login.tst.railinc.com Open in urlscan Pro
76.223.106.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rmc-exercise.tst.railinc.com/
Effective URL:
https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa1npgqjkdDlJZtB0h8&code_challenge=MUD_TeC7r...
Submission: On January 04 via api (January 4th 2024, 10:20:39 pm UTC) from US — Scanned from US

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 14 HTTP transactions. The main IP is 76.223.106.183, located in United States and belongs to AMAZON-02, US. The main domain is login.tst.railinc.com.
TLS certificate: Issued by Thawte TLS RSA CA G1 on November 2nd 2023. Valid for: a year.

This is the only time login.tst.railinc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	108.139.29.129 108.139.29.129	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:e2:... 2606:4700:e2::ac40:8d0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
4	76.223.106.183 76.223.106.183	16509 (AMAZON-02) (AMAZON-02)
1	13.35.93.34 13.35.93.34	16509 (AMAZON-02) (AMAZON-02)
14	5

6 108.139.29.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-129.jfk50.r.cloudfront.net

rmc-exercise.tst.railinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8d0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.106.183 (United States)

ASN16509 (AMAZON-02, US)
PTR: a9dcaea81ce6d4aa6.awsglobalaccelerator.com

login.tst.railinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.93.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-34.jfk50.r.cloudfront.net

op1static.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	railinc.com rmc-exercise.tst.railinc.com login.tst.railinc.com	4 MB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1888	12 KB
1	oktacdn.com op1static.oktacdn.com — Cisco Umbrella Rank: 89997	3 KB
1	gstatic.com fonts.gstatic.com	11 KB
14	4

	Domain	Requested by
6	rmc-exercise.tst.railinc.com	rmc-exercise.tst.railinc.com
4	login.tst.railinc.com	rmc-exercise.tst.railinc.com login.tst.railinc.com
2	use.fontawesome.com	rmc-exercise.tst.railinc.com
1	op1static.oktacdn.com	login.tst.railinc.com
1	fonts.gstatic.com	rmc-exercise.tst.railinc.com
14	5

This site contains no links.

Subject Issuer	Validity	Valid
*.rmc-exercise.tst.railinc.com Amazon RSA 2048 M03	`2024-01-04` - `2025-02-01`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
login.tst.railinc.com Thawte TLS RSA CA G1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-15` - `2025-01-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa1npgqjkdDlJZtB0h8&code_challenge=MUD_TeC7rhkp8A9gOWrMY_6jnIyGTChTT76su-w6PFc&code_challenge_method=S256&nonce=EjOMKkHGvM2DarhYu4crRcc07W892wXAGsNEKduHfjRG2tuUwRghCMkeDAkFEUNy&redirect_uri=https%3A%2F%2Frmc-exercise.tst.railinc.com%2F&response_type=code&state=otwB7anlXpbb5xwc7Ouwy3F2EHxD07xy3x4TPHqexMNT1XW6K1f2KsMgt9twVF0R&scope=openid%20profile%20email
Frame ID: C04F3B24B8445EA6DF2F880869D05053
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

test-ssorailinc - Bad Request

Page URL History Show full URLs

https://rmc-exercise.tst.railinc.com/ Page URL
https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa1npgqjkdDlJZtB0h8&code... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

14
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

4582 kB
Transfer

4611 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rmc-exercise.tst.railinc.com/ Page URL
https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa1npgqjkdDlJZtB0h8&code_challenge=MUD_TeC7rhkp8A9gOWrMY_6jnIyGTChTT76su-w6PFc&code_challenge_method=S256&nonce=EjOMKkHGvM2DarhYu4crRcc07W892wXAGsNEKduHfjRG2tuUwRghCMkeDAkFEUNy&redirect_uri=https%3A%2F%2Frmc-exercise.tst.railinc.com%2F&response_type=code&state=otwB7anlXpbb5xwc7Ouwy3F2EHxD07xy3x4TPHqexMNT1XW6K1f2KsMgt9twVF0R&scope=openid%20profile%20email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
rmc-exercise.tst.railinc.com/ 21 KB
21 KB 358ms
73ms Document
text/html 108.139.29.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rmc-exercise.tst.railinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-129.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3bdcf28692197d9230c4a252be0715de082deef8bd6bdf768b90cdaf81bd166

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 16269
content-length: 21590
content-type: text/html
date: Thu, 04 Jan 2024 17:49:24 GMT
etag: "435478e16730d8dfec3066a32543e898"
last-modified: Mon, 11 Dec 2023 16:40:13 GMT
server: AmazonS3
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-id: wDYLmEh-Csxu-KAysIVtOX9UlC6SbnDyVSv-L2vauZe6Qe6BUq1l_w==
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: UiC3RRbSkATQJWmIK.WxI937SKk6fk1K
x-cache: Hit from cloudfront

GET
H2 200 solid.css
use.fontawesome.com/releases/v5.7.1/css/ 482 B
530 B 254ms
182ms Stylesheet
text/css 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.1/css/solid.css
Requested by: Host: rmc-exercise.tst.railinc.com
URL: https://rmc-exercise.tst.railinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8b0e1996e25c33251177670f2174ac0abd650eed0843e65ecb0509fcbcddeea

Request headers

Referer: https://rmc-exercise.tst.railinc.com/
Origin: https://rmc-exercise.tst.railinc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:20:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"372b31365ea9367753d9137e8a9e934e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7j1%2F5AIke4UkK4emQwqgXCSx83kwtdJrzh7I0V8hxZtNaL6GIHgmPznwVGuA1Ugm0LPKGbrp2TWfq%2B78oRB775CZPSMPsEFymVwmuJbrFBs6VmNg%2Boict4DIce81XQ27P1vq9HPEcy%2FPd3iS4Ay9F9u8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8406de982ad30291-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fontawesome.css
use.fontawesome.com/releases/v5.7.1/css/ 52 KB
12 KB 233ms
162ms Stylesheet
text/css 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.1/css/fontawesome.css
Requested by: Host: rmc-exercise.tst.railinc.com
URL: https://rmc-exercise.tst.railinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38061a3f942f842cd10b5be71cf71210f0705da370d479992ba07ba480de492b

Request headers

Referer: https://rmc-exercise.tst.railinc.com/
Origin: https://rmc-exercise.tst.railinc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:20:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"761f47f35799f23c7596e6c82c8ce6e9"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nS31joHYGNGbserITqaMwJm9JwhTkNXczwcPmUTWypz%2BMb2LOTqF6gxvJHbkw3RRzINwpD5mzPziL0Q9l4etKVci95YsgnSfieEHlD8ESGXX3AMuSqgFfNHrVzPX40sqwmBk7iWWD2KJW0yDQ2siMZ0B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8406de982acf0291-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 styles.7976472bb2d8affe.css
rmc-exercise.tst.railinc.com/ 768 KB
769 KB 780ms
778ms Stylesheet
text/css 108.139.29.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rmc-exercise.tst.railinc.com/styles.7976472bb2d8affe.css
Requested by: Host: rmc-exercise.tst.railinc.com
URL: https://rmc-exercise.tst.railinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-129.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 438a4eb214e23f1f279143e07ffe202234a70eeff1e1583b969a31edf0aad6a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rmc-exercise.tst.railinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:20:35 GMT
x-amz-version-id: eFGYfd18AFU.YfWooTmYJEBrhxgoscnx
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 16:40:13 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
etag: "bf3ebb9026950979fa81311df161b392"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 786617
x-amz-cf-id: jChdLqxkMAZ_RXJhh22JmOrvd0LnYiKMF_Vx0-tAYMyqKcyIGZQ43Q==

GET
H2 200 main.7976472bb2d8affe.css
rmc-exercise.tst.railinc.com/ 768 KB
769 KB 499ms
498ms Stylesheet
text/css 108.139.29.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rmc-exercise.tst.railinc.com/main.7976472bb2d8affe.css
Requested by: Host: rmc-exercise.tst.railinc.com
URL: https://rmc-exercise.tst.railinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-129.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 438a4eb214e23f1f279143e07ffe202234a70eeff1e1583b969a31edf0aad6a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rmc-exercise.tst.railinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:20:35 GMT
x-amz-version-id: fMEnW54RRK5q7KGsz_8H9U7Cu9UE6OV7
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 16:40:13 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
etag: "bf3ebb9026950979fa81311df161b392"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 786617
x-amz-cf-id: qYJyNRsS2EUKro_bU7F1EuPda4emJxn5q5uoU07c1juvc-01oOskRg==

GET
H2 200 runtime.fd268df891c35960.js Show response
rmc-exercise.tst.railinc.com/ 3 KB
4 KB 589ms
588ms Script
application/javascript 108.139.29.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rmc-exercise.tst.railinc.com/runtime.fd268df891c35960.js
Requested by: Host: rmc-exercise.tst.railinc.com
URL: https://rmc-exercise.tst.railinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-129.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 008df7a1d215da24dd97ea0f7ed7c7b25de33e216bd80f9a858f691b2e9ec6c1

Request headers

Referer: https://rmc-exercise.tst.railinc.com/
Origin: https://rmc-exercise.tst.railinc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:20:35 GMT
x-amz-version-id: 7SagokoznhikQ3TObDUb7j8XV9Z5y5tc
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 16:40:13 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
etag: "f5ac69d2e8edf1eef09b34eb3680cc0e"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3540
x-amz-cf-id: qzPdg5_pHIRKZfuLpRHRjD846HJ7LvwgXDdcVL5MgmzUPF1Bf0TsIg==

GET
H2 200 polyfills.f586452d5647e7ef.js Show response
rmc-exercise.tst.railinc.com/ 33 KB
34 KB 759ms
759ms Script
application/javascript 108.139.29.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rmc-exercise.tst.railinc.com/polyfills.f586452d5647e7ef.js
Requested by: Host: rmc-exercise.tst.railinc.com
URL: https://rmc-exercise.tst.railinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-129.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05cd936107680bd68986d036f542c9d2e9f9947764b4b06309065c329b0c860e

Request headers

Referer: https://rmc-exercise.tst.railinc.com/
Origin: https://rmc-exercise.tst.railinc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:20:35 GMT
x-amz-version-id: dOed.Y4rhGPIbCHYzh2UlZ5hJXNN6.dh
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 16:40:13 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
etag: "b22055f9e6f25163ab4b402743d97cb6"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 33921
x-amz-cf-id: 5sI4eEXwbOfTyCIJ-jlTkXYdnK6bOFc2z_SXzq9geoSvVZHVh_uEsg==

GET
H2 200 main.183e69cd59202f16.js Show response
rmc-exercise.tst.railinc.com/ 3 MB
3 MB 762ms
761ms Script
application/javascript 108.139.29.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rmc-exercise.tst.railinc.com/main.183e69cd59202f16.js
Requested by: Host: rmc-exercise.tst.railinc.com
URL: https://rmc-exercise.tst.railinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-129.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d42a3f09a5fbe31d588526eb1a779ca3a8e3dcf9cd4d9dc4c8cc7260303b6a2d

Request headers

Referer: https://rmc-exercise.tst.railinc.com/
Origin: https://rmc-exercise.tst.railinc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:20:35 GMT
x-amz-version-id: vIr7NusjdZHrCouCs7NJjqUVrAIB2BGw
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 16:40:13 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
etag: "d7e95f9b706dd21b4839165102ed0d88"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3014675
x-amz-cf-id: F_4YtdxRD64zRG-HX-qJLckCjwTQFugTU4tcLucg-JIiV_a6BeezbA==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 212ms
67ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: rmc-exercise.tst.railinc.com
URL: https://rmc-exercise.tst.railinc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rmc-exercise.tst.railinc.com/
Origin: https://rmc-exercise.tst.railinc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:47:01 GMT
x-content-type-options: nosniff
age: 149613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 04:47:01 GMT

GET
H/1.1 200
OK openid-configuration Show response
login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/.well-known/ 2 KB
4 KB 80ms
80ms Fetch
application/json 76.223.106.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/.well-known/openid-configuration

Requested by

Host: rmc-exercise.tst.railinc.com
URL: https://rmc-exercise.tst.railinc.com/polyfills.f586452d5647e7ef.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.106.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9dcaea81ce6d4aa6.awsglobalaccelerator.com

Software

nginx /

Resource Hash

67346423adfb5ff4900e77d6f9f8bc28bde04960ce657bda32ce6adc61a720b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://rmc-exercise.tst.railinc.com/
X-Okta-User-Agent-Extended: okta-auth-js/6.9.0 @okta/okta-angular/5.3.0 Angular/13.4.0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

X-Okta-Request-Id: ZZcvM_kW1umEDXQI4tX8wwAACmU
Date: Thu, 04 Jan 2024 22:20:35 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' test-ssorailinc.oktapreview.com login.tst.railinc.com *.oktacdn.com; connect-src 'self' test-ssorailinc.oktapreview.com test-ssorailinc-admin.oktapreview.com login.tst.railinc.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.oktapreview.com test-ssorailinc.kerberos.oktapreview.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' test-ssorailinc.oktapreview.com login.tst.railinc.com *.oktacdn.com; style-src 'unsafe-inline' 'self' test-ssorailinc.oktapreview.com login.tst.railinc.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' test-ssorailinc.oktapreview.com test-ssorailinc-admin.oktapreview.com login.tst.railinc.com login.okta.com; img-src 'self' test-ssorailinc.oktapreview.com login.tst.railinc.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' test-ssorailinc.oktapreview.com login.tst.railinc.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
Server: nginx
accept-ch: Sec-CH-UA-Platform-Version
vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://rmc-exercise.tst.railinc.com
cache-control: max-age=86400, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5, max=99
expires: Fri, 05 Jan 2024 22:20:35 GMT

OPTIONS
H/1.1 200
OK openid-configuration
login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/.well-known/ 0
0 482ms
65ms Preflight
application/octet-stream 76.223.106.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/.well-known/openid-configuration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.106.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9dcaea81ce6d4aa6.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://rmc-exercise.tst.railinc.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-okta-user-agent-extended
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://rmc-exercise.tst.railinc.com
Access-Control-Max-Age: 3600
Connection: Keep-Alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Thu, 04 Jan 2024 22:20:35 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Vary: Origin
X-Okta-Request-Id: ZZcvM_kW1umEDXQI4tX8wgAACmU

GET
H/1.1 400
Bad Request Primary Request authorize Show response
login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/ 3 KB
4 KB 224ms
128ms Document
text/html 76.223.106.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa1npgqjkdDlJZtB0h8&code_challenge=MUD_TeC7rhkp8A9gOWrMY_6jnIyGTChTT76su-w6PFc&code_challenge_method=S256&nonce=EjOMKkHGvM2DarhYu4crRcc07W892wXAGsNEKduHfjRG2tuUwRghCMkeDAkFEUNy&redirect_uri=https%3A%2F%2Frmc-exercise.tst.railinc.com%2F&response_type=code&state=otwB7anlXpbb5xwc7Ouwy3F2EHxD07xy3x4TPHqexMNT1XW6K1f2KsMgt9twVF0R&scope=openid%20profile%20email

Requested by

Host: rmc-exercise.tst.railinc.com
URL: https://rmc-exercise.tst.railinc.com/main.183e69cd59202f16.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.106.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9dcaea81ce6d4aa6.awsglobalaccelerator.com

Software

nginx /

Resource Hash

b3a8e2790814dcaef0cb40595d5f3069fc9088351acc93100232741aea977a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rmc-exercise.tst.railinc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: close
Content-Length: 2672
Content-Type: text/html;charset=utf-8
Date: Thu, 04 Jan 2024 22:20:35 GMT
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
accept-ch: Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store
content-language: en
expires: 0
p3p: CP="HONK"
pragma: no-cache
referrer-policy: no-referrer
x-content-type-options: nosniff
x-okta-request-id: ZZcvMw0zevQaXUiz7rihWAAABGo
x-rate-limit-limit: 1200
x-rate-limit-remaining: 1199
x-rate-limit-reset: 1704406895
x-xss-protection: 0

GET
H/1.1 200
OK errors-v2.css
login.tst.railinc.com/assets/css/sections/ 2 KB
1 KB 227ms
129ms Stylesheet
text/css 76.223.106.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.tst.railinc.com/assets/css/sections/errors-v2.css

Requested by

Host: login.tst.railinc.com
URL: https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa1npgqjkdDlJZtB0h8&code_challenge=MUD_TeC7rhkp8A9gOWrMY_6jnIyGTChTT76su-w6PFc&code_challenge_method=S256&nonce=EjOMKkHGvM2DarhYu4crRcc07W892wXAGsNEKduHfjRG2tuUwRghCMkeDAkFEUNy&redirect_uri=https%3A%2F%2Frmc-exercise.tst.railinc.com%2F&response_type=code&state=otwB7anlXpbb5xwc7Ouwy3F2EHxD07xy3x4TPHqexMNT1XW6K1f2KsMgt9twVF0R&scope=openid%20profile%20email

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.106.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9dcaea81ce6d4aa6.awsglobalaccelerator.com

Software

nginx /

Resource Hash

07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 22:20:36 GMT
x-amz-meta-sha1sum: a0af4ecf251187b0203ff095d16f850cc57a38c1
Content-Encoding: gzip
Strict-Transport-Security: max-age=315360000; includeSubDomains
Last-Modified: Thu, 27 Oct 2022 02:12:48 GMT
Server: nginx
ETag: W/"80127ba5c47706686501006723ba83da"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Fri, 03 Jan 2025 22:20:36 GMT

GET
H2 200 fs01nl8e2a12yYnWa0h8
op1static.oktacdn.com/fs/bco/1/ 3 KB
3 KB 229ms
62ms Image
image/png 13.35.93.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://op1static.oktacdn.com/fs/bco/1/fs01nl8e2a12yYnWa0h8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.93.34 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-93-34.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

770ed0f7bbac90a14bd5f03d5f5d02708911d86ac38eb0b336c722395373567c

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 15:32:54 GMT
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 774fddee085016d16b500fd9201faeb2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 802062
x-cache: Hit from cloudfront
content-length: 2712
last-modified: Fri, 12 May 2023 12:07:59 GMT
server: nginx
etag: "e96cafd17932dc6f15f290dec46acd4a"
public-key-pins-report-only: pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: DvvcdGAboPjqQhtXHPJripAhfQ83aii1BRuqU3Jz1m_ppMj2UCi3sg==
expires: Wed, 25 Dec 2024 15:32:54 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rmc-exercise.tst.railinc.com/	1969-12-31 23:59:59	Name: okta-oauth-redirect-params Value: {%22responseType%22:%22code%22%2C%22state%22:%22otwB7anlXpbb5xwc7Ouwy3F2EHxD07xy3x4TPHqexMNT1XW6K1f2KsMgt9twVF0R%22%2C%22nonce%22:%22EjOMKkHGvM2DarhYu4crRcc07W892wXAGsNEKduHfjRG2tuUwRghCMkeDAkFEUNy%22%2C%22scopes%22:[%22openid%22%2C%22profile%22%2C%22email%22]%2C%22clientId%22:%220oa1npgqjkdDlJZtB0h8%22%2C%22urls%22:{%22issuer%22:%22https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8%22%2C%22authorizeUrl%22:%22https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize%22%2C%22userinfoUrl%22:%22https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/userinfo%22%2C%22tokenUrl%22:%22https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/token%22%2C%22revokeUrl%22:%22https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/revoke%22%2C%22logoutUrl%22:%22https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/logout%22}%2C%22ignoreSignature%22:false}
rmc-exercise.tst.railinc.com/	1969-12-31 23:59:59	Name: okta-oauth-nonce Value: EjOMKkHGvM2DarhYu4crRcc07W892wXAGsNEKduHfjRG2tuUwRghCMkeDAkFEUNy
rmc-exercise.tst.railinc.com/	1969-12-31 23:59:59	Name: okta-oauth-state Value: otwB7anlXpbb5xwc7Ouwy3F2EHxD07xy3x4TPHqexMNT1XW6K1f2KsMgt9twVF0R
login.tst.railinc.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 005D133EB9535095B83FB0C33CA20AAB
login.tst.railinc.com/	1969-12-31 23:59:59	Name: t Value: default
login.tst.railinc.com/	1970-01-21 03:02:46	Name: DT Value: DI17ZgWVictTzGABu3C0GY2Pw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login.tst.railinc.com/oauth2/aus12zufha8mnHjf00h8/v1/authorize?client_id=0oa1npgqjkdDlJZtB0h8&code_challenge=MUD_TeC7rhkp8A9gOWrMY_6jnIyGTChTT76su-w6PFc&code_challenge_method=S256&nonce=EjOMKkHGvM2DarhYu4crRcc07W892wXAGsNEKduHfjRG2tuUwRghCMkeDAkFEUNy&redirect_uri=https%3A%2F%2Frmc-exercise.tst.railinc.com%2F&response_type=code&state=otwB7anlXpbb5xwc7Ouwy3F2EHxD07xy3x4TPHqexMNT1XW6K1f2KsMgt9twVF0R&scope=openid%20profile%20email Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
login.tst.railinc.com
op1static.oktacdn.com
rmc-exercise.tst.railinc.com
use.fontawesome.com
108.139.29.129
13.35.93.34
2606:4700:e2::ac40:8d0d
2607:f8b0:4006:81d::2003
76.223.106.183
008df7a1d215da24dd97ea0f7ed7c7b25de33e216bd80f9a858f691b2e9ec6c1
05cd936107680bd68986d036f542c9d2e9f9947764b4b06309065c329b0c860e
07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1
38061a3f942f842cd10b5be71cf71210f0705da370d479992ba07ba480de492b
438a4eb214e23f1f279143e07ffe202234a70eeff1e1583b969a31edf0aad6a9
67346423adfb5ff4900e77d6f9f8bc28bde04960ce657bda32ce6adc61a720b3
770ed0f7bbac90a14bd5f03d5f5d02708911d86ac38eb0b336c722395373567c
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
b3a8e2790814dcaef0cb40595d5f3069fc9088351acc93100232741aea977a38
d42a3f09a5fbe31d588526eb1a779ca3a8e3dcf9cd4d9dc4c8cc7260303b6a2d
d8b0e1996e25c33251177670f2174ac0abd650eed0843e65ecb0509fcbcddeea
f3bdcf28692197d9230c4a252be0715de082deef8bd6bdf768b90cdaf81bd166

login.tst.railinc.com Open in urlscan Pro 76.223.106.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

40 %IPv6

4 Domains

5 Subdomains

5 IPs

1 Countries

4582 kBTransfer

4611 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

6 Cookies

1 Console Messages

Indicators

login.tst.railinc.com Open in urlscan Pro
76.223.106.183 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

4582 kB
Transfer

4611 kB
Size

6
Cookies

14 HTTP transactions
0 data transactions