rmau.org Open in urlscan Pro
104.37.223.33  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set registration Show response rmau.org/authentication/	41 KB 9 KB	563ms 151ms	Document text/html	104.37.223.33 ONLINE-TECH-LLC-IN1
General Check archive.org Show headers Download Go to Full URL https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 104.37.223.33 Manchester, United States, ASN393640 (ONLINE-TECH-LLC-IN1, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash d8895d3c8b79c0939894128a762f49838d7d606f3a3a5f5b0b66a3fcb7cb0cb4 Request headers Host rmau.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Cache-Control private, no-store, must-revalidate Content-Type text/html; charset=utf-8 Content-Encoding gzip Expires Thu, 03 Jun 2021 15:26:13 GMT Vary Accept-Encoding Server Microsoft-IIS/8.5 X-AspNetMvc-Version 4.0 X-UA-Compatible IE=Edge X-AspNet-Version 4.0.30319 Set-Cookie __RequestVerificationToken=o9nyGyg0aLYUZsDS9YJROzI4FVzLQez89SeqFvD7J-Ri_hz5mLrl6uwseigJCt10e11y96JjFu9VMT5FywkQKmEiYcvNH6l6zhWFwf3odpw1; path=/; HttpOnly RMAU-7=CK02C0uD6Oj_qFaH90fMoihPoiKZIOU23GTRukQ4QjdnaHqoz3Rf_fSYYlkV5REHtWQSRlOEuf2Aef8T7djhKa1g8ZAlMODMMeWPxWCvRL-UsflwhVuro2taTgd0wx_-mutVR9gE7A8n4AMABYFCkiDty0P5lcgSjjwEF1RsRauvZNyGuN_3-qXuxGuMTBbdXeuD3BGsjh8kW7nz4R_vmWDNn6HcxKC65MbmNASuUATkt6tPIWhzTDpayqd6ZMmwKbCVE-ybjgpPA3XRAH49Sd0fvX3POccfye_sqOXjS65IUQfjp1OxkNuds7PEWCS-7ptTKjsg69qxsSNhMJhaCU_CwZX_KFXctMVyx5mI4-429xl7bM-w6m4TdndXupnwInn4uzXSH6aSNN_7m9W-j9lu7hMPKAa36vr61W5zoKE-mzxqCwivTr1F-h9COg5W1dZzM-azyq-6mKSmBAAeHjoeIiXB5wOP-UHpL8OFCoCBBy81YJid2SDs8dvXJsF8Oh0OITHQCB4zUh1hmnWIY0UxA3Udt-s0DhGu1RFNFFLkORTejGbmQIzjeYFhHt07MGSmA2LPVVLaJA_8KqUlpAH0fhBxAg8m55GK1gb_hUAOPrhNLAN_G1VKh3g6kbrwx6tOkuRqexf1HY0ZQHSFJokurIjW4fyCpQtc9GTTaXIfifG1FNF5ai7zJ2tT1fKr_DxPXAR; expires=Thu, 03-Jun-2021 15:26:13 GMT; path=/ X-Powered-By ASP.NET Date Fri, 04 Jun 2021 15:26:13 GMT Content-Length 7856
GET H/1.1	200 OK	combined_rmau_36EEE882A86D7FFD8DFC20AEC4C2F770.css rmau.org/_bundles/	204 KB 37 KB	136ms 136ms	Stylesheet text/css	104.37.223.33 ONLINE-TECH-LLC-IN1
General Check archive.org Show headers Download Go to Full URL https://rmau.org/_bundles/combined_rmau_36EEE882A86D7FFD8DFC20AEC4C2F770.css Requested by Host: rmau.org URL: https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 104.37.223.33 Manchester, United States, ASN393640 (ONLINE-TECH-LLC-IN1, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash e519e2ca4cdce6525f5e73deed06d96ae6c9f6cc5a769845bd4a107ed3f2f77e Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host rmau.org Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR Cookie __RequestVerificationToken=o9nyGyg0aLYUZsDS9YJROzI4FVzLQez89SeqFvD7J-Ri_hz5mLrl6uwseigJCt10e11y96JjFu9VMT5FywkQKmEiYcvNH6l6zhWFwf3odpw1 Connection keep-alive Referer https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 15:26:13 GMT Content-Encoding gzip Last-Modified Fri, 04 Jun 2021 09:11:22 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0993b962159d71:0" Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 37324
GET H/1.1	200 OK	font-awesome.min.css rmau.org/_font-awesome/v4.0.3/css/	17 KB 4 KB	382ms 131ms	Stylesheet text/css	104.37.223.33 ONLINE-TECH-LLC-IN1
General Check archive.org Show headers Download Go to Full URL https://rmau.org/_font-awesome/v4.0.3/css/font-awesome.min.css Requested by Host: rmau.org URL: https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 104.37.223.33 Manchester, United States, ASN393640 (ONLINE-TECH-LLC-IN1, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash f96c8aa5eadbf98b155a0627034b14b6fdced2431dcd5e383eb957e42b7b9d9e Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host rmau.org Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR Cookie __RequestVerificationToken=o9nyGyg0aLYUZsDS9YJROzI4FVzLQez89SeqFvD7J-Ri_hz5mLrl6uwseigJCt10e11y96JjFu9VMT5FywkQKmEiYcvNH6l6zhWFwf3odpw1 Connection keep-alive Referer https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 15:26:13 GMT Content-Encoding gzip Last-Modified Wed, 11 Mar 2020 22:31:48 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "02212daf4f7d51:0" Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 3982
GET H/1.1	200 OK	RMAU_Online_Logo.png rmau.org/_images/	2 KB 2 KB	133ms 133ms	Image image/png	104.37.223.33 ONLINE-TECH-LLC-IN1
General Check archive.org Show headers Download Go to Show image Full URL https://rmau.org/_images/RMAU_Online_Logo.png Requested by Host: rmau.org URL: https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 104.37.223.33 Manchester, United States, ASN393640 (ONLINE-TECH-LLC-IN1, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 15cd4f18bbb75c63a03ad5c6839cff1a3fa5290f32befe5b8ec65dc8a677069d Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host rmau.org Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR Cookie __RequestVerificationToken=o9nyGyg0aLYUZsDS9YJROzI4FVzLQez89SeqFvD7J-Ri_hz5mLrl6uwseigJCt10e11y96JjFu9VMT5FywkQKmEiYcvNH6l6zhWFwf3odpw1 Connection keep-alive Referer https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 15:26:13 GMT Last-Modified Wed, 11 Mar 2020 22:31:48 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "02212daf4f7d51:0" Content-Type image/png Accept-Ranges bytes Content-Length 1613
GET H/1.1	200 OK	RMALogoFooter.png rmau.org/_images/	3 KB 3 KB	263ms 134ms	Image image/png	104.37.223.33 ONLINE-TECH-LLC-IN1
General Check archive.org Show headers Download Go to Show image Full URL https://rmau.org/_images/RMALogoFooter.png Requested by Host: rmau.org URL: https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 104.37.223.33 Manchester, United States, ASN393640 (ONLINE-TECH-LLC-IN1, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash dfe0420d5bb714d173b4a7a5c35ded6e4fb04e08ae80eb78fbdada372612efeb Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host rmau.org Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR Cookie __RequestVerificationToken=o9nyGyg0aLYUZsDS9YJROzI4FVzLQez89SeqFvD7J-Ri_hz5mLrl6uwseigJCt10e11y96JjFu9VMT5FywkQKmEiYcvNH6l6zhWFwf3odpw1 Connection keep-alive Referer https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 15:26:13 GMT Last-Modified Wed, 11 Mar 2020 22:31:48 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "02212daf4f7d51:0" Content-Type image/png Accept-Ranges bytes Content-Length 3318
GET H/1.1	200 OK	combined_rmau_C475FB5066ED0E7274DA771A8518C64E.js Show response rmau.org/_bundles/	432 KB 129 KB	259ms 249ms	Script application/javascript	104.37.223.33 ONLINE-TECH-LLC-IN1
General Check archive.org Show headers Download Go to Full URL https://rmau.org/_bundles/combined_rmau_C475FB5066ED0E7274DA771A8518C64E.js Requested by Host: rmau.org URL: https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 104.37.223.33 Manchester, United States, ASN393640 (ONLINE-TECH-LLC-IN1, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash aeea10ad4cd093e7a0616d1c24c2a232253cf8f3525ff5b2f6e901deabacb09c Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host rmau.org Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR Cookie __RequestVerificationToken=o9nyGyg0aLYUZsDS9YJROzI4FVzLQez89SeqFvD7J-Ri_hz5mLrl6uwseigJCt10e11y96JjFu9VMT5FywkQKmEiYcvNH6l6zhWFwf3odpw1 Connection keep-alive Referer https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 15:26:13 GMT Content-Encoding gzip Last-Modified Fri, 04 Jun 2021 09:11:23 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "802fd4962159d71:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 131388
GET H2	200	gtm.js Show response www.googletagmanager.com/	75 KB 30 KB	36ms 35ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MMVJXXH Requested by Host: rmau.org URL: https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9ad9a17faaa46bf0639aed167a87bdbcd28c13cf2c8af93b249cd17eca55ee03 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://rmau.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 15:26:14 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30360 x-xss-protection 0 last-modified Fri, 04 Jun 2021 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 04 Jun 2021 15:26:14 GMT
GET H2	200	hotjar-503993.js Show response static.hotjar.com/c/	4 KB 2 KB	163ms 99ms	Script application/javascript	52.222.149.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-503993.js?sv=5 Requested by Host: rmau.org URL: https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.149.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-149-85.cdg52.r.cloudfront.net Software / Resource Hash 568dc3fc3c8e24c28da785d02f5a44df558bebadff7fd673853687f6957794e4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://rmau.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 15:26:15 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 x-amz-cf-pop CDG52-P1 etag W/125a543a0e7fdc7a8679c579eecfb3ff vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 content-length 1939 via 1.1 468eeec33a1dbb9d71a79cbde5838d78.cloudfront.net (CloudFront) x-amz-cf-id zeLOmlqszIirA8YKTm2xMDU4-vwGgb6NM1qsQYPUPqRqYtMh7rLAsQ==
GET H/1.1	200 OK	b24f5df0-b969-4b25-b38e-fe6d15821dee.woff rmau.org/_fonts.com/Fonts/	22 KB 22 KB	370ms 255ms	Font application/x-font-woff	104.37.223.33 ONLINE-TECH-LLC-IN1
General Check archive.org Show headers Download Go to Full URL https://rmau.org/_fonts.com/Fonts/b24f5df0-b969-4b25-b38e-fe6d15821dee.woff Requested by Host: rmau.org URL: https://rmau.org/_bundles/combined_rmau_36EEE882A86D7FFD8DFC20AEC4C2F770.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 104.37.223.33 Manchester, United States, ASN393640 (ONLINE-TECH-LLC-IN1, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash aeca936d8ddc3bfa80bd77debce6a74568537c69105e1c51dc28b16ca2140cf6 Request headers Pragma no-cache Sec-Fetch-Site same-origin Origin https://rmau.org Accept-Encoding gzip, deflate, br Host rmau.org Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest font Referer https://rmau.org/_bundles/combined_rmau_36EEE882A86D7FFD8DFC20AEC4C2F770.css Cookie __RequestVerificationToken=o9nyGyg0aLYUZsDS9YJROzI4FVzLQez89SeqFvD7J-Ri_hz5mLrl6uwseigJCt10e11y96JjFu9VMT5FywkQKmEiYcvNH6l6zhWFwf3odpw1 Connection keep-alive Origin https://rmau.org Referer https://rmau.org/_bundles/combined_rmau_36EEE882A86D7FFD8DFC20AEC4C2F770.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 15:26:13 GMT Last-Modified Wed, 20 Aug 2014 11:33:06 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "058f826abccf1:0" Content-Type application/x-font-woff Accept-Ranges bytes Content-Length 22171
GET H3-29	200	js Show response www.googletagmanager.com/gtag/	119 KB 46 KB	64ms 63ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Y4VK7D6DZ8&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMVJXXH Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 04b501d260992c68575b1eab0895636db26c6cd1ed71cc048e4cde064421a5c2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://rmau.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 15:26:15 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46691 x-xss-protection 0 expires Fri, 04 Jun 2021 15:26:15 GMT
POST H2	204	collect www.google-analytics.com/g/	0 166 B	26ms 26ms	Ping text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-Y4VK7D6DZ8&gtm=2oe621&_p=1819665961&sr=1600x1200&ul=en-us&cid=1239215306.1622820375&_s=1&dl=https%3A%2F%2Frmau.org%2Fauthentication%2Fregistration%3Fp%3DQS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%253dR&dt=RMA%20University&sid=1622820375&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Y4VK7D6DZ8&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://rmau.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 04 Jun 2021 15:26:15 GMT server Golfe2 content-type text/plain access-control-allow-origin https://rmau.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	modules.734bd4b678d25642f35b.js Show response script.hotjar.com/	219 KB 58 KB	101ms 36ms	Script application/javascript	52.222.158.87 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.734bd4b678d25642f35b.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-503993.js?sv=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.87 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-87.cdg52.r.cloudfront.net Software / Resource Hash 97d7a6a99d78ef625f666a5eadb2ebc807a035af276abf045f87050e1be2761d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://rmau.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 10:15:05 GMT content-encoding br x-content-type-options nosniff age 105070 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 58989 access-control-allow-origin * last-modified Thu, 03 Jun 2021 10:14:54 GMT etag "7b5811df19fd9039ed7e0c4af36daa03" vary Accept-Encoding content-type application/javascript via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop CDG52-P2 accept-ranges bytes x-robots-tag none x-amz-cf-id QUt9S8ebWp1BuS83eKZ7c28gxvv3WfXNCqBVhPjQAOYndQnJioHhXA==
GET H2	200	trackingCode.js Show response fast.fonts.net/t/	650 B 925 B	36ms 21ms	Script text/plain	2606:4700::6811:e14e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fast.fonts.net/t/trackingCode.js Requested by Host: rmau.org URL: https://rmau.org/_bundles/combined_rmau_C475FB5066ED0E7274DA771A8518C64E.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c3c9df8b8f0a80f863c53dec5cbca7dedbdcc7697c6c6359520950774653960 Request headers Referer https://rmau.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 15:26:15 GMT content-encoding gzip cf-cache-status HIT age 656 x-amz-request-id 629V55PPVKCFAQK6 x-amz-id-2 39LzGxBnqEabRri9dkj/wi5pIXputFu0rM2sOnX8RDsQ3AaBFFZvg0KNSxrxa1gbES8SlSrcsTU= last-modified Tue, 23 Mar 2021 09:15:19 GMT server cloudflare etag W/"32dd789522cc6923c80141fcf5d3a614" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain; charset=utf-8 expires Fri, 04 Jun 2021 19:26:15 GMT cache-control public, max-age=14400 cf-request-id 0a793ae3b800000631c12a7000000001 cf-ray 65a22db2cbfb0631-FRA x-amz-meta-mtime 1383840033
GET H2	200	1.css fast.fonts.net/t/	0 260 B	36ms 35ms	Stylesheet text/css	2606:4700::6811:e14e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fast.fonts.net/t/1.css?apiType=css&projectid=62b45146-cbe4-44bf-bc5c-2ad62ad4bae0 Requested by Host: rmau.org URL: https://rmau.org/authentication/registration?p=QS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%3dR Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://rmau.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 15:26:15 GMT cf-cache-status HIT age 21446 cf-ray 65a22db2ec540631-FRA content-length 0 x-amz-id-2 804PPs7BVDGc4u7rXU88G6O4RNSRp5EpPM3Kl5RuERM7IvFrvhtrfwM9PaDoamNlL6iG5OYTaEo= last-modified Tue, 23 Mar 2021 12:59:23 GMT server cloudflare etag "d41d8cd98f00b204e9800998ecf8427e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id D0F5FZX4C8QXXZK5 cache-control public, max-age=0, s-maxage=604800 cf-request-id 0a793ae3d100000631a20e6000000001 accept-ranges bytes content-type text/css; charset=utf-8 x-amz-meta-mtime 1519217722
GET H2	200	box-25a418976ea02a6f393fbbe77cec94bb.html Show response vars.hotjar.com/ Frame 5ECA	2 KB 1 KB	100ms 32ms	Document text/html	52.222.158.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-503993.js?sv=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.52 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-52.cdg52.r.cloudfront.net Software / Resource Hash 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9 Request headers :method GET :authority vars.hotjar.com :scheme https :path /box-25a418976ea02a6f393fbbe77cec94bb.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://rmau.org/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://rmau.org/ Response headers content-type text/html content-length 1044 date Thu, 03 Jun 2021 10:15:05 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br etag "76922233be8bdb14c053af468d29404a" last-modified Thu, 03 Jun 2021 10:14:54 GMT x-amz-server-side-encryption AES256 x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront) x-amz-cf-pop CDG52-P2 x-amz-cf-id x7t9ThbvJD5g283qrlF2Z-2c4rJv8DWDFRsc5poAu8OLzMavIi3BIw== age 105070
POST H2	204	collect www.google-analytics.com/g/	0 54 B	26ms 26ms	Ping text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-Y4VK7D6DZ8&gtm=2oe621&_p=1819665961&sr=1600x1200&ul=en-us&cid=1239215306.1622820375&_s=2&dl=https%3A%2F%2Frmau.org%2Fauthentication%2Fregistration%3Fp%3DQS004CEGQgU6n6kKyYZRjEJ9HYbyAdJZ0GyR_Zb_n-re_69r8eQVMiCW-jrO2zyoN2tJCwKM9GVQbczJk%253dR&dt=RMA%20University&sid=1622820375&sct=1&seg=0&en=scroll&_et=528&epn.percent_scrolled=90 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Y4VK7D6DZ8&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://rmau.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 04 Jun 2021 15:26:20 GMT server Golfe2 content-type text/plain access-control-allow-origin https://rmau.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| hj object| _hjSettings object| google_tag_manager object| google_tag_data object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| Opentip boolean| firstAdapter function| mouseMoved object| mousePosition object| mousePositionObservers string| position object| vendors number| _i number| _len object| _ref function| __slice function| __indexOf function| __hasProp function| $ object| debug object| adc object| rmau function| init string| MTIProjectId function| jQuery function| DP_jQuery_1622820375457 function| SimpleWidget object| Tree object| jQuery17109041117417239632 function| redirect object| currTab object| currPage object| $mContainer function| onYouTubeIframeAPIReady string| projectId object| mtiTracking

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rmau.org/	1970-01-20 03:32:36	Name: _hjid Value: ff09b750-e1ad-4713-82be-7e93e17d25c8
			.rmau.org/	1970-01-19 18:47:02	Name: _hjFirstSeen Value: 1
			.rmau.org/	1970-01-20 12:18:12	Name: _ga Value: GA1.1.1239215306.1622820375
			.rmau.org/	1970-01-20 12:18:12	Name: _ga_Y4VK7D6DZ8 Value: GS1.1.1622820375.1.0.1622820375.0
			rmau.org/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: o9nyGyg0aLYUZsDS9YJROzI4FVzLQez89SeqFvD7J-Ri_hz5mLrl6uwseigJCt10e11y96JjFu9VMT5FywkQKmEiYcvNH6l6zhWFwf3odpw1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fast.fonts.net
rmau.org
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.google-analytics.com
www.googletagmanager.com
104.37.223.33
2606:4700::6811:e14e
2a00:1450:4001:810::2008
2a00:1450:4001:827::200e
52.222.149.85
52.222.158.52
52.222.158.87
04b501d260992c68575b1eab0895636db26c6cd1ed71cc048e4cde064421a5c2
15cd4f18bbb75c63a03ad5c6839cff1a3fa5290f32befe5b8ec65dc8a677069d
568dc3fc3c8e24c28da785d02f5a44df558bebadff7fd673853687f6957794e4
5c3c9df8b8f0a80f863c53dec5cbca7dedbdcc7697c6c6359520950774653960
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
97d7a6a99d78ef625f666a5eadb2ebc807a035af276abf045f87050e1be2761d
9ad9a17faaa46bf0639aed167a87bdbcd28c13cf2c8af93b249cd17eca55ee03
aeca936d8ddc3bfa80bd77debce6a74568537c69105e1c51dc28b16ca2140cf6
aeea10ad4cd093e7a0616d1c24c2a232253cf8f3525ff5b2f6e901deabacb09c
d8895d3c8b79c0939894128a762f49838d7d606f3a3a5f5b0b66a3fcb7cb0cb4
dfe0420d5bb714d173b4a7a5c35ded6e4fb04e08ae80eb78fbdada372612efeb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519e2ca4cdce6525f5e73deed06d96ae6c9f6cc5a769845bd4a107ed3f2f77e
f96c8aa5eadbf98b155a0627034b14b6fdced2431dcd5e383eb957e42b7b9d9e