urlscan.io logo urlscan.io
SecurityTrails logo

securityportal.rsmus.com Open in urlscan Pro
13.224.193.113  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://securityportal.rsmus.com/
Effective URL: https://securityportal.rsmus.com/landing/index.html
Submission: On January 03 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 13.224.193.113, located in United States and belongs to AMAZON-02, US. The main domain is securityportal.rsmus.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on May 15th 2020. Valid for: 2 years.
This is the only time securityportal.rsmus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 13.224.193.113 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.217.78.78 16509 (AMAZON-02)
1 13.225.82.234 16509 (AMAZON-02)
1 2 66.98.100.185 54519 (TEAM-MSN)
1 2606:4700::68... 13335 (CLOUDFLAR...)
19 7
13    13.224.193.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-113.fra2.r.cloudfront.net
securityportal.rsmus.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.217.78.78 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    13.225.82.234 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-82-234.fra2.r.cloudfront.net
cdn.auth0.com
2    66.98.100.185 (United States)

ASN54519 (TEAM-MSN, US)
www.securestate.com
1    2606:4700::6810:b9f8 (United States)

ASN13335 (CLOUDFLARENET, US)
securestate.auth0.com
Domain Requested by
13 securityportal.rsmus.com securityportal.rsmus.com
2 www.securestate.com 1 redirects
1 securestate.auth0.com securityportal.rsmus.com
1 cdn.auth0.com securityportal.rsmus.com
1 s3.amazonaws.com
1 fonts.googleapis.com securityportal.rsmus.com
1 maxcdn.bootstrapcdn.com securityportal.rsmus.com
19 7

This site contains links to these domains. Also see Links.

Domain
www.securestate.com
rsmus.com
Subject Issuer Validity Valid
*.rsmus.com
DigiCert SHA2 High Assurance Server CA		 2020-05-15 -
2022-02-10		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.auth0.com
Amazon		 2021-04-25 -
2022-05-24		 a year crt.sh
auth0.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://securityportal.rsmus.com/landing/index.html
Frame ID: A6518915A9EBEF33B071859E394FF782
Requests: 18 HTTP requests in this frame

Frame: https://securestate.auth0.com/authorize?client_id=TlHtbmulLMy1EVXnzwONQeFzCDXWtvGk&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fsecurityportal.rsmus.com%2Flanding%2Findex.html&scope=openid%20profile%20email&state=BXDwRUiCj8C-qPj1vkq6PqGGG2lMJZpA&nonce=Nyk1KR2g85wIAxoEChDbZSisMTxqmBK_&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoibG9jay5qcyIsInZlcnNpb24iOiIxMS41LjIiLCJsaWJfdmVyc2lvbiI6IjkuNC4yIn0%3D
Frame ID: B8239C64C00DC8D7BB46094B6D65678E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RSM Portal

Page URL History Show full URLs

  1. https://securityportal.rsmus.com/ Page URL
  2. https://securityportal.rsmus.com/landing/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

95 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

10166 kB
Transfer

10169 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://securityportal.rsmus.com/ Page URL
  2. https://securityportal.rsmus.com/landing/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://www.securestate.com/Templates/SecureState/images/default-hero-image.jpg?height=440&width=1920&mode=crop HTTP 301
  • https://www.securestate.com/?height=440&width=1920&mode=crop

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
securityportal.rsmus.com/ 		310 B
614 B 		Document
General
Check archive.org
Download Go to
Full URL
https://securityportal.rsmus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
content-length
310
last-modified
Tue, 27 Feb 2018 22:21:41 GMT
server
AmazonS3
date
Mon, 03 Jan 2022 21:36:16 GMT
etag
"8fd63651907fef5298d6b5b42126cfdc"
x-cache
RefreshHit from cloudfront
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
cm_g6HMENG2eVeTYKskyAxsW-rGI5YDoweF6fZKruLHNaCbTLxsnRA==
Primary Request index.html
securityportal.rsmus.com/landing/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securityportal.rsmus.com/landing/index.html
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
040eef0a369a938d1d5bcc8a00bb2f96a96f3056d2e2c0d296c3767decf2524a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityportal.rsmus.com/

Response headers

content-type
text/html
content-length
2839
last-modified
Tue, 26 Nov 2019 21:06:38 GMT
server
AmazonS3
date
Mon, 03 Jan 2022 21:36:16 GMT
etag
"b56d1c66f842b160ee15d8ebb23ffc88"
x-cache
RefreshHit from cloudfront
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
SuQA-NF4whAqqOBzDZfPtomNs-GqCB481PDiCTdBT8lFXL1fApZVZQ==
style.css
securityportal.rsmus.com/landing/css/ 		208 KB
208 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityportal.rsmus.com/landing/css/style.css
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/landing/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2f44c604e73b2946cdd062c806b72ce6190ba12bb5462775ba8f2798d1ad1e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityportal.rsmus.com/landing/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:36:17 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Thu, 18 Feb 2021 18:25:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"5cd395c4869ecd16edffcbbe9471357f"
x-cache
RefreshHit from cloudfront
content-type
text/css
content-length
212845
x-amz-cf-id
mkykzSyNKynP_It6teC2lmU3c0VhLV42XSd6bEA2KpJ_Df3vpol42w==
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/landing/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityportal.rsmus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:36:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617
age
24797996
cdn-cachedat
2021-03-11 11:58:15
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a754e168c4f0fb62e4072354b1d05890
cf-ray
6c7f5c9369802b41-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		2 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Bitter
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/landing/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
957ad0b51445cc8397e42d7d7350d9006b4aaa7e96a73e5d04b899a78175e357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityportal.rsmus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 20:01:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 03 Jan 2022 21:36:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Jan 2022 21:36:15 GMT
desc.json
securityportal.rsmus.com/landing/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityportal.rsmus.com/landing/js/desc.json
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/landing/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74bbfac037b2cd6821546977c71bbf0f9a71317d5003fa4ce77474f2967b49d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityportal.rsmus.com/landing/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:36:16 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Tue, 26 Nov 2019 21:08:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"e4e246779f58556e81eb09f530712979"
x-cache
RefreshHit from cloudfront
content-type
application/json
content-length
1215
x-amz-cf-id
u6vT2vuTeB5ZB6dgP0aw5EZIENMLw6WmvqXatMYg1YgOcc_bEouucg==
example_dashboard.json
securityportal.rsmus.com/landing/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityportal.rsmus.com/landing/js/example_dashboard.json
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/landing/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d55e22f7702007f5232f2cac9f0a0aea74399bd928e00b7a1f8ec8763062f0e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityportal.rsmus.com/landing/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:36:16 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Tue, 26 Nov 2019 21:08:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"75c5ce5ec2cc861b25325b414f53cc78"
x-cache
RefreshHit from cloudfront
content-type
application/json
content-length
36509
x-amz-cf-id
Zpixl0RYZvGYi8IriAi60mhHAfamG-4fpDl3qNRknl3qnWC_HGPcHg==
main.js
securityportal.rsmus.com/landing/js/ 		9 MB
9 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityportal.rsmus.com/landing/js/main.js
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/landing/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d0af09f1d0d546d86f1d5d82d8e7131f7ad0dbf65359e2f916cf4e915925bf8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityportal.rsmus.com/landing/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:36:17 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Thu, 18 Feb 2021 18:38:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"da2e9cc987f10c6e569e82c154ce2f5c"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
content-length
9393915
x-amz-cf-id
HHBx4qtLjuGyTMYDQ-vfCUnKbRPhWyi82lW54vPfe0o9PXpZ2QZKlA==
loading-overlay.html
securityportal.rsmus.com/landing/templates/ 		70 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securityportal.rsmus.com/landing/templates/loading-overlay.html
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/landing/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcf36cc0245b65cd8d57c3f9304e4c0fa8904c18442d696381fcdf9bfa0c2ad6

Request headers

Accept
application/json, text/plain, */*
Referer
https://securityportal.rsmus.com/landing/index.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:36:17 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Tue, 26 Nov 2019 21:06:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"ecacdc66335845c29d4bc7972b092b41"
x-cache
RefreshHit from cloudfront
content-type
text/html
content-length
70
x-amz-cf-id
h1AIXQdh20v1Apd9bkSetWdj9PoFiZUw-ik5IR6IVKIyVS7h658Nrg==
home.html
securityportal.rsmus.com/landing/views/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securityportal.rsmus.com/landing/views/home.html
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/landing/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30dd8f92abac1980f8879f7fbdea6dab4a6a235c6850747a903b092f95fe687e

Request headers

Accept
application/json, text/plain, */*
Referer
https://securityportal.rsmus.com/landing/index.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:36:17 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Tue, 26 Nov 2019 21:06:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"40df8e3764b98fc99489ca170a5d53f0"
x-cache
RefreshHit from cloudfront
content-type
text/html
content-length
1256
x-amz-cf-id
48m2rWtLQo3VF4Xt07c6txGcHMbE40YGyFpPyuOQ7lESP6wc73HVJg==
login.html
securityportal.rsmus.com/landing/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securityportal.rsmus.com/landing/login.html
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/landing/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83c16542f7412cad3943c0736fec685228c8c429741addad92508d400886b965

Request headers

Accept
application/json, text/plain, */*
Referer
https://securityportal.rsmus.com/landing/index.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:36:17 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Thu, 18 Feb 2021 18:38:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"0bcd24996b3e859f69ec25b2511de025"
x-cache
RefreshHit from cloudfront
content-type
text/html
content-length
2637
x-amz-cf-id
DF4DEC4XcoypISOG9R-gVsVdrgubqno0fIo9gxlnN9WflwwtJZ_HIg==
RSMLogo.svg
s3.amazonaws.com/portal.securestate.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/portal.securestate.com/images/RSMLogo.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.78 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
76b62a4a17501eb96d708e756e06c66db3472fb6563ba7b0bfec1bfa4d822975

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityportal.rsmus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 21:36:18 GMT
Last-Modified
Mon, 12 Feb 2018 14:48:59 GMT
Server
AmazonS3
x-amz-request-id
3YA0TCJ56TT1E2RE
ETag
"cf596fe1396a1ad3b63b1470b04dec5a"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2899
x-amz-id-2
YgZBhayTMIBCfLy1TKfCg5O3bID2pQddSvuhDQwoToZR9hhwylk7KRaJfubSa7O7liaG+9yQbCc=
TlHtbmulLMy1EVXnzwONQeFzCDXWtvGk.js
cdn.auth0.com/client/ 		441 B
865 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/client/TlHtbmulLMy1EVXnzwONQeFzCDXWtvGk.js?t1641245776696
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/landing/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.82.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-82-234.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
0e10ae7a22ccfea3d9d62293e7fbc132d2c3579b919a5b110d64917fb81a04a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityportal.rsmus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:36:17 GMT
content-encoding
gzip
vary
Accept-Encoding
x-auth0-requestid
f730e9f5923c6d09c02d
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
server
nginx
ot-tracer-sampled
true
etag
W/"1b9-yLjyPGeq1CjTB+NcZj6ZibaQNtA"
ot-tracer-traceid
6c789a8a54bfa922
strict-transport-security
max-age=31536000
content-type
application/x-javascript; charset=utf-8
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
cache-control
public, max-age=60, stale-while-revalidate=60, stale-if-error=86400
ot-baggage-auth0-request-id
2aae686639b377ea2a844555
x-amz-cf-id
6JwAHPLL0NxYQHPSG0YXqc2KNaJIJ8g6uTsV40oW41XjKUQnrqp07g==
ot-tracer-spanid
02c2367412650977
genericModal.html
securityportal.rsmus.com/landing/templates/ 		530 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securityportal.rsmus.com/landing/templates/genericModal.html
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/landing/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88f8bf663e0e00636f894110e169be69aceb69d35383c1f739fefd4a699e4d08

Request headers

Accept
application/json, text/plain, */*
Referer
https://securityportal.rsmus.com/landing/index.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:36:17 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Tue, 26 Nov 2019 21:06:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"cce949aef1f9ffbb577c75f87495e085"
x-cache
RefreshHit from cloudfront
content-type
text/html
content-length
530
x-amz-cf-id
MP_bgHbRF87O_TxTGrpKsSTNyUPZDhAnu1M01aaou6-oPQg-SVS5DA==
home_banner.jpg
securityportal.rsmus.com/landing/images/ 		585 KB
586 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityportal.rsmus.com/landing/images/home_banner.jpg?sfvrsn=0&height=900&width=1920&mode=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab3ba7adfe0d3266b019ade68a0224e9acd1c6c43babbac07357a069a27b75f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityportal.rsmus.com/landing/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:36:17 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Tue, 26 Nov 2019 21:06:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"0d62d18d8378208606b9f0e2548ccca1"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
598761
x-amz-cf-id
DETzRJ58zKAzh9ZKHzBm0K8NOJAqznjPXLL6FHoPwfLNqovjh1_RFw==
/
www.securestate.com/
Redirect Chain
  • https://www.securestate.com/Templates/SecureState/images/default-hero-image.jpg?height=440&width=1920&mode=crop
  • https://www.securestate.com/?height=440&width=1920&mode=crop
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securestate.com/?height=440&width=1920&mode=crop
Protocol
HTTP/1.1
Server
66.98.100.185 , United States, ASN54519 (TEAM-MSN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityportal.rsmus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Location
http://www.securestate.com/?height=440&width=1920&mode=crop
Date
Mon, 03 Jan 2022 21:36:16 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=500
Content-Length
275
Content-Type
text/html; charset=iso-8859-1
Prelo-Book.woff
securityportal.rsmus.com/landing/fonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://securityportal.rsmus.com/landing/fonts/Prelo-Book.woff
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/landing/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
029251fc093a6150066a34e31bd926b585e0781ed32475a2a0197cd5bd3b8009

Request headers

Referer
https://securityportal.rsmus.com/landing/css/style.css
Origin
https://securityportal.rsmus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:36:17 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Tue, 26 Nov 2019 21:06:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"6e6eab99eb813fe7b491f295b3a57bc4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
63376
x-amz-cf-id
z6yMJvXVSlSU_cGm_lCCEJZtVZWSZXFRKRkNJLMbUy3zszdKq2AFfQ==
Prelo-Medium.woff
securityportal.rsmus.com/landing/fonts/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://securityportal.rsmus.com/landing/fonts/Prelo-Medium.woff
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/landing/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21c6e518fce6759fe0474e964715603d2b51d15597dd18d08d7cff1c29741081

Request headers

Referer
https://securityportal.rsmus.com/landing/css/style.css
Origin
https://securityportal.rsmus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:36:17 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Tue, 26 Nov 2019 21:06:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"4b14447b5af2ce66b4d6ae6364bc9972"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
content-length
63888
x-amz-cf-id
yGmB2RHINNKAvwwOHKtuNhWgQlLdSurNswyoi_DYZ78DQ7jVEbe1qQ==
authorize
securestate.auth0.com/ Frame B823 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securestate.auth0.com/authorize?client_id=TlHtbmulLMy1EVXnzwONQeFzCDXWtvGk&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fsecurityportal.rsmus.com%2Flanding%2Findex.html&scope=openid%20profile%20email&state=BXDwRUiCj8C-qPj1vkq6PqGGG2lMJZpA&nonce=Nyk1KR2g85wIAxoEChDbZSisMTxqmBK_&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoibG9jay5qcyIsInZlcnNpb24iOiIxMS41LjIiLCJsaWJfdmVyc2lvbiI6IjkuNC4yIn0%3D
Requested by
Host: securityportal.rsmus.com
URL: https://securityportal.rsmus.com/landing/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c448ea4233c1ef9fd8e84f14c28a8b7c20d8ca589d259d8830b1b510a375674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityportal.rsmus.com/

Response headers

date
Mon, 03 Jan 2022 21:36:17 GMT
content-type
text/html;charset=UTF-8
cf-ray
6c7f5c9bc8394de2-FRA
cache-control
no-cache, no-store
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
6c7f5c9bc8394de2
ot-tracer-sampled
true
ot-tracer-spanid
30fb9ab90c805b97
ot-tracer-traceid
65435e29097bcf9a
pragma
no-cache
x-auth0-requestid
9d029116113490169e3d
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1641245778
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| desc object| example_dashboard function| jQuery object| angular object| AWS function| P object| Auth0 function| Color function| Chart

1 Cookies

Domain/Path Name / Value
securestate.auth0.com/ Name: did
Value: s%3Av0%3A2f1302b0-6cdd-11ec-8698-636471c53cba.Y7rUlGRZpuX8uL2D7bbJbsUMtZ%2BlbVz%2BTpEi8lG08Yw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.auth0.com
fonts.googleapis.com
maxcdn.bootstrapcdn.com
s3.amazonaws.com
securestate.auth0.com
securityportal.rsmus.com
www.securestate.com
13.224.193.113
13.225.82.234
2606:4700::6810:b9f8
2606:4700::6812:acf
2a00:1450:4001:830::200a
52.217.78.78
66.98.100.185
029251fc093a6150066a34e31bd926b585e0781ed32475a2a0197cd5bd3b8009
040eef0a369a938d1d5bcc8a00bb2f96a96f3056d2e2c0d296c3767decf2524a
0e10ae7a22ccfea3d9d62293e7fbc132d2c3579b919a5b110d64917fb81a04a0
1d0af09f1d0d546d86f1d5d82d8e7131f7ad0dbf65359e2f916cf4e915925bf8
21c6e518fce6759fe0474e964715603d2b51d15597dd18d08d7cff1c29741081
30dd8f92abac1980f8879f7fbdea6dab4a6a235c6850747a903b092f95fe687e
74bbfac037b2cd6821546977c71bbf0f9a71317d5003fa4ce77474f2967b49d4
76b62a4a17501eb96d708e756e06c66db3472fb6563ba7b0bfec1bfa4d822975
83c16542f7412cad3943c0736fec685228c8c429741addad92508d400886b965
88f8bf663e0e00636f894110e169be69aceb69d35383c1f739fefd4a699e4d08
957ad0b51445cc8397e42d7d7350d9006b4aaa7e96a73e5d04b899a78175e357
9c448ea4233c1ef9fd8e84f14c28a8b7c20d8ca589d259d8830b1b510a375674
ab3ba7adfe0d3266b019ade68a0224e9acd1c6c43babbac07357a069a27b75f7
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
c2f44c604e73b2946cdd062c806b72ce6190ba12bb5462775ba8f2798d1ad1e6
d55e22f7702007f5232f2cac9f0a0aea74399bd928e00b7a1f8ec8763062f0e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fcf36cc0245b65cd8d57c3f9304e4c0fa8904c18442d696381fcdf9bfa0c2ad6