITSCThemeStatic/themes/Portal8.5/js/ 15 KB
16 KB 399ms
394ms Script
application/javascript 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rptpweb.devops.revenuepremier.com/ITSCThemeStatic/themes/Portal8.5/js/rsiPortalDateHandlerJS.js?modifiedDate=2021-04-28T21:34

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

63114e186f8970e44da9c33b8327edc3642f1df5102cc4f54a914ce699a5b4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /ITSCThemeStatic/themes/Portal8.5/js/rsiPortalDateHandlerJS.js?modifiedDate=2021-04-28T21:34
pragma: no-cache
cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 21:34:32 GMT
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
content-length: 15721
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rptpweb.devops.revenuepremier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3494
date: Tue, 08 Jun 2021 15:38:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 08 Jun 2021 17:38:54 GMT

GET
H2 200 itscValidations.js Show response
rptpweb.devops.revenuepremier.com/ITSCThemeStatic/themes/Portal8.5/js/ 44 KB
45 KB 281ms
278ms Script
application/javascript 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rptpweb.devops.revenuepremier.com/ITSCThemeStatic/themes/Portal8.5/js/itscValidations.js?modifiedDate=2021-04-28T21:34

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

0b5bde167b2cebbf3de09896dea3519aa842cc95ee2427e009eef0906a73a543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /ITSCThemeStatic/themes/Portal8.5/js/itscValidations.js?modifiedDate=2021-04-28T21:34
pragma: no-cache
cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 21:34:32 GMT
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
content-length: 45309
x-xss-protection: 1; mode=block

GET
H2 200 itscCommonJS.js Show response
rptpweb.devops.revenuepremier.com/ITSCThemeStatic/themes/Portal8.5/js/ 13 KB
13 KB 427ms
424ms Script
application/javascript 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rptpweb.devops.revenuepremier.com/ITSCThemeStatic/themes/Portal8.5/js/itscCommonJS.js?modifiedDate=2021-04-28T21:34

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

ec1f0a64fd82a9c5e8b4403cc23533a9f4933575ba362436da4072e572b1ff70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /ITSCThemeStatic/themes/Portal8.5/js/itscCommonJS.js?modifiedDate=2021-04-28T21:34
pragma: no-cache
cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 21:34:32 GMT
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
content-length: 13171
x-xss-protection: 1; mode=block

GET
H2 200 internationalPhone.js Show response
rptpweb.devops.revenuepremier.com/ITSCThemeStatic/themes/Portal8.5/js/ 297 KB
297 KB 427ms
425ms Script
application/javascript 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rptpweb.devops.revenuepremier.com/ITSCThemeStatic/themes/Portal8.5/js/internationalPhone.js?modifiedDate=2021-04-28T21:34

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

e8d484aad6b7beb09b044d07dfb3ab22ce9d57cc936db2ed57ed8c615f455c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /ITSCThemeStatic/themes/Portal8.5/js/internationalPhone.js?modifiedDate=2021-04-28T21:34
pragma: no-cache
cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Aug 2019 22:13:32 GMT
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
content-length: 303702
x-xss-protection: 1; mode=block

GET
H2 200 RSI+logo.png
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/82154795-bedc-4b19-bcb6-74004b677d92/ 3 KB
3 KB 472ms
471ms Image
image/png 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/82154795-bedc-4b19-bcb6-74004b677d92/RSI+logo.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-82154795-bedc-4b19-bcb6-74004b677d92-m8Bm1KV&ContentCache=NONE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

af3594b88d6aef9396bf54492fedb7af94e29346de1a111bd692c1c5207bea35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /rptp/wcm/connect/82154795-bedc-4b19-bcb6-74004b677d92/RSI+logo.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-82154795-bedc-4b19-bcb6-74004b677d92-m8Bm1KV&ContentCache=NONE
pragma: no-cache
cookie: DigestTracker=AAABeex8HFo; ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:09 GMT
x-content-type-options: nosniff
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
x-xss-protection: 1; mode=block
cache-control: public,max-age=600,post-check=300,pre-check=600
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-type: image/png
content-length: 2886
etag: "626531639"
expires: Tue, 08 Jun 2021 16:47:09 GMT

GET
H2 200 processing-message2.gif
rptpweb.devops.revenuepremier.com/ITSCThemeDynamic/themes/html/dynamicSpots/overlay-gif/ 4 KB
5 KB 251ms
250ms Image
image/gif 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rptpweb.devops.revenuepremier.com/ITSCThemeDynamic/themes/html/dynamicSpots/overlay-gif/processing-message2.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

745b80d8c9691bb2f83651a38771d98b6f0b0b62a8d799fea723d3c58f012a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /ITSCThemeDynamic/themes/html/dynamicSpots/overlay-gif/processing-message2.gif
pragma: no-cache
cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 21:36:36 GMT
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 4548
x-xss-protection: 1; mode=block

GET
H2 200 jquery.nivo.slider.pack.js Show response
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/7ab98560-dc63-4760-baa7-f5bf7c3a3031/ 12 KB
12 KB 489ms
487ms Script
application/javascript 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/7ab98560-dc63-4760-baa7-f5bf7c3a3031/jquery.nivo.slider.pack.js?MOD=AJPERES&CONVERT_TO=url&CACHEID=ROOTWORKSPACE-7ab98560-dc63-4760-baa7-f5bf7c3a3031-kiGDstg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

cf875bd445e501650e9923780d85b15103cf080c60ddd2328dad85691a9914af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /rptp/wcm/connect/7ab98560-dc63-4760-baa7-f5bf7c3a3031/jquery.nivo.slider.pack.js?MOD=AJPERES&CONVERT_TO=url&CACHEID=ROOTWORKSPACE-7ab98560-dc63-4760-baa7-f5bf7c3a3031-kiGDstg
pragma: no-cache
cookie: DigestTracker=AAABeex8HFo; ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:09 GMT
x-content-type-options: nosniff
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
x-xss-protection: 1; mode=block
cache-control: public,max-age=600,post-check=300,pre-check=600
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-type: application/javascript
content-length: 12202
etag: "2021829903"
expires: Tue, 08 Jun 2021 16:47:09 GMT

GET
H2 200 Carouse+News.jpg
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/6ccd6030-9c3a-4200-a3f6-d6360e087ee8/ 42 KB
43 KB 448ms
447ms Image
image/jpeg 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/6ccd6030-9c3a-4200-a3f6-d6360e087ee8/Carouse+News.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-6ccd6030-9c3a-4200-a3f6-d6360e087ee8-m87tVsT

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

a65500a595e6d4aa388bc59ead6464d7d15d6b77fab90b79f3a2ab94da08c599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /rptp/wcm/connect/6ccd6030-9c3a-4200-a3f6-d6360e087ee8/Carouse+News.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-6ccd6030-9c3a-4200-a3f6-d6360e087ee8-m87tVsT
pragma: no-cache
cookie: DigestTracker=AAABeex8HFo; ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:09 GMT
x-content-type-options: nosniff
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
x-xss-protection: 1; mode=block
cache-control: public,max-age=600,post-check=300,pre-check=600
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-type: image/jpeg
content-length: 43364
etag: "125278684"
expires: Tue, 08 Jun 2021 16:47:09 GMT

GET
H2 200 Tax.jpg
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/081ae2b6-6871-45dd-a4d5-58a8bf62b0e0/ 35 KB
36 KB 471ms
470ms Image
image/jpeg 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/081ae2b6-6871-45dd-a4d5-58a8bf62b0e0/Tax.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-081ae2b6-6871-45dd-a4d5-58a8bf62b0e0-m87u2Ae

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

c2a96ca3f815416b0896a2a4d936d9c49cafaf5216bd31937e305c2ffffa2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /rptp/wcm/connect/081ae2b6-6871-45dd-a4d5-58a8bf62b0e0/Tax.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-081ae2b6-6871-45dd-a4d5-58a8bf62b0e0-m87u2Ae
pragma: no-cache
cookie: DigestTracker=AAABeex8HFo; ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:09 GMT
x-content-type-options: nosniff
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
x-xss-protection: 1; mode=block
cache-control: public,max-age=600,post-check=300,pre-check=600
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-type: image/jpeg
content-length: 36263
etag: "125315263"
expires: Tue, 08 Jun 2021 16:47:09 GMT

GET
H2 200 Carouse+location.jpg
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/4bdd26c7-9085-4879-ac12-45a34478fb22/ 29 KB
30 KB 435ms
434ms Image
image/jpeg 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/4bdd26c7-9085-4879-ac12-45a34478fb22/Carouse+location.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-4bdd26c7-9085-4879-ac12-45a34478fb22-m87udL0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

55dff49063607994d059600e47168c2688543532c65c168133bf53206bb0b335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /rptp/wcm/connect/4bdd26c7-9085-4879-ac12-45a34478fb22/Carouse+location.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-4bdd26c7-9085-4879-ac12-45a34478fb22-m87udL0
pragma: no-cache
cookie: DigestTracker=AAABeex8HFo; ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:08 GMT
x-content-type-options: nosniff
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
x-xss-protection: 1; mode=block
cache-control: public,max-age=600,post-check=300,pre-check=600
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-type: image/jpeg
content-length: 29845
etag: "125361624"
expires: Tue, 08 Jun 2021 16:47:09 GMT

GET
H2 403 glyphicons-halflings-regular.woff
rptpweb.devops.revenuepremier.com/rptp/contenthandler/!ut/p/digest!GEZHweTF0xv_oLsv8dYGZg/war/ITSCThemeStatic/themes/Portal8.5/css/fonts/ 0
0 235ms
235ms Font
text/html 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/contenthandler/!ut/p/digest!GEZHweTF0xv_oLsv8dYGZg/war/ITSCThemeStatic/themes/Portal8.5/css/fonts/glyphicons-halflings-regular.woff

Requested by

Host: rptpweb.devops.revenuepremier.com
URL: https://rptpweb.devops.revenuepremier.com/rptp/contenthandler/!ut/p/digest!mFjIZs8_U5VzryyDG6g-Nw/sp/mashup:ra:collection?soffset=0&eoffset=5&themeID=ZJ_MOCCHA82M0Q700AN8112B100G1&locale=en&mime-type=text%2Fcss&lm=1619645788000&entry=rsimobile__0.0%3Ahead_css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://rptpweb.devops.revenuepremier.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: DigestTracker=AAABeex8HFo; ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
:path: /rptp/contenthandler/!ut/p/digest!GEZHweTF0xv_oLsv8dYGZg/war/ITSCThemeStatic/themes/Portal8.5/css/fonts/glyphicons-halflings-regular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/contenthandler/!ut/p/digest!mFjIZs8_U5VzryyDG6g-Nw/sp/mashup:ra:collection?soffset=0&eoffset=5&themeID=ZJ_MOCCHA82M0Q700AN8112B100G1&locale=en&mime-type=text%2Fcss&lm=1619645788000&entry=rsimobile__0.0%3Ahead_css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://rptpweb.devops.revenuepremier.com
Referer: https://rptpweb.devops.revenuepremier.com/rptp/contenthandler/!ut/p/digest!mFjIZs8_U5VzryyDG6g-Nw/sp/mashup:ra:collection?soffset=0&eoffset=5&themeID=ZJ_MOCCHA82M0Q700AN8112B100G1&locale=en&mime-type=text%2Fcss&lm=1619645788000&entry=rsimobile__0.0%3Ahead_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:08 GMT
x-content-type-options: nosniff
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
_wsep
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html;charset=ISO-8859-1
x-xss-protection: 1; mode=block

GET
H2 403 glyphicons-halflings-regular.ttf
rptpweb.devops.revenuepremier.com/rptp/contenthandler/!ut/p/digest!GEZHweTF0xv_oLsv8dYGZg/war/ITSCThemeStatic/themes/Portal8.5/css/fonts/ 0
0 205ms
204ms Font
text/html 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/contenthandler/!ut/p/digest!GEZHweTF0xv_oLsv8dYGZg/war/ITSCThemeStatic/themes/Portal8.5/css/fonts/glyphicons-halflings-regular.ttf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://rptpweb.devops.revenuepremier.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: DigestTracker=AAABeex8HFo; ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; JSESSIONID=0000udDxo2ccTqqgS7ZmiOQ_kaf:-1
:path: /rptp/contenthandler/!ut/p/digest!GEZHweTF0xv_oLsv8dYGZg/war/ITSCThemeStatic/themes/Portal8.5/css/fonts/glyphicons-halflings-regular.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/contenthandler/!ut/p/digest!mFjIZs8_U5VzryyDG6g-Nw/sp/mashup:ra:collection?soffset=0&eoffset=5&themeID=ZJ_MOCCHA82M0Q700AN8112B100G1&locale=en&mime-type=text%2Fcss&lm=1619645788000&entry=rsimobile__0.0%3Ahead_css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://rptpweb.devops.revenuepremier.com
Referer: https://rptpweb.devops.revenuepremier.com/rptp/contenthandler/!ut/p/digest!mFjIZs8_U5VzryyDG6g-Nw/sp/mashup:ra:collection?soffset=0&eoffset=5&themeID=ZJ_MOCCHA82M0Q700AN8112B100G1&locale=en&mime-type=text%2Fcss&lm=1619645788000&entry=rsimobile__0.0%3Ahead_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:09 GMT
x-content-type-options: nosniff
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
_wsep
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html;charset=ISO-8859-1
x-xss-protection: 1; mode=block

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1674428352&t=pageview&_s=1&dl=https%3A%2F%2Frptpweb.devops.revenuepremier.com%2Frptp%2Fportal%2Fhome%2F!ut%2Fp%2Fz1%2F04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!%2Fdz%2Fd5%2FL2dBISEvZ0FBIS9nQSEh%2F&dp=%2Frptp%2Fportal%2Fhome&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=260045401&gjid=1321470276&cid=1240204903.1623170229&tid=UA-114799735-13&_gid=1252432713.1623170229&_r=1&_slc=1&z=1890393902

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rptpweb.devops.revenuepremier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rptpweb.devops.revenuepremier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1674428352&t=timing&_s=2&dl=https%3A%2F%2Frptpweb.devops.revenuepremier.com%2Frptp%2Fportal%2Fhome%2F!ut%2Fp%2Fz1%2F04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!%2Fdz%2Fd5%2FL2dBISEvZ0FBIS9nQSEh%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=All%20Dependencies&utv=load&utt=2748&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1240204903.1623170229&tid=UA-114799735-13&_gid=1252432713.1623170229&z=1167447435

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rptpweb.devops.revenuepremier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 04:46:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42616
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loading.gif
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/32236ac6-8d3b-4e6f-bce2-f584fb33ccf8/ 2 KB
2 KB 239ms
236ms Image
image/gif 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/32236ac6-8d3b-4e6f-bce2-f584fb33ccf8/loading.gif?MOD=AJPERES&CACHEID=ROOTWORKSPACE-32236ac6-8d3b-4e6f-bce2-f584fb33ccf8-kiGDEns

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /rptp/wcm/connect/32236ac6-8d3b-4e6f-bce2-f584fb33ccf8/loading.gif?MOD=AJPERES&CACHEID=ROOTWORKSPACE-32236ac6-8d3b-4e6f-bce2-f584fb33ccf8-kiGDEns
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:09 GMT
x-content-type-options: nosniff
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
set-cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; Path=/; SameSite=None; Secure ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; Path=/
x-xss-protection: 1; mode=block
cache-control: public,max-age=600,post-check=300,pre-check=600
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-type: image/gif
content-length: 1737
etag: "2021850853"
expires: Tue, 08 Jun 2021 16:47:09 GMT

GET
H2 200 arrows.png
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/591f08d2-06c8-4e6e-8b8c-d4e7ee956b1c/ 824 B
1 KB 236ms
236ms Image
image/png 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/591f08d2-06c8-4e6e-8b8c-d4e7ee956b1c/arrows.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-591f08d2-06c8-4e6e-8b8c-d4e7ee956b1c-kiGDDIk

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /rptp/wcm/connect/591f08d2-06c8-4e6e-8b8c-d4e7ee956b1c/arrows.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-591f08d2-06c8-4e6e-8b8c-d4e7ee956b1c-kiGDDIk
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:09 GMT
x-content-type-options: nosniff
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
set-cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; Path=/; SameSite=None; Secure ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; Path=/
x-xss-protection: 1; mode=block
cache-control: public,max-age=600,post-check=300,pre-check=600
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-type: image/png
content-length: 824
etag: "2021849941"
expires: Tue, 08 Jun 2021 16:47:09 GMT

GET
H2 200 bullets.png
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/d7aba03c-ce44-49c0-910f-e3a029590d51/ 1 KB
2 KB 235ms
235ms Image
image/png 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/d7aba03c-ce44-49c0-910f-e3a029590d51/bullets.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-d7aba03c-ce44-49c0-910f-e3a029590d51-kiGDDYU

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

97f65015a491719ae9dbf1afc7948f8e57f946a6822c6a924fb5826265e89af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /rptp/wcm/connect/d7aba03c-ce44-49c0-910f-e3a029590d51/bullets.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-d7aba03c-ce44-49c0-910f-e3a029590d51-kiGDDYU
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:09 GMT
x-content-type-options: nosniff
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
set-cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; Path=/; SameSite=None; Secure ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; Path=/
x-xss-protection: 1; mode=block
cache-control: public,max-age=600,post-check=300,pre-check=600
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-type: image/png
content-length: 1281
etag: "2021850407"
expires: Tue, 08 Jun 2021 16:47:09 GMT

GET
H2 200 Carouse+News.jpg
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/6ccd6030-9c3a-4200-a3f6-d6360e087ee8/ 42 KB
43 KB 351ms
349ms Image
image/jpeg 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/6ccd6030-9c3a-4200-a3f6-d6360e087ee8/Carouse+News.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-6ccd6030-9c3a-4200-a3f6-d6360e087ee8-m87tVsT

Requested by

Host: rptpweb.devops.revenuepremier.com
URL: https://rptpweb.devops.revenuepremier.com/rptp/contenthandler/!ut/p/digest!GEZHweTF0xv_oLsv8dYGZg/mashup/ra:collection?themeID=ZJ_MOCCHA82M0Q700AN8112B100G1&locale=en&mime-type=text%2Fjavascript&lm=1605829036000&entry=wp_client_main__0.0%3Ahead_js&entry=wp_client_ext__0.0%3Ahead_js&entry=rsimobile__0.0%3Ahead_js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

a65500a595e6d4aa388bc59ead6464d7d15d6b77fab90b79f3a2ab94da08c599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /rptp/wcm/connect/6ccd6030-9c3a-4200-a3f6-d6360e087ee8/Carouse+News.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-6ccd6030-9c3a-4200-a3f6-d6360e087ee8-m87tVsT
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:14 GMT
x-content-type-options: nosniff
cached_response: true
x-powered-by: Servlet/3.1
content-length: 43364
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
etag: "125278684"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: POST, GET
content-language: en-US
cache-control: public,max-age=600,post-check=300,pre-check=600
set-cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; Path=/; SameSite=None; Secure ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; Path=/
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 08 Jun 2021 16:47:09 GMT

GET
H2 200 Tax.jpg
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/081ae2b6-6871-45dd-a4d5-58a8bf62b0e0/ 35 KB
36 KB 500ms
498ms Image
image/jpeg 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/081ae2b6-6871-45dd-a4d5-58a8bf62b0e0/Tax.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-081ae2b6-6871-45dd-a4d5-58a8bf62b0e0-m87u2Ae

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

c2a96ca3f815416b0896a2a4d936d9c49cafaf5216bd31937e305c2ffffa2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /rptp/wcm/connect/081ae2b6-6871-45dd-a4d5-58a8bf62b0e0/Tax.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-081ae2b6-6871-45dd-a4d5-58a8bf62b0e0-m87u2Ae
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:14 GMT
x-content-type-options: nosniff
cached_response: true
x-powered-by: Servlet/3.1
content-length: 36263
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
etag: "125315263"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: POST, GET
content-language: en-US
cache-control: public,max-age=600,post-check=300,pre-check=600
set-cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; Path=/; SameSite=None; Secure ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1; Path=/
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 08 Jun 2021 16:47:09 GMT

GET
H2 200 Tax.jpg
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/081ae2b6-6871-45dd-a4d5-58a8bf62b0e0/ 35 KB
36 KB 191ms
191ms Image
image/jpeg 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/081ae2b6-6871-45dd-a4d5-58a8bf62b0e0/Tax.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-081ae2b6-6871-45dd-a4d5-58a8bf62b0e0-m87u2Ae

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

c2a96ca3f815416b0896a2a4d936d9c49cafaf5216bd31937e305c2ffffa2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /rptp/wcm/connect/081ae2b6-6871-45dd-a4d5-58a8bf62b0e0/Tax.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-081ae2b6-6871-45dd-a4d5-58a8bf62b0e0-m87u2Ae
pragma: no-cache
cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:14 GMT
x-content-type-options: nosniff
cached_response: true
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
x-xss-protection: 1; mode=block
cache-control: public,max-age=600,post-check=300,pre-check=600
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-type: image/jpeg
content-length: 36263
etag: "125315263"
expires: Tue, 08 Jun 2021 16:47:09 GMT

GET Tax.jpg
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/081ae2b6-6871-45dd-a4d5-58a8bf62b0e0/ 0
0

GET
H2 200 Carouse+location.jpg
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/4bdd26c7-9085-4879-ac12-45a34478fb22/ 29 KB
30 KB 727ms
727ms Image
image/jpeg 20.189.128.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/4bdd26c7-9085-4879-ac12-45a34478fb22/Carouse+location.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-4bdd26c7-9085-4879-ac12-45a34478fb22-m87udL0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.128.155 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Servlet/3.1

Resource Hash

55dff49063607994d059600e47168c2688543532c65c168133bf53206bb0b335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /rptp/wcm/connect/4bdd26c7-9085-4879-ac12-45a34478fb22/Carouse+location.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-4bdd26c7-9085-4879-ac12-45a34478fb22-m87udL0
pragma: no-cache
cookie: ApplicationGatewayAffinityCORS=a6b14ffbebcaca6b19a9be0d94fa20b1; ApplicationGatewayAffinity=a6b14ffbebcaca6b19a9be0d94fa20b1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: rptpweb.devops.revenuepremier.com
referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://rptpweb.devops.revenuepremier.com/rptp/portal/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijS0MnN09DIy83EODjQwc_R1DTcIcvYAsE_1wQgqigNIGOICjAVB_FCElBbkRBumOiooA7YFcLQ!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:19 GMT
x-content-type-options: nosniff
cached_response: true
x-powered-by: Servlet/3.1
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
content-language: en-US
x-xss-protection: 1; mode=block
cache-control: public,max-age=600,post-check=300,pre-check=600
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-type: image/jpeg
content-length: 29845
etag: "125361624"
expires: Tue, 08 Jun 2021 16:47:09 GMT

GET Carouse+location.jpg
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/4bdd26c7-9085-4879-ac12-45a34478fb22/ 0
0

GET Carouse+News.jpg
rptpweb.devops.revenuepremier.com/rptp/wcm/connect/6ccd6030-9c3a-4200-a3f6-d6360e087ee8/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rptpweb.devops.revenuepremier.com
URL: https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/081ae2b6-6871-45dd-a4d5-58a8bf62b0e0/Tax.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-081ae2b6-6871-45dd-a4d5-58a8bf62b0e0-m87u2Ae

Domain: rptpweb.devops.revenuepremier.com
URL: https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/4bdd26c7-9085-4879-ac12-45a34478fb22/Carouse+location.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-4bdd26c7-9085-4879-ac12-45a34478fb22-m87udL0

Domain: rptpweb.devops.revenuepremier.com
URL: https://rptpweb.devops.revenuepremier.com/rptp/wcm/connect/6ccd6030-9c3a-4200-a3f6-d6360e087ee8/Carouse+News.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-6ccd6030-9c3a-4200-a3f6-d6360e087ee8-m87tVsT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Luno (Crypto Exchange)

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			rptpweb.devops.revenuepremier.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: a6b14ffbebcaca6b19a9be0d94fa20b1
			rptpweb.devops.revenuepremier.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: a6b14ffbebcaca6b19a9be0d94fa20b1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rptpweb.devops.revenuepremier.com
www.google-analytics.com
rptpweb.devops.revenuepremier.com
20.189.128.155
2a00:1450:4001:827::200e
07e9f29418787d01f5f5f33c5748ca562e80646edf8746d819f38167a36fc943
0b5bde167b2cebbf3de09896dea3519aa842cc95ee2427e009eef0906a73a543
0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847
17878c03f9bc44c3d7285d83e9c71cb198bdb6bf2deccb7c27798af6568e6ae8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
55dff49063607994d059600e47168c2688543532c65c168133bf53206bb0b335
63114e186f8970e44da9c33b8327edc3642f1df5102cc4f54a914ce699a5b4be
6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8
745b80d8c9691bb2f83651a38771d98b6f0b0b62a8d799fea723d3c58f012a63
7962bed3a69b0457bc7836ea61968feba89d9fdfe86a95364157ce8741c334f6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8db2f8c208abef90b5cdaafaabfbb11a0f349194444f9ea0bd78094d37e23d49
97f65015a491719ae9dbf1afc7948f8e57f946a6822c6a924fb5826265e89af6
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a65500a595e6d4aa388bc59ead6464d7d15d6b77fab90b79f3a2ab94da08c599
af3594b88d6aef9396bf54492fedb7af94e29346de1a111bd692c1c5207bea35
c2a96ca3f815416b0896a2a4d936d9c49cafaf5216bd31937e305c2ffffa2c78
cf875bd445e501650e9923780d85b15103cf080c60ddd2328dad85691a9914af
d9d57573f24e5e5fcade95a3e8d5be04b8560de08882f8d43c0a0c2e0d596345
e0e15f52913686ba1dace32e649a1ff190f2323f279b7cd6cfcf79fca748f077
e8d484aad6b7beb09b044d07dfb3ab22ce9d57cc936db2ed57ed8c615f455c30
ec1f0a64fd82a9c5e8b4403cc23533a9f4933575ba362436da4072e572b1ff70

rptpweb.devops.revenuepremier.com Open in urlscan Pro 20.189.128.155 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

90 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1189 kBTransfer

1545 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

rptpweb.devops.revenuepremier.com Open in urlscan Pro
20.189.128.155 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

90 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1189 kB
Transfer

1545 kB
Size

2
Cookies

31 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!