urlscan.io logo urlscan.io
SecurityTrails logo

preview.rsmidentity.com Open in urlscan Pro
76.223.106.8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://uat-tsa.api.rsmus.com/
Effective URL: https://preview.rsmidentity.com/oauth2/ausqht9pJOBv5Bc6r1d5/v1/authorize?client_id=0oa172xdm9xgWrQuK1d6&redirect_uri=https%3A%2F...
Submission: On April 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 76.223.106.8, located in United States and belongs to AMAZON-02, US. The main domain is preview.rsmidentity.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 2nd 2023. Valid for: a year.
This is the only time preview.rsmidentity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2620:1ec:bdf::45 8075 (MICROSOFT...)
4 204.79.197.234 8068 (MICROSOFT...)
2 2603:1030:d00... 8075 (MICROSOFT...)
4 76.223.106.8 16509 (AMAZON-02)
4 2603:1020:900... 8075 (MICROSOFT...)
2 3.160.150.113 16509 (AMAZON-02)
20 7
4    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
uat-tsa.api.rsmus.com
4    204.79.197.234 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.atmrum.net
2    2603:1030:d00::1ac (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e6737a555018beef8a60acfe682847a6.azr.footprintdns.com
4    76.223.106.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: a556120ce37110a35.awsglobalaccelerator.com
preview.rsmidentity.com
4    2603:1020:900::45 (Marseille, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
8c9dcde57c74282cf3af5ee106e5587b.azr.footprintdns.com
9ad8ae390a9d7a90fbf3178873c3a921.azr.footprintdns.com
2    3.160.150.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-113.fra60.r.cloudfront.net
op3static.oktacdn.com
Domain Requested by
4 preview.rsmidentity.com uat-tsa.api.rsmus.com
preview.rsmidentity.com
4 www.atmrum.net uat-tsa.api.rsmus.com
www.atmrum.net
4 uat-tsa.api.rsmus.com uat-tsa.api.rsmus.com
2 op3static.oktacdn.com preview.rsmidentity.com
2 9ad8ae390a9d7a90fbf3178873c3a921.azr.footprintdns.com www.atmrum.net
2 8c9dcde57c74282cf3af5ee106e5587b.azr.footprintdns.com www.atmrum.net
2 e6737a555018beef8a60acfe682847a6.azr.footprintdns.com www.atmrum.net
20 7

This site contains no links.

Subject Issuer Validity Valid
uat-tsa.api.rsmus.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-15 -
2025-04-15		 a year crt.sh
atmrum.net
Microsoft Azure RSA TLS Issuing CA 08		 2024-01-18 -
2025-01-12		 a year crt.sh
*.footprintdns.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-03-21 -
2025-03-16		 a year crt.sh
*.rsmidentity.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-02 -
2024-05-25		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-15 -
2025-01-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://preview.rsmidentity.com/oauth2/ausqht9pJOBv5Bc6r1d5/v1/authorize?client_id=0oa172xdm9xgWrQuK1d6&redirect_uri=https%3A%2F%2Fuat-tsa.api.rsmus.com&response_type=code&scope=openid%20profile%20email&state=8874661577e943bca104fbb8cbdfe4e7&code_challenge=L5yJEiWwo6LMUFix71BijsFLc7Kx_I2NdTQmoLI7a8A&code_challenge_method=S256&response_mode=query
Frame ID: 2DA52B244298E4E15F64A1209A448C0E
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RSMUS LLP - Schlechte Anfrage

Page URL History Show full URLs

  1. https://uat-tsa.api.rsmus.com/ Page URL
  2. https://preview.rsmidentity.com/oauth2/ausqht9pJOBv5Bc6r1d5/v1/authorize?client_id=0oa172xdm9xgWrQuK1d6&redi... Page URL

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

3412 kB
Transfer

3399 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://uat-tsa.api.rsmus.com/ Page URL
  2. https://preview.rsmidentity.com/oauth2/ausqht9pJOBv5Bc6r1d5/v1/authorize?client_id=0oa172xdm9xgWrQuK1d6&redirect_uri=https%3A%2F%2Fuat-tsa.api.rsmus.com&response_type=code&scope=openid%20profile%20email&state=8874661577e943bca104fbb8cbdfe4e7&code_challenge=L5yJEiWwo6LMUFix71BijsFLc7Kx_I2NdTQmoLI7a8A&code_challenge_method=S256&response_mode=query Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
uat-tsa.api.rsmus.com/ 		32 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uat-tsa.api.rsmus.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c187811bfb16ee6793b7b05408c31374cf6a5b5850de5dde6741a3ed6f238350
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.rsmus.com https://*.highq.com;
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
32777
content-security-policy
frame-ancestors 'self' https://*.rsmus.com https://*.highq.com;
content-type
text/html
date
Mon, 15 Apr 2024 21:56:15 GMT
last-modified
Monday, 15-Apr-2024 21:56:15 UTC
strict-transport-security
max-age=15724800; includeSubDomains
x-azure-ref
20240415T215615Z-17b6b6476d5vqnz6s0ekp6umw000000000gg00000001qpvy
x-cache
CONFIG_NOCACHE
env.js
uat-tsa.api.rsmus.com/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-tsa.api.rsmus.com/env.js
Requested by
Host: uat-tsa.api.rsmus.com
URL: https://uat-tsa.api.rsmus.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
70e6d49302cbb809ebca7f0e29e7d9eef8ae55d25503f60ee75880d690fc49e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.rsmus.com https://*.highq.com;
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uat-tsa.api.rsmus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 21:56:16 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.rsmus.com https://*.highq.com;
last-modified
Monday, 15-Apr-2024 21:56:16 UTC
x-azure-ref
20240415T215615Z-17b6b6476d5vqnz6s0ekp6umw000000000gg00000001qpws
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
2258
main.5c61e3f4.js
uat-tsa.api.rsmus.com/static/js/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-tsa.api.rsmus.com/static/js/main.5c61e3f4.js
Requested by
Host: uat-tsa.api.rsmus.com
URL: https://uat-tsa.api.rsmus.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
62599727f4982f91a93598335642334a7ef53da088eedc6b2994525c56307f67
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.rsmus.com https://*.highq.com;
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uat-tsa.api.rsmus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 21:56:16 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.rsmus.com https://*.highq.com;
last-modified
Tue, 23 Jan 2024 20:57:01 GMT
etag
"65b0281d-293c8f"
x-azure-ref
20240415T215615Z-17b6b6476d5vqnz6s0ekp6umw000000000gg00000001qpwt
x-cache
CONFIG_NOCACHE
content-type
application/javascript
accept-ranges
bytes
content-length
2702479
main.b6249fe4.css
uat-tsa.api.rsmus.com/static/css/ 		508 KB
509 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uat-tsa.api.rsmus.com/static/css/main.b6249fe4.css
Requested by
Host: uat-tsa.api.rsmus.com
URL: https://uat-tsa.api.rsmus.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6ab2e54861a15c815bfdea3d90bfd43e0df8a5b0d7a3a6f79d30a980c39115a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.rsmus.com https://*.highq.com;
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uat-tsa.api.rsmus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 21:56:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.rsmus.com https://*.highq.com;
last-modified
Tue, 23 Jan 2024 20:57:01 GMT
etag
"65b0281d-7ef36"
x-azure-ref
20240415T215615Z-17b6b6476d5vqnz6s0ekp6umw000000000gg00000001qpwr
x-cache
CONFIG_NOCACHE
content-type
text/css
accept-ranges
bytes
content-length
519990
rum.js
www.atmrum.net/ 		301 B
614 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.atmrum.net/rum.js
Requested by
Host: uat-tsa.api.rsmus.com
URL: https://uat-tsa.api.rsmus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
80afdcdab5af95e11f8edac404947668a91582b9799723a8d5272483a010f23d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uat-tsa.api.rsmus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 21:56:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 31 Mar 2024 21:07:43 GMT
x-msedge-ref
Ref A: 4D7BAE8A6B204AA896B424753FBB2DEB Ref B: FRAEDGE2022 Ref C: 2024-04-15T21:56:15Z
etag
0x8D4FC0223F2F653
x-cache
CONFIG_NOCACHE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-MSEdge-Ref
cache-control
no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
301
fpv2.min.js
www.atmrum.net/client/v1/atm/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.atmrum.net/client/v1/atm/fpv2.min.js
Requested by
Host: www.atmrum.net
URL: https://www.atmrum.net/rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
58a25b39d434f7348e2e9b317d45a1216e6e1463e4e63a21e702bafcfa1fd1e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uat-tsa.api.rsmus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 21:56:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 31 Mar 2024 21:07:43 GMT
x-msedge-ref
Ref A: 71EB515BB3A447BB90673F82A7A2FA1B Ref B: FRAEDGE2022 Ref C: 2024-04-15T21:56:16Z
etag
0x8D501F7AFB7338D
x-cache
CONFIG_NOCACHE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-MSEdge-Ref
cache-control
no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
5647
truncated
/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0da5b0c8d18c6d26da4ab99717cd08dc5e20cb917d47e655ba24ebf9720f0fe9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
img/png
truncated
/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af55f4abe0fd224cef8fad170d95c28c74f3af0867bd06b80c792c86b1684721

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
img/png
fpconfig.min.json
www.atmrum.net/conf/v1/atm/ 		197 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.atmrum.net/conf/v1/atm/fpconfig.min.json?monitorId=atm
Requested by
Host: www.atmrum.net
URL: https://www.atmrum.net/client/v1/atm/fpv2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
86940ef9206432211e27491a3a64194497e2386c26fa5bcc9ec2a5746d6c7d22
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uat-tsa.api.rsmus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 21:56:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 31 Mar 2024 21:07:43 GMT
x-msedge-ref
Ref A: 06F189FA96ED425C99D3A0996EC73C9B Ref B: FRAEDGE1517 Ref C: 2024-04-15T21:56:16Z
etag
0x8D501F7AFB7338D
x-cache
CONFIG_NOCACHE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-MSEdge-Ref
cache-control
no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
197
trans.gif
e6737a555018beef8a60acfe682847a6.azr.footprintdns.com/apc/ 		43 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e6737a555018beef8a60acfe682847a6.azr.footprintdns.com/apc/trans.gif?6d0d98935bff2599c15593fc6fbf8309
Requested by
Host: www.atmrum.net
URL: https://www.atmrum.net/client/v1/atm/fpv2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1030:d00::1ac , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uat-tsa.api.rsmus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 15 Apr 2024 21:56:16 GMT
x-machinename
mwh01app020
x-content-type-options
nosniff
last-modified
Thu, 21 Mar 2024 15:48:16 GMT
server
Microsoft-IIS/10.0
etag
"ddbb5c30a77bda1:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
x-endpoint
mwh01prdapp02
accept-ranges
bytes
content-length
43
x-userhostaddress
2001:ac8:20::
openid-configuration
preview.rsmidentity.com/oauth2/ausqht9pJOBv5Bc6r1d5/.well-known/ 		3 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://preview.rsmidentity.com/oauth2/ausqht9pJOBv5Bc6r1d5/.well-known/openid-configuration
Requested by
Host: uat-tsa.api.rsmus.com
URL: https://uat-tsa.api.rsmus.com/static/js/main.5c61e3f4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.106.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a556120ce37110a35.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' rsm.oktapreview.com preview.rsmidentity.com *.oktacdn.com; connect-src 'self' rsm.oktapreview.com rsm-admin.oktapreview.com preview.rsmidentity.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com rsm.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' rsm.oktapreview.com preview.rsmidentity.com *.oktacdn.com; style-src 'unsafe-inline' 'self' rsm.oktapreview.com preview.rsmidentity.com *.oktacdn.com; frame-src 'self' rsm.oktapreview.com rsm-admin.oktapreview.com preview.rsmidentity.com login.okta.com com-okta-authenticator:; img-src 'self' rsm.oktapreview.com preview.rsmidentity.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' rsm.oktapreview.com preview.rsmidentity.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uat-tsa.api.rsmus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Okta-Request-Id
Zh2igWSFXOMaHChncXV4ogAAA8Q
Date
Mon, 15 Apr 2024 21:56:17 GMT
content-security-policy
default-src 'self' rsm.oktapreview.com preview.rsmidentity.com *.oktacdn.com; connect-src 'self' rsm.oktapreview.com rsm-admin.oktapreview.com preview.rsmidentity.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com rsm.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' rsm.oktapreview.com preview.rsmidentity.com *.oktacdn.com; style-src 'unsafe-inline' 'self' rsm.oktapreview.com preview.rsmidentity.com *.oktacdn.com; frame-src 'self' rsm.oktapreview.com rsm-admin.oktapreview.com preview.rsmidentity.com login.okta.com com-okta-authenticator:; img-src 'self' rsm.oktapreview.com preview.rsmidentity.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' rsm.oktapreview.com preview.rsmidentity.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-content-type-options
nosniff
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://uat-tsa.api.rsmus.com
cache-control
max-age=86400, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5, max=100
expires
Tue, 16 Apr 2024 21:56:17 GMT
trans.gif
e6737a555018beef8a60acfe682847a6.azr.footprintdns.com/apc/ 		43 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e6737a555018beef8a60acfe682847a6.azr.footprintdns.com/apc/trans.gif?baae3165d90ff6c93ee72e0a5c8028c2
Requested by
Host: www.atmrum.net
URL: https://www.atmrum.net/client/v1/atm/fpv2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1030:d00::1ac , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uat-tsa.api.rsmus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 15 Apr 2024 21:56:16 GMT
x-machinename
mwh01app020
x-content-type-options
nosniff
last-modified
Thu, 21 Mar 2024 15:48:16 GMT
server
Microsoft-IIS/10.0
etag
"ddbb5c30a77bda1:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
x-endpoint
mwh01prdapp02
accept-ranges
bytes
content-length
43
x-userhostaddress
2001:ac8:20::
trans.gif
8c9dcde57c74282cf3af5ee106e5587b.azr.footprintdns.com/apc/ 		43 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://8c9dcde57c74282cf3af5ee106e5587b.azr.footprintdns.com/apc/trans.gif?253528f9f0d92e0e782d15bea894eed3
Requested by
Host: www.atmrum.net
URL: https://www.atmrum.net/client/v1/atm/fpv2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1020:900::45 Marseille, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uat-tsa.api.rsmus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 15 Apr 2024 21:56:16 GMT
x-machinename
mrs20app010
x-content-type-options
nosniff
last-modified
Thu, 21 Mar 2024 15:48:16 GMT
server
Microsoft-IIS/10.0
etag
"ddbb5c30a77bda1:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
x-endpoint
mrs20prdapp01
accept-ranges
bytes
content-length
43
x-userhostaddress
2001:ac8:20::
trans.gif
8c9dcde57c74282cf3af5ee106e5587b.azr.footprintdns.com/apc/ 		43 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://8c9dcde57c74282cf3af5ee106e5587b.azr.footprintdns.com/apc/trans.gif?604fd0282eb7503f8b356040b7e6841e
Requested by
Host: www.atmrum.net
URL: https://www.atmrum.net/client/v1/atm/fpv2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1020:900::45 Marseille, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uat-tsa.api.rsmus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 15 Apr 2024 21:56:16 GMT
x-machinename
mrs20app010
x-content-type-options
nosniff
last-modified
Thu, 21 Mar 2024 15:48:16 GMT
server
Microsoft-IIS/10.0
etag
"ddbb5c30a77bda1:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
x-endpoint
mrs20prdapp01
accept-ranges
bytes
content-length
43
x-userhostaddress
2001:ac8:20::
trans.gif
9ad8ae390a9d7a90fbf3178873c3a921.azr.footprintdns.com/apc/ 		43 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://9ad8ae390a9d7a90fbf3178873c3a921.azr.footprintdns.com/apc/trans.gif?d2822c05fd6ae4e055f05033b7b5c6ce
Requested by
Host: www.atmrum.net
URL: https://www.atmrum.net/client/v1/atm/fpv2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1020:900::45 Marseille, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uat-tsa.api.rsmus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 15 Apr 2024 21:56:16 GMT
x-machinename
mrs20app010
x-content-type-options
nosniff
last-modified
Thu, 21 Mar 2024 15:48:16 GMT
server
Microsoft-IIS/10.0
etag
"ddbb5c30a77bda1:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
x-endpoint
mrs20prdapp01
accept-ranges
bytes
content-length
43
x-userhostaddress
2001:ac8:20::
trans.gif
9ad8ae390a9d7a90fbf3178873c3a921.azr.footprintdns.com/apc/ 		43 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://9ad8ae390a9d7a90fbf3178873c3a921.azr.footprintdns.com/apc/trans.gif?c27306ba634d0bc6d8032d310caee046
Requested by
Host: www.atmrum.net
URL: https://www.atmrum.net/client/v1/atm/fpv2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1020:900::45 Marseille, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uat-tsa.api.rsmus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 15 Apr 2024 21:56:16 GMT
x-machinename
mrs20app010
x-content-type-options
nosniff
last-modified
Thu, 21 Mar 2024 15:48:16 GMT
server
Microsoft-IIS/10.0
etag
"ddbb5c30a77bda1:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
x-endpoint
mrs20prdapp01
accept-ranges
bytes
content-length
43
x-userhostaddress
2001:ac8:20::
r.gif
www.atmrum.net/report/v1/atm/ 		7 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.atmrum.net/report/v1/atm/r.gif?MonitorID=atm&rid=6ad5ed6d69cdc012984b677e06475129&w3c=true&prot=https%3A&v=js%2F3.0.4&tag=be003091d40090dc9d90010e06ec0ac0&DATA=[{%22RequestID%22:%22e6737a555018beef8a60acfe682847a6%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:906,%22T%22:128,%22Rip%22:%222001:ac8:20::%22,%22Ep%22:%22mwh01prdapp02%22,%22Mn%22:%22mwh01app020%22},{%22RequestID%22:%22e6737a555018beef8a60acfe682847a6%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:160,%22T%22:128,%22Rip%22:%222001:ac8:20::%22,%22Ep%22:%22mwh01prdapp02%22,%22Mn%22:%22mwh01app020%22},{%22RequestID%22:%228c9dcde57c74282cf3af5ee106e5587b%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:144,%22T%22:128,%22Rip%22:%222001:ac8:20::%22,%22Ep%22:%22mrs20prdapp01%22,%22Mn%22:%22mrs20app010%22},{%22RequestID%22:%228c9dcde57c74282cf3af5ee106e5587b%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:24,%22T%22:128,%22Rip%22:%222001:ac8:20::%22,%22Ep%22:%22mrs20prdapp01%22,%22Mn%22:%22mrs20app010%22},{%22RequestID%22:%229ad8ae390a9d7a90fbf3178873c3a921%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:41,%22T%22:128,%22Rip%22:%222001:ac8:20::%22,%22Ep%22:%22mrs20prdapp01%22,%22Mn%22:%22mrs20app010%22},{%22RequestID%22:%229ad8ae390a9d7a90fbf3178873c3a921%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:24,%22T%22:128,%22Rip%22:%222001:ac8:20::%22,%22Ep%22:%22mrs20prdapp01%22,%22Mn%22:%22mrs20app010%22}]
Requested by
Host: www.atmrum.net
URL: https://www.atmrum.net/client/v1/atm/fpv2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f82624464e9e95dfae29e0e54c360aff84dda3c419fc8c3bd10ef668bbe7df9e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uat-tsa.api.rsmus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://uat-tsa.api.rsmus.com
date
Mon, 15 Apr 2024 21:56:17 GMT
cache-control
no-store
x-msedge-ref
Ref A: B7E050793CC74DA6AE158FC72DD1C5EA Ref B: FRAEDGE1517 Ref C: 2024-04-15T21:56:17Z
content-type
image/gif
Primary Request authorize
preview.rsmidentity.com/oauth2/ausqht9pJOBv5Bc6r1d5/v1/ 		3 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://preview.rsmidentity.com/oauth2/ausqht9pJOBv5Bc6r1d5/v1/authorize?client_id=0oa172xdm9xgWrQuK1d6&redirect_uri=https%3A%2F%2Fuat-tsa.api.rsmus.com&response_type=code&scope=openid%20profile%20email&state=8874661577e943bca104fbb8cbdfe4e7&code_challenge=L5yJEiWwo6LMUFix71BijsFLc7Kx_I2NdTQmoLI7a8A&code_challenge_method=S256&response_mode=query
Requested by
Host: uat-tsa.api.rsmus.com
URL: https://uat-tsa.api.rsmus.com/static/js/main.5c61e3f4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.106.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a556120ce37110a35.awsglobalaccelerator.com
Software
nginx /
Resource Hash
7b9288e02ead5bfa426805f23a6b993afb610075ecb7b5fc574cdaa08a62b659
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://uat-tsa.api.rsmus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
close
Content-Length
2852
Content-Type
text/html;charset=utf-8
Date
Mon, 15 Apr 2024 21:56:18 GMT
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
accept-ch
Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store
content-language
de
content-security-policy-report-only
default-src 'self' rsm.oktapreview.com preview.rsmidentity.com *.oktacdn.com; connect-src 'self' rsm.oktapreview.com rsm-admin.oktapreview.com preview.rsmidentity.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com rsm.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' rsm.oktapreview.com preview.rsmidentity.com *.oktacdn.com; style-src 'unsafe-inline' 'self' rsm.oktapreview.com preview.rsmidentity.com *.oktacdn.com; frame-src 'self' rsm.oktapreview.com rsm-admin.oktapreview.com preview.rsmidentity.com login.okta.com com-okta-authenticator:; img-src 'self' rsm.oktapreview.com preview.rsmidentity.com *.oktacdn.com https://op3static.oktacdn.com/fs/bcg/4/gfs173sd1UBO0vArm1d6 *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' rsm.oktapreview.com preview.rsmidentity.com data: *.oktacdn.com fonts.gstatic.com
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
x-content-type-options
nosniff
x-okta-request-id
Zh2igthvnGCMv3x3l8n8oQAACsc
x-rate-limit-limit
1200
x-rate-limit-remaining
1197
x-rate-limit-reset
1713218212
x-xss-protection
0
errors-v2.css
preview.rsmidentity.com/assets/css/sections/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://preview.rsmidentity.com/assets/css/sections/errors-v2.css
Requested by
Host: preview.rsmidentity.com
URL: https://preview.rsmidentity.com/oauth2/ausqht9pJOBv5Bc6r1d5/v1/authorize?client_id=0oa172xdm9xgWrQuK1d6&redirect_uri=https%3A%2F%2Fuat-tsa.api.rsmus.com&response_type=code&scope=openid%20profile%20email&state=8874661577e943bca104fbb8cbdfe4e7&code_challenge=L5yJEiWwo6LMUFix71BijsFLc7Kx_I2NdTQmoLI7a8A&code_challenge_method=S256&response_mode=query
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.106.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a556120ce37110a35.awsglobalaccelerator.com
Software
nginx /
Resource Hash
07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform-version
"10.0.0"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 21:56:18 GMT
x-amz-meta-sha1sum
a0af4ecf251187b0203ff095d16f850cc57a38c1
Content-Encoding
gzip
Strict-Transport-Security
max-age=315360000; includeSubDomains
Last-Modified
Thu, 27 Oct 2022 18:09:39 GMT
Server
nginx
ETag
W/"80127ba5c47706686501006723ba83da"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Expires
Tue, 15 Apr 2025 21:56:18 GMT
fs082kh6suGhz7NCh1d7
op3static.oktacdn.com/fs/bco/1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://op3static.oktacdn.com/fs/bco/1/fs082kh6suGhz7NCh1d7
Requested by
Host: preview.rsmidentity.com
URL: https://preview.rsmidentity.com/oauth2/ausqht9pJOBv5Bc6r1d5/v1/authorize?client_id=0oa172xdm9xgWrQuK1d6&redirect_uri=https%3A%2F%2Fuat-tsa.api.rsmus.com&response_type=code&scope=openid%20profile%20email&state=8874661577e943bca104fbb8cbdfe4e7&code_challenge=L5yJEiWwo6LMUFix71BijsFLc7Kx_I2NdTQmoLI7a8A&code_challenge_method=S256&response_mode=query
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
219c1d066128be23c31ac65b6a6f397865b7715e05ce2cc7f27ce1be5dca0320
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 13:33:19 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 e7901684d85170d527aec3a64956def6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
1326179
x-cache
Hit from cloudfront
content-length
1782
last-modified
Fri, 12 May 2023 02:00:26 GMT
server
nginx
etag
"5054ac772c67e549d1a4499fca9de0f0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
lOMEI3zVj9ITgu5iNVaCAW3GQnX39JPLE9HLINlwW8h9eq528MOZmA==
expires
Mon, 31 Mar 2025 13:33:19 GMT
fs082kh6t2wUVTeDK1d7
op3static.oktacdn.com/fs/bco/7/ 		174 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://op3static.oktacdn.com/fs/bco/7/fs082kh6t2wUVTeDK1d7
Requested by
Host: preview.rsmidentity.com
URL: https://preview.rsmidentity.com/oauth2/ausqht9pJOBv5Bc6r1d5/v1/authorize?client_id=0oa172xdm9xgWrQuK1d6&redirect_uri=https%3A%2F%2Fuat-tsa.api.rsmus.com&response_type=code&scope=openid%20profile%20email&state=8874661577e943bca104fbb8cbdfe4e7&code_challenge=L5yJEiWwo6LMUFix71BijsFLc7Kx_I2NdTQmoLI7a8A&code_challenge_method=S256&response_mode=query
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
173bf5477d298018ba647f3ca2290f2fb119d9725ee7447fd174d07fbfca1813
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://preview.rsmidentity.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 19:27:44 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 e7901684d85170d527aec3a64956def6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
613713
x-cache
Hit from cloudfront
content-length
178220
last-modified
Fri, 12 May 2023 02:00:26 GMT
server
nginx
etag
"48001081529f0ceb6cd27ef94569e92c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
UpmT8vMRq8k6dOZl9dhzAA1BGHDH_JJLV0J0awoD0yRLcwKs6sXBlw==
expires
Tue, 08 Apr 2025 19:27:44 GMT
favicon.ico
preview.rsmidentity.com/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://preview.rsmidentity.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.106.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a556120ce37110a35.awsglobalaccelerator.com
Software
nginx /
Resource Hash
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform-version
"10.0.0"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 21:56:18 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 10 Apr 2024 23:02:42 GMT
Server
nginx
etag
W/"5430-1712790162000"
Content-Type
image/x-icon
Connection
Keep-Alive
accept-ranges
bytes
X-Robots-Tag
noindex,nofollow
Keep-Alive
timeout=5, max=99
Content-Length
5430

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
preview.rsmidentity.com/ Name: JSESSIONID
Value: 98FD2607DBBA8BA4BA2FE97C69EC4241
preview.rsmidentity.com/ Name: t
Value: default
preview.rsmidentity.com/ Name: DT
Value: DI18BRqWkDXR3GAfEvDz9c81A

1 Console Messages

Source Level URL
Text
network error URL: https://preview.rsmidentity.com/oauth2/ausqht9pJOBv5Bc6r1d5/v1/authorize?client_id=0oa172xdm9xgWrQuK1d6&redirect_uri=https%3A%2F%2Fuat-tsa.api.rsmus.com&response_type=code&scope=openid%20profile%20email&state=8874661577e943bca104fbb8cbdfe4e7&code_challenge=L5yJEiWwo6LMUFix71BijsFLc7Kx_I2NdTQmoLI7a8A&code_challenge_method=S256&response_mode=query
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://*.rsmus.com https://*.highq.com;
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8c9dcde57c74282cf3af5ee106e5587b.azr.footprintdns.com
9ad8ae390a9d7a90fbf3178873c3a921.azr.footprintdns.com
e6737a555018beef8a60acfe682847a6.azr.footprintdns.com
op3static.oktacdn.com
preview.rsmidentity.com
uat-tsa.api.rsmus.com
www.atmrum.net
204.79.197.234
2603:1020:900::45
2603:1030:d00::1ac
2620:1ec:bdf::45
3.160.150.113
76.223.106.8
07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1
0da5b0c8d18c6d26da4ab99717cd08dc5e20cb917d47e655ba24ebf9720f0fe9
173bf5477d298018ba647f3ca2290f2fb119d9725ee7447fd174d07fbfca1813
219c1d066128be23c31ac65b6a6f397865b7715e05ce2cc7f27ce1be5dca0320
58a25b39d434f7348e2e9b317d45a1216e6e1463e4e63a21e702bafcfa1fd1e9
62599727f4982f91a93598335642334a7ef53da088eedc6b2994525c56307f67
6ab2e54861a15c815bfdea3d90bfd43e0df8a5b0d7a3a6f79d30a980c39115a6
70e6d49302cbb809ebca7f0e29e7d9eef8ae55d25503f60ee75880d690fc49e8
7b9288e02ead5bfa426805f23a6b993afb610075ecb7b5fc574cdaa08a62b659
80afdcdab5af95e11f8edac404947668a91582b9799723a8d5272483a010f23d
86940ef9206432211e27491a3a64194497e2386c26fa5bcc9ec2a5746d6c7d22
af55f4abe0fd224cef8fad170d95c28c74f3af0867bd06b80c792c86b1684721
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c187811bfb16ee6793b7b05408c31374cf6a5b5850de5dde6741a3ed6f238350
f82624464e9e95dfae29e0e54c360aff84dda3c419fc8c3bd10ef668bbe7df9e
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa