account.rushmoreservicing.com Open in urlscan Pro
2620:1ec:46::45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.rushmoreservicing.com/
Effective URL:
https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/oauth2/v2.0/authorize?p=B2C_1A_SignUpOrSignIn&client_id=4ed...
Submission: On December 05 via manual (December 5th 2023, 9:55:45 pm UTC) from US — Scanned from DE

Summary HTTP 39 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 39 HTTP transactions. The main IP is 2620:1ec:46::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is account.rushmoreservicing.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on November 2nd 2023. Valid for: 6 months.

This is the only time account.rushmoreservicing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	2606:4700:440... 2606:4700:4400::ac40:9696	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.38.122.68 20.38.122.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::201b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.95.121 65.9.95.121	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	146.75.118.109 146.75.118.109	54113 (FASTLY) (FASTLY)
1	54.231.136.64 54.231.136.64	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	13.69.106.211 13.69.106.211	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.95.91 65.9.95.91	16509 (AMAZON-02) (AMAZON-02)
39	18

3 2606:4700:4400::ac40:9696 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.rushmoreservicing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

account.rushmoreservicing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.38.122.68 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rshb2cprodstg.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-121.prg50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.136.64 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.211 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-91.prg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	22 KB
8	rushmoreservicing.com 3 redirects www.rushmoreservicing.com account.rushmoreservicing.com	275 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6765	669 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	669 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 storage.googleapis.com — Cisco Umbrella Rank: 287	8 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 786	281 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	gstatic.com fonts.gstatic.com	65 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	205 KB
1	amazonaws.com s3.amazonaws.com	659 B
1	vimeocdn.com extend.vimeocdn.com — Cisco Umbrella Rank: 9893	6 KB
1	windows.net rshb2cprodstg.blob.core.windows.net	432 KB
39	14

	Domain	Requested by
7	www.google-analytics.com	www.googletagmanager.com account.rushmoreservicing.com
5	account.rushmoreservicing.com	account.rushmoreservicing.com
3	www.google.de
3	www.google.com
3	bat.bing.com	account.rushmoreservicing.com bat.bing.com
3	www.rushmoreservicing.com	3 redirects
2	stats.g.doubleclick.net	account.rushmoreservicing.com
2	dc.services.visualstudio.com	account.rushmoreservicing.com
2	fonts.gstatic.com	fonts.googleapis.com
2	storage.googleapis.com	account.rushmoreservicing.com
2	www.googletagmanager.com	account.rushmoreservicing.com www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	s3.amazonaws.com	account.rushmoreservicing.com
1	extend.vimeocdn.com	www.googletagmanager.com
1	static.hotjar.com	account.rushmoreservicing.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	fonts.googleapis.com	account.rushmoreservicing.com
1	rshb2cprodstg.blob.core.windows.net	account.rushmoreservicing.com
39	19

This site contains links to these domains. Also see Links.

Domain
incident.mrcooperinfo.com
www.rushmoreservicing.com
www.nmlsconsumeraccess.org

Subject Issuer	Validity	Valid
account.rushmoreservicing.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-11-02` - `2024-05-02`	6 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-09-27` - `2024-09-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-22` - `2024-12-23`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
in.applicationinsights.azure.com Microsoft Azure RSA TLS Issuing CA 07	`2023-09-02` - `2024-08-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/oauth2/v2.0/authorize?p=B2C_1A_SignUpOrSignIn&client_id=4ed299de-39a8-4c1b-a4ba-dc2ee4383b02&nonce=defaultNonce&redirect_uri=https://www.rushmoreservicing.com/sessions/login&scope=openid&response_type=id_token&response_mode=form_post&pageName=&session_id=9b57d7d417682c55f1679c3a124258b5&guid=&ga_client_id=&&getCustomer=no&state={%22redirect%22:null}&x-client-SKU=apollo-accounts-rsh-prod
Frame ID: EA1371EDADA09AE35E7689128C7FB07E
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mortgage Account Login, Sign In | Rushmore ServicingLine + Line Copy

Page URL History Show full URLs

https://www.rushmoreservicing.com/ HTTP 301
https://www.rushmoreservicing.com/logout?existing_login=true HTTP 302
https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/oauth2/logout?sta... Page URL
https://www.rushmoreservicing.com/signin?state=%7b%22redirect%22%3anull%7d HTTP 302
https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/oauth2/v2.0/authorize?p=B2C_1A_SignUpOr... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

100 %
HTTPS

68 %
IPv6

14
Domains

19
Subdomains

18
IPs

4
Countries

1088 kB
Transfer

1839 kB
Size

25
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://incident.mrcooperinfo.com/
Title: click here

Search URL Search Domain Scan URL

URL: https://www.rushmoreservicing.com/

Search URL Search Domain Scan URL

URL: https://www.rushmoreservicing.com/accounts/forgot_username
Title: Forgot your username?

Search URL Search Domain Scan URL

URL: http://www.nmlsconsumeraccess.org/
Title: (www.nmlsconsumeraccess.org).

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.rushmoreservicing.com/ HTTP 301
https://www.rushmoreservicing.com/logout?existing_login=true HTTP 302
https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/oauth2/logout?state={%22redirect%22:null}&post_logout_redirect_uri=https://www.rushmoreservicing.com/signin Page URL
https://www.rushmoreservicing.com/signin?state=%7b%22redirect%22%3anull%7d HTTP 302
https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/oauth2/v2.0/authorize?p=B2C_1A_SignUpOrSignIn&client_id=4ed299de-39a8-4c1b-a4ba-dc2ee4383b02&nonce=defaultNonce&redirect_uri=https://www.rushmoreservicing.com/sessions/login&scope=openid&response_type=id_token&response_mode=form_post&pageName=&session_id=9b57d7d417682c55f1679c3a124258b5&guid=&ga_client_id=&&getCustomer=no&state={%22redirect%22:null}&x-client-SKU=apollo-accounts-rsh-prod Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.rushmoreservicing.com/ HTTP 301
https://www.rushmoreservicing.com/logout?existing_login=true HTTP 302
https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/oauth2/logout?state={%22redirect%22:null}&post_logout_redirect_uri=https://www.rushmoreservicing.com/signin

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

logout Show response
account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/oauth2/
Redirect Chain

https://www.rushmoreservicing.com/
https://www.rushmoreservicing.com/logout?existing_login=true
https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/oauth2/logout?state={%22redirect%22:null}&post_logout_redirect_uri=https://www.rushmoreservicing.com...

4 KB
4 KB

589ms
519ms

Document
text/html

2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/oauth2/logout?state={%22redirect%22:null}&post_logout_redirect_uri=https://www.rushmoreservicing.com/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5a71131699191f7571667937a18c8a0513d4d7d79840b5256181b1e27709a722

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'self' 'nonce-gjBtmdtGyFZPDtMLpUtCxw==' 'report-sample'; report-uri /rushmoreprod.onmicrosoft.com/B2C_1A_SignUpOrSignIn/client/cspreport?p=B2C_1A_SignUpOrSignIn
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
allow: OPTIONS TRACE GET HEAD POST
cache-control: no-store, must-revalidate, no-cache
content-length: 3634
content-security-policy: script-src 'strict-dynamic' 'self' 'nonce-gjBtmdtGyFZPDtMLpUtCxw==' 'report-sample'; report-uri /rushmoreprod.onmicrosoft.com/B2C_1A_SignUpOrSignIn/client/cspreport?p=B2C_1A_SignUpOrSignIn
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 21:55:39 GMT
expires: -1
public: OPTIONS,TRACE,GET,HEAD,POST
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref: 20231205T215539Z-3043m073tp4rx1nra8ayyk7egw0000000fkg00000001vgzx
x-build: 1.1.10.0
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ms-gateway-requestid: 78f8dba1-0c50-48b3-9c91-b39818b6b8c5
x-request-id: 197cd524-1538-4e74-9c9a-077b8784ada7
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 830f88d89a6b1cbf-FRA
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 21:55:39 GMT
location: https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/oauth2/logout?state={"redirect":null}&post_logout_redirect_uri=https://www.rushmoreservicing.com/signin
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: d0bcc04d-0e35-4f08-b5e4-08c2102d6786
x-runtime: 0.069130
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.5.1.min.js
account.rushmoreservicing.com/static/library/ 87 KB
88 KB 647ms
647ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://account.rushmoreservicing.com/static/library/jquery-3.5.1.min.js?slice=001-000&dc=SAN

Requested by

Host: account.rushmoreservicing.com
URL: https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/oauth2/logout?state={%22redirect%22:null}&post_logout_redirect_uri=https://www.rushmoreservicing.com/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/oauth2/logout?state={%22redirect%22:null}&post_logout_redirect_uri=https://www.rushmoreservicing.com/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:55:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2023 10:04:30 GMT
etag: "0b1947e221da1:0"
access-control-max-age: 3600
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
x-frame-options: DENY
x-azure-ref: 20231205T215539Z-3043m073tp4rx1nra8ayyk7egw0000000fkg00000001vh1d
accept-ranges: bytes
content-length: 89476
x-xss-protection: 1; mode=block

POST
H2 200 cspreport
account.rushmoreservicing.com/rushmoreprod.onmicrosoft.com/B2C_1A_SignUpOrSignIn/client/ 31 KB
31 KB 510ms
510ms Other
text/html 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://account.rushmoreservicing.com/rushmoreprod.onmicrosoft.com/B2C_1A_SignUpOrSignIn/client/cspreport?p=B2C_1A_SignUpOrSignIn

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

69c4e6d20862a6ceabf1c5ddeb722c7e546ac062a7e1b87116f9b31b8eadac14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/oauth2/logout?state={%22redirect%22:null}&post_logout_redirect_uri=https://www.rushmoreservicing.com/signin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

x-build: 1.1.10.0
date: Tue, 05 Dec 2023 21:55:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
public: OPTIONS,TRACE,GET,HEAD,POST
x-ms-gateway-requestid: eae598fa-3feb-4adb-aee6-0a3bf3a082e9
content-length: 31534
x-xss-protection: 1; mode=block
x-request-id: eaa988a4-6d88-42e0-aa3d-d1d5a753e8cf
x-ua-compatible: IE=edge
x-frame-options: DENY
allow: OPTIONS, TRACE, GET, HEAD, POST
content-type: text/html; charset=utf-8
x-azure-ref: 20231205T215539Z-3043m073tp4rx1nra8ayyk7egw0000000fkg00000001vh1f
cache-control: no-store, must-revalidate, no-cache, private
accept-ranges: bytes
expires: -1

GET
H2

200

Primary Request authorize Show response
account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/oauth2/v2.0/
Redirect Chain

https://www.rushmoreservicing.com/signin?state=%7b%22redirect%22%3anull%7d
https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/oauth2/v2.0/authorize?p=B2C_1A_SignUpOrSignIn&client_id=4ed299de-39a8-4c1b-a4ba-dc2ee4383b02&nonce=defaultNonce&redirect_u...

147 KB
149 KB

621ms
621ms

Document
text/html

2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/oauth2/v2.0/authorize?p=B2C_1A_SignUpOrSignIn&client_id=4ed299de-39a8-4c1b-a4ba-dc2ee4383b02&nonce=defaultNonce&redirect_uri=https://www.rushmoreservicing.com/sessions/login&scope=openid&response_type=id_token&response_mode=form_post&pageName=&session_id=9b57d7d417682c55f1679c3a124258b5&guid=&ga_client_id=&&getCustomer=no&state={%22redirect%22:null}&x-client-SKU=apollo-accounts-rsh-prod

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d846ffb64c121e40d1cb2594c589a93c2aa278d2b4f4da2efd470e9f72204965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/oauth2/logout?state={%22redirect%22:null}&post_logout_redirect_uri=https://www.rushmoreservicing.com/signin
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
allow: OPTIONS TRACE GET HEAD POST
cache-control: no-store, must-revalidate, no-cache
content-length: 150448
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 21:55:41 GMT
expires: -1
public: OPTIONS,TRACE,GET,HEAD,POST
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref: 20231205T215540Z-3043m073tp4rx1nra8ayyk7egw0000000fkg00000001vh4e
x-build: 1.1.10.0
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-frame-options: DENY
x-ms-gateway-requestid: e521b17f-0e9b-45ee-a5f9-a5e6f1e5f996
x-request-id: 91565884-1d6e-43ba-9898-acdbed0484d5
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 830f88e1dd7a1cbf-FRA
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 21:55:40 GMT
location: https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/oauth2/v2.0/authorize?p=B2C_1A_SignUpOrSignIn&client_id=4ed299de-39a8-4c1b-a4ba-dc2ee4383b02&nonce=defaultNonce&redirect_uri=https://www.rushmoreservicing.com/sessions/login&scope=openid&response_type=id_token&response_mode=form_post&pageName=&session_id=9b57d7d417682c55f1679c3a124258b5&guid=&ga_client_id=&&getCustomer=no&state={"redirect":null}&x-client-SKU=apollo-accounts-rsh-prod
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: ba06b61a-865a-4779-bfb7-1e12e79399dc
x-runtime: 0.063605
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK index.html Show response
rshb2cprodstg.blob.core.windows.net/identity-ux/signin/ 432 KB
432 KB 575ms
133ms XHR
text/html 20.38.122.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://rshb2cprodstg.blob.core.windows.net/identity-ux/signin/index.html
Requested by: Host: account.rushmoreservicing.com
URL: https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/oauth2/v2.0/authorize?p=B2C_1A_SignUpOrSignIn&client_id=4ed299de-39a8-4c1b-a4ba-dc2ee4383b02&nonce=defaultNonce&redirect_uri=https://www.rushmoreservicing.com/sessions/login&scope=openid&response_type=id_token&response_mode=form_post&pageName=&session_id=9b57d7d417682c55f1679c3a124258b5&guid=&ga_client_id=&&getCustomer=no&state={%22redirect%22:null}&x-client-SKU=apollo-accounts-rsh-prod
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.38.122.68 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 08e948f51a803580e6745b7ce06d3761a37e04d208f2364a066a97656ab41baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 05 Dec 2023 21:55:41 GMT
Last-Modified: Thu, 26 Oct 2023 19:44:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 4V7+HdrwEKMtfq8urc9a9w==
ETag: "0x8DBD65BF94AA63B"
Content-Type: text/html
Access-Control-Allow-Origin: *
x-ms-request-id: f73c17a2-201e-00b6-23c5-27e3cd000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 442098
x-ms-lease-state: available

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,700;0,900;1,400;1,900&display=swap

Requested by

Host: account.rushmoreservicing.com
URL: https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/oauth2/v2.0/authorize?p=B2C_1A_SignUpOrSignIn&client_id=4ed299de-39a8-4c1b-a4ba-dc2ee4383b02&nonce=defaultNonce&redirect_uri=https://www.rushmoreservicing.com/sessions/login&scope=openid&response_type=id_token&response_mode=form_post&pageName=&session_id=9b57d7d417682c55f1679c3a124258b5&guid=&ga_client_id=&&getCustomer=no&state={%22redirect%22:null}&x-client-SKU=apollo-accounts-rsh-prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14761ddcba5ffc301381d3a96f4736323ffaa1f674ccabf9acd65506a794bce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 21:55:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:55:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 21:55:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 441 KB
114 KB 58ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PT5RFM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1fb75998f2fa71f40851834b316596e17b49fca62635e4cf469561d258ccb311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:55:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115894
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 21:55:42 GMT

GET
H2 200 config.json Show response
storage.googleapis.com/apolloimage/images/tax-season-config/ 5 KB
5 KB 31ms
9ms XHR
application/json 2a00:1450:4001:80f::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/apolloimage/images/tax-season-config/config.json
Requested by: Host: account.rushmoreservicing.com
URL: https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/oauth2/v2.0/authorize?p=B2C_1A_SignUpOrSignIn&client_id=4ed299de-39a8-4c1b-a4ba-dc2ee4383b02&nonce=defaultNonce&redirect_uri=https://www.rushmoreservicing.com/sessions/login&scope=openid&response_type=id_token&response_mode=form_post&pageName=&session_id=9b57d7d417682c55f1679c3a124258b5&guid=&ga_client_id=&&getCustomer=no&state={%22redirect%22:null}&x-client-SKU=apollo-accounts-rsh-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b1c6d312e2d6d8716aad1c4b1ac366c0e0052a6cba5b06ac3fc327d4a56511be

Request headers

Accept: */*
Referer: https://account.rushmoreservicing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:26:47 GMT
age: 1735
x-guploader-uploadid: ABPtcPq5Pv-fuR28DquYtS2bn_oREhVSfubFfRUUJSvfGP7VJQfKLAIC12TGOpRDHMA5bB_zwNY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4923
last-modified: Wed, 29 Nov 2023 19:12:02 GMT
server: UploadServer
etag: "901be9fed94c4a4aa0dcf28742d44723"
x-goog-generation: 1701285122478702
x-goog-hash: crc32c=3sissw==, md5=kBvp/tlMSkqg3PKHQtRHIw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 4923
accept-ranges: bytes
content-type: application/json
expires: Tue, 05 Dec 2023 22:26:47 GMT

GET
H2 200 config_upper.json Show response
storage.googleapis.com/apolloimage/images/rsh/maintenance_banner/ 857 B
1 KB 30ms
13ms XHR
application/json 2a00:1450:4001:80f::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/apolloimage/images/rsh/maintenance_banner/config_upper.json
Requested by: Host: account.rushmoreservicing.com
URL: https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/oauth2/logout?state={%22redirect%22:null}&post_logout_redirect_uri=https://www.rushmoreservicing.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5a8c6f19408782cb7aeedfa44d6a94703b7ac38029acd8b613f3fcdd89f33d75

Request headers

Accept: */*
Referer: https://account.rushmoreservicing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:44:26 GMT
age: 676
x-guploader-uploadid: ABPtcPogffpqazT_t-M5zTpDjmCs1rP4TQ5ywKhEzp0rcZFGzoQ_QGCS4-rXKOgPohzTSuna2KVzyuuB2w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 857
last-modified: Fri, 10 Nov 2023 20:00:58 GMT
server: UploadServer
etag: "39052d3b9c9ffbab1c03bdfb2cc1fcaa"
x-goog-generation: 1699646458301886
x-goog-hash: crc32c=fLqKog==, md5=OQUtO5yf+6scA737LMH8qg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 857
accept-ranges: bytes
content-type: application/json
expires: Tue, 05 Dec 2023 22:44:26 GMT

POST
H2 200 perftrace Show response
account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/client/ 0
417 B 324ms
324ms XHR
text/plain 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/client/perftrace?tx=StateProperties=eyJUSUQiOiI5MTU2NTg4NC0xZDZlLTQzYmEtOTg5OC1hY2RiZWQwNDg0ZDUifQ&p=B2C_1A_SignUpOrSignIn

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-CSRF-TOKEN: UUNhVVpBTk1zZ3pIckZxM2JPWVdiRzJCRDI4N01kQnFLcE82K3J6QVMvVitySnFGLzI4cmUxczVEVzhyMUN1NEsxK3h3bUUzdE1kOStTN0VXMHdySlE9PTsyMDIzLTEyLTA1VDIxOjU1OjQwLjk1MTI2NDhaO2VjakZTWUt4d2h5THJXZ0Rhd2swTlE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjo0fQ==
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/oauth2/v2.0/authorize?p=B2C_1A_SignUpOrSignIn&client_id=4ed299de-39a8-4c1b-a4ba-dc2ee4383b02&nonce=defaultNonce&redirect_uri=https://www.rushmoreservicing.com/sessions/login&scope=openid&response_type=id_token&response_mode=form_post&pageName=&session_id=9b57d7d417682c55f1679c3a124258b5&guid=&ga_client_id=&&getCustomer=no&state={%22redirect%22:null}&x-client-SKU=apollo-accounts-rsh-prod
X-Requested-With: XMLHttpRequest
Request-Id: |64927a632a0546e786edf3aea06bfb94.bc1e36b6b2724a02

Response headers

date: Tue, 05 Dec 2023 21:55:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
allow: OPTIONS, TRACE, GET, HEAD, POST
x-cache: CONFIG_NOCACHE
x-azure-ref: 20231205T215542Z-3043m073tp4rx1nra8ayyk7egw0000000fkg00000001vhcy
public: OPTIONS,TRACE,GET,HEAD,POST
cache-control: no-store, must-revalidate, no-cache
accept-ranges: bytes
x-ms-gateway-requestid: 7df93211-ba85-4d19-90f6-3113af86f08a
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,700;0,900;1,400;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://account.rushmoreservicing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:11:22 GMT
x-content-type-options: nosniff
age: 92660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 20:11:22 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 35ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,700;0,900;1,400;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://account.rushmoreservicing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:11:22 GMT
x-content-type-options: nosniff
age: 92660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 20:11:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-23DY4GQG1M&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT5RFM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21b9d4f1078b2c364d564985c5ba5f382d61c0b540aaad96ea4e07b07557a0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:55:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93067
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 21:55:42 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/958038470/ 4 KB
2 KB 69ms
48ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/958038470/?random=1701813342509&cv=11&fst=1701813342509&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71404933&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Faccount.rushmoreservicing.com%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize%3Fp%3DB2C_1A_SignUpOrSignIn%26client_id%3D4ed299de-39a8-4c1b-a4ba-dc2ee4383b02%26nonce%3DdefaultNonce%26redirect_uri%3Dhttps%3A%2F%2Fwww.rushmoreservicing.com%2Fsessions%2Flogin%26scope%3Dopenid%26response_type%3Did_token%26response_mode%3Dform_post%26pageName%3D%26session_id%3D9b57d7d417682c55f1679c3a124258b5%26guid%3D%26ga_client_id%3D%26%26getCustomer%3Dno%26state%3D%7B%2522redirect%2522%3Anull%7D%26x-client-SKU%3Dapollo-accounts-rsh-prod&ref=https%3A%2F%2Faccount.rushmoreservicing.com%2F&hn=www.googleadservices.com&frm=0&tiba=Mortgage%20Account%20Login%2C%20Sign%20In%20%7C%20Rushmore%20Servicing&auid=1860358247.1701813343&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT5RFM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1de248af7ead14c406493067a9e66a858c8f30b92a6784b11adfe7ddeea7abc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1579
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT5RFM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 21:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 833
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Dec 2023 23:41:49 GMT

GET
H2 200 hotjar-1444525.js Show response
static.hotjar.com/c/ 9 KB
4 KB 66ms
24ms Script
application/javascript 65.9.95.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1444525.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-121.prg50.r.cloudfront.net

Software

Resource Hash

9f2388f9c36f6710cc8f9a25d252857b645b4c04453630a411421d5f5ae106ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 21:55:36 GMT
via: 1.1 c76f57c516237f120f723cde4dab446e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 6
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/3fd73a0a3e30c0c822e4d7209952af0a
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: Rmk_sid-_0ZiE4cyN2p07bYPJAqxn0sBgLEInJ-sI-P4oeTnZTxO1A==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 50ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 05 Dec 2023 21:55:41 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8EB3696CEF264CD6A7B9FF8BC3EE3525 Ref B: FRA31EDGE0212 Ref C: 2023-12-05T21:55:42Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 72899161.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 47ms
8ms Script
text/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/72899161.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT5RFM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-cache-hits: 34199
date: Tue, 05 Dec 2023 21:55:42 GMT
content-encoding: gzip
via: 1.1 varnish
age: 507584
x-cache: HIT
content-length: 5579
x-served-by: cache-fra-eddf8230020-FRA
last-modified: Wed, 29 Nov 2023 22:37:17 GMT
server: Apache
x-timer: S1701813343.561010,VS0,VE0
etag: "421e-60b522d63c140-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-vimeo-dc: ge
x-bapp-server: assets-7d5485cc5b-98bwd
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Nov 2033 00:55:58 GMT

GET
H/1.1 200
OK f86.js Show response
s3.amazonaws.com/ki.js/65142/ 303 B
659 B 290ms
100ms Script
application/ecmascript 54.231.136.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/ki.js/65142/f86.js
Requested by: Host: account.rushmoreservicing.com
URL: https://account.rushmoreservicing.com/4d13549c-a865-41e8-ae6c-ac87c83c4099/B2C_1A_SignUpOrSignIn/oauth2/logout?state={%22redirect%22:null}&post_logout_redirect_uri=https://www.rushmoreservicing.com/signin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.136.64 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: dd787ea0066722728e838769befa74071ce4853144eb771c9ada3decf7176f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 21:55:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Sep 2022 05:20:56 GMT
Server: AmazonS3
x-amz-request-id: 6PNRBWDPED853A0P
ETag: "fd7fb98f31d4a8d4d54362b9c94944bb"
Content-Type: application/ecmascript
Cache-Control: s-maxage=3600, max-age=0
Accept-Ranges: bytes
Content-Length: 225
x-amz-id-2: fVbLBvsdEE3vZEDO+CCYyzHL0rLJf+p+I+oE7TwiOGqi1hYa2S0KT22PgYUo4yl14cXKqsZPuIw=

POST
H2 204 collect
region1.google-analytics.com/g/ 0
263 B 36ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-23DY4GQG1M&gtm=45je3bt0v9165240433z871404933&_p=1701813342389&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=841479832.1701813343&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1701813342&sct=1&seg=0&dl=https%3A%2F%2Faccount.rushmoreservicing.com%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize%3Fp%3DB2C_1A_SignUpOrSignIn%26client_id%3D4ed299de-39a8-4c1b-a4ba-dc2ee4383b02%26nonce%3DdefaultNonce%26redirect_uri%3Dhttps%3A%2F%2Fwww.rushmoreservicing.com%2Fsessions%2Flogin%26scope%3Dopenid%26response_type%3Did_token%26response_mode%3Dform_post%26pageName%3D%26session_id%3D9b57d7d417682c55f1679c3a124258b5%26guid%3D%26ga_client_id%3D%26%26getCustomer%3Dno%26state%3D%7B%2522redirect%2522%3Anull%7D%26x-client-SKU%3Dapollo-accounts-rsh-prod&dr=https%3A%2F%2Faccount.rushmoreservicing.com%2F&dt=Mortgage%20Account%20Login%2C%20Sign%20In%20%7C%20Rushmore%20Servicing&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2120
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-23DY4GQG1M&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:55:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.rushmoreservicing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ 0
0 245ms
15ms Preflight 13.69.106.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://account.rushmoreservicing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Tue, 05 Dec 2023 21:55:42 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
281 B 197ms
197ms XHR
application/json 13.69.106.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c76113983ba1a86f5aeae84fdaa0ea46173cfbe72d0b6ea1d27bb8d4e8d01f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.rushmoreservicing.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 3DFF3ACC-9ABF-492C-9FA2-6C6980492814
strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 21:55:42 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
217 B 15ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=628442847&t=pageview&_s=1&dl=https%3A%2F%2Faccount.rushmoreservicing.com%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize%3Fp%3DB2C_1A_SignUpOrSignIn%26client_id%3D4ed299de-39a8-4c1b-a4ba-dc2ee4383b02%26nonce%3DdefaultNonce%26redirect_uri%3Dhttps%3A%2F%2Fwww.rushmoreservicing.com%2Fsessions%2Flogin%26scope%3Dopenid%26response_type%3Did_token%26response_mode%3Dform_post%26pageName%3D%26session_id%3D9b57d7d417682c55f1679c3a124258b5%26guid%3D%26ga_client_id%3D%26%26getCustomer%3Dno%26state%3D%7B%2522redirect%2522%3Anull%7D%26x-client-SKU%3Dapollo-accounts-rsh-prod&ul=en-us&de=UTF-8&dt=Mortgage%20Account%20Login%2C%20Sign%20In%20%7C%20Rushmore%20Servicing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=.&_u=YCDAgEABAAAAACgAI~&jid=1161082050&gjid=1824728691&cid=841479832.1701813343&tid=UA-12910956-1&_gid=1981644811.1701813343&_slc=1&gtm=45He3bt0n71PT5RFMv71404933&cd5=33778b0a-ade8-4143-9af8-a896f577f557&cd6=1701813342512&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=731138156

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.rushmoreservicing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:55:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.rushmoreservicing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
358 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-12910956-1&cid=841479832.1701813343&jid=1161082050&gjid=1824728691&_gid=1981644811.1701813343&_u=YCDAgEABAAAAAGgAIAC~&z=1601744876

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.rushmoreservicing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 05 Dec 2023 21:55:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.rushmoreservicing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 17ms
17ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=628442847&t=event&ni=0&_s=1&dl=https%3A%2F%2Faccount.rushmoreservicing.com%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize%3Fp%3DB2C_1A_SignUpOrSignIn%26client_id%3D4ed299de-39a8-4c1b-a4ba-dc2ee4383b02%26nonce%3DdefaultNonce%26redirect_uri%3Dhttps%3A%2F%2Fwww.rushmoreservicing.com%2Fsessions%2Flogin%26scope%3Dopenid%26response_type%3Did_token%26response_mode%3Dform_post%26pageName%3D%26session_id%3D9b57d7d417682c55f1679c3a124258b5%26guid%3D%26ga_client_id%3D%26%26getCustomer%3Dno%26state%3D%7B%2522redirect%2522%3Anull%7D%26x-client-SKU%3Dapollo-accounts-rsh-prod&ul=en-us&de=UTF-8&dt=Mortgage%20Account%20Login%2C%20Sign%20In%20%7C%20Rushmore%20Servicing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=virtual%20pageview&ea=window%20loaded&el=prefill%20%3A%20%20logged%20in%20%3A%20&_u=YCDAAEABAAAAAGgAIAC~&jid=1919288105&gjid=1816822351&cid=841479832.1701813343&tid=UA-12910956-1&_gid=1981644811.1701813343&_r=1&gtm=45He3bt0n71PT5RFMv71404933&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=731301009

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.rushmoreservicing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:55:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.rushmoreservicing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 7ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=628442847&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.rushmoreservicing.com%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize%3Fp%3DB2C_1A_SignUpOrSignIn%26client_id%3D4ed299de-39a8-4c1b-a4ba-dc2ee4383b02%26nonce%3DdefaultNonce%26redirect_uri%3Dhttps%3A%2F%2Fwww.rushmoreservicing.com%2Fsessions%2Flogin%26scope%3Dopenid%26response_type%3Did_token%26response_mode%3Dform_post%26pageName%3D%26session_id%3D9b57d7d417682c55f1679c3a124258b5%26guid%3D%26ga_client_id%3D%26%26getCustomer%3Dno%26state%3D%7B%2522redirect%2522%3Anull%7D%26x-client-SKU%3Dapollo-accounts-rsh-prod&ul=en-us&de=UTF-8&dt=Mortgage%20Account%20Login%2C%20Sign%20In%20%7C%20Rushmore%20Servicing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25%25&el=%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize&_u=YCDAAEABAAAAAGgAIAC~&jid=&gjid=&cid=841479832.1701813343&tid=UA-12910956-1&_gid=1981644811.1701813343&gtm=45He3bt0n71PT5RFMv71404933&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=799059263

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 22:45:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83432
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
8ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=628442847&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.rushmoreservicing.com%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize%3Fp%3DB2C_1A_SignUpOrSignIn%26client_id%3D4ed299de-39a8-4c1b-a4ba-dc2ee4383b02%26nonce%3DdefaultNonce%26redirect_uri%3Dhttps%3A%2F%2Fwww.rushmoreservicing.com%2Fsessions%2Flogin%26scope%3Dopenid%26response_type%3Did_token%26response_mode%3Dform_post%26pageName%3D%26session_id%3D9b57d7d417682c55f1679c3a124258b5%26guid%3D%26ga_client_id%3D%26%26getCustomer%3Dno%26state%3D%7B%2522redirect%2522%3Anull%7D%26x-client-SKU%3Dapollo-accounts-rsh-prod&ul=en-us&de=UTF-8&dt=Mortgage%20Account%20Login%2C%20Sign%20In%20%7C%20Rushmore%20Servicing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=50%25&el=%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize&_u=YCDAAEABAAAAAGgAIAC~&jid=&gjid=&cid=841479832.1701813343&tid=UA-12910956-1&_gid=1981644811.1701813343&gtm=45He3bt0n71PT5RFMv71404933&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=77886080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 22:45:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83432
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 9ms
8ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=628442847&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.rushmoreservicing.com%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize%3Fp%3DB2C_1A_SignUpOrSignIn%26client_id%3D4ed299de-39a8-4c1b-a4ba-dc2ee4383b02%26nonce%3DdefaultNonce%26redirect_uri%3Dhttps%3A%2F%2Fwww.rushmoreservicing.com%2Fsessions%2Flogin%26scope%3Dopenid%26response_type%3Did_token%26response_mode%3Dform_post%26pageName%3D%26session_id%3D9b57d7d417682c55f1679c3a124258b5%26guid%3D%26ga_client_id%3D%26%26getCustomer%3Dno%26state%3D%7B%2522redirect%2522%3Anull%7D%26x-client-SKU%3Dapollo-accounts-rsh-prod&ul=en-us&de=UTF-8&dt=Mortgage%20Account%20Login%2C%20Sign%20In%20%7C%20Rushmore%20Servicing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=75%25&el=%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize&_u=YCDAAEABAAAAAGgAIAC~&jid=&gjid=&cid=841479832.1701813343&tid=UA-12910956-1&_gid=1981644811.1701813343&gtm=45He3bt0n71PT5RFMv71404933&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=115311368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 22:45:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83432
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 10ms
9ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=628442847&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.rushmoreservicing.com%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize%3Fp%3DB2C_1A_SignUpOrSignIn%26client_id%3D4ed299de-39a8-4c1b-a4ba-dc2ee4383b02%26nonce%3DdefaultNonce%26redirect_uri%3Dhttps%3A%2F%2Fwww.rushmoreservicing.com%2Fsessions%2Flogin%26scope%3Dopenid%26response_type%3Did_token%26response_mode%3Dform_post%26pageName%3D%26session_id%3D9b57d7d417682c55f1679c3a124258b5%26guid%3D%26ga_client_id%3D%26%26getCustomer%3Dno%26state%3D%7B%2522redirect%2522%3Anull%7D%26x-client-SKU%3Dapollo-accounts-rsh-prod&ul=en-us&de=UTF-8&dt=Mortgage%20Account%20Login%2C%20Sign%20In%20%7C%20Rushmore%20Servicing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=100%25&el=%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize&_u=YCDAAEABAAAAAGgAIAC~&jid=&gjid=&cid=841479832.1701813343&tid=UA-12910956-1&_gid=1981644811.1701813343&gtm=45He3bt0n71PT5RFMv71404933&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=517892328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 22:45:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83432
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5065759.js Show response
bat.bing.com/p/action/ 0
117 B 32ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5065759.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 05 Dec 2023 21:55:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22BD007E17234DF7B766C23E3EE1978A Ref B: FRA31EDGE0212 Ref C: 2023-12-05T21:55:42Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
288 B 83ms
82ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5065759&Ver=2&mid=cff9298f-95ed-418d-8db1-0da0d76a2bd1&sid=0919a34093b911eea1f09389fd2c83bf&vid=0919a82093b911ee911329c29ee27c57&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Mortgage%20Account%20Login,%20Sign%20In%20%7C%20Rushmore%20Servicing&p=https%3A%2F%2Faccount.rushmoreservicing.com%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize%3Fp%3DB2C_1A_SignUpOrSignIn%26client_id%3D4ed299de-39a8-4c1b-a4ba-dc2ee4383b02%26nonce%3DdefaultNonce%26redirect_uri%3Dhttps%3A%2F%2Fwww.rushmoreservicing.com%2Fsessions%2Flogin%26scope%3Dopenid%26response_type%3Did_token%26response_mode%3Dform_post%26pageName%3D%26session_id%3D9b57d7d417682c55f1679c3a124258b5%26guid%3D%26ga_client_id%3D%26%26getCustomer%3Dno%26state%3D%7B%2522redirect%2522%3Anull%7D%26x-client-SKU%3Dapollo-accounts-rsh-prod&r=https%3A%2F%2Faccount.rushmoreservicing.com%2F&lt=852&evt=pageLoad&sv=1&rn=805644

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Dec 2023 21:55:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 478DD748BD7C4F8C8E82ACCE6DC00A82 Ref B: FRA31EDGE0212 Ref C: 2023-12-05T21:55:42Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/958038470/ 42 B
455 B 43ms
22ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/958038470/?random=1701813342509&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71404933&u_w=1600&u_h=1200&url=https%3A%2F%2Faccount.rushmoreservicing.com%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize%3Fp%3DB2C_1A_SignUpOrSignIn%26client_id%3D4ed299de-39a8-4c1b-a4ba-dc2ee4383b02%26nonce%3DdefaultNonce%26redirect_uri%3Dhttps%3A%2F%2Fwww.rushmoreservicing.com%2Fsessions%2Flogin%26scope%3Dopenid%26response_type%3Did_token%26response_mode%3Dform_post%26pageName%3D%26session_id%3D9b57d7d417682c55f1679c3a124258b5%26guid%3D%26ga_client_id%3D%26%26getCustomer%3Dno%26state%3D%7B%2522redirect%2522%3Anull%7D%26x-client-SKU%3Dapollo-accounts-rsh-prod&ref=https%3A%2F%2Faccount.rushmoreservicing.com%2F&frm=0&tiba=Mortgage%20Account%20Login%2C%20Sign%20In%20%7C%20Rushmore%20Servicing&fmt=3&is_vtc=1&cid=CAQSGwDICaaNagF2sl2_W7tNJdW7VQ7oPNrdgrDfmw&random=4113767639&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:55:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/958038470/ 42 B
455 B 48ms
26ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/958038470/?random=1701813342509&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71404933&u_w=1600&u_h=1200&url=https%3A%2F%2Faccount.rushmoreservicing.com%2F4d13549c-a865-41e8-ae6c-ac87c83c4099%2Foauth2%2Fv2.0%2Fauthorize%3Fp%3DB2C_1A_SignUpOrSignIn%26client_id%3D4ed299de-39a8-4c1b-a4ba-dc2ee4383b02%26nonce%3DdefaultNonce%26redirect_uri%3Dhttps%3A%2F%2Fwww.rushmoreservicing.com%2Fsessions%2Flogin%26scope%3Dopenid%26response_type%3Did_token%26response_mode%3Dform_post%26pageName%3D%26session_id%3D9b57d7d417682c55f1679c3a124258b5%26guid%3D%26ga_client_id%3D%26%26getCustomer%3Dno%26state%3D%7B%2522redirect%2522%3Anull%7D%26x-client-SKU%3Dapollo-accounts-rsh-prod&ref=https%3A%2F%2Faccount.rushmoreservicing.com%2F&frm=0&tiba=Mortgage%20Account%20Login%2C%20Sign%20In%20%7C%20Rushmore%20Servicing&fmt=3&is_vtc=1&cid=CAQSGwDICaaNagF2sl2_W7tNJdW7VQ7oPNrdgrDfmw&random=4113767639&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:55:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.9a6460d94a753d6764ef.js Show response
script.hotjar.com/ 218 KB
55 KB 40ms
9ms Script
application/javascript 65.9.95.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9a6460d94a753d6764ef.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1444525.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-91.prg50.r.cloudfront.net

Software

Resource Hash

15123675f1ab5bbd2dd01a31b3296559f3ebe212aec4fbb1604b1340c83ec2d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 36816
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55401
last-modified: Tue, 05 Dec 2023 11:41:37 GMT
etag: "96ef6b2dd3fa58f5dfaaef19a5968444"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Itf3h77laNk1471jvWiVTaqpQVWrLjHkX48Zxetczji15Antlf5NHA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 39ms
21ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-12910956-1&cid=841479832.1701813343&jid=1919288105&gjid=1816822351&_gid=1981644811.1701813343&_u=YCDAAEABAAAAAGgAIAC~&z=1996038097

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.rushmoreservicing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 05 Dec 2023 21:55:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.rushmoreservicing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 23ms
21ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-12910956-1&cid=841479832.1701813343&jid=1161082050&_u=YCDAgEABAAAAAGgAIAC~&z=972378388

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:55:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
17ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-12910956-1&cid=841479832.1701813343&jid=1161082050&_u=YCDAgEABAAAAAGgAIAC~&z=972378388

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:55:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 21ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-12910956-1&cid=841479832.1701813343&jid=1919288105&_u=YCDAAEABAAAAAGgAIAC~&z=1239589286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:55:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
17ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-12910956-1&cid=841479832.1701813343&jid=1919288105&_u=YCDAAEABAAAAAGgAIAC~&z=1239589286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.rushmoreservicing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:55:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.rushmoreservicing.com/	1970-01-20 16:43:34	Name: _apollo-web_session Value: 9b57d7d417682c55f1679c3a124258b5
account.rushmoreservicing.com/	1970-01-20 16:43:36	Name: x-ms-cpim-geo Value: NA
.account.rushmoreservicing.com/	1969-12-31 23:59:59	Name: x-ms-cpim-sso:rushmoreprod.onmicrosoft.com_0 Value: m1.0Le70O5+7XVIzPKL.E9+MuA2QeWKwP5m6Lr1q/A==.0.7ifZF+un4z7OvMQ1sgOYnlGRlDOHMudwa7DxOBEjdx2UybuWvnd15vmDXbBr3QlQ1/JVKAolXr9/7xfJaO4ImG2F7lgpuZEQuvVthM+ciyN3DFsQZBdePKwMMpEtQCNws1FIbTdS2A5xuqgaQrGZ4av1F5RsJAEPvopf6UNyMQW384tt7Lc5GUsCMV+rLOeAdhGXj6GuGirYpyV5Ig6oYEl3V1fFqFSwfxKj6vejG8TLNwwFxqOqvvx+KiZVJL/DGLVR+B5G8oMH0SwHvq6FdylymIChnXCXNATKbhnvBZtLi7AJTLbCEhlatCNxzLwEsJBGTHcXm7rzdyvKLRGPpxt70pRhi5r/LRCZBrZjsiSGQlVj2ZTZCrO5Xiv7
.account.rushmoreservicing.com/	1969-12-31 23:59:59	Name: x-ms-cpim-csrf Value: UUNhVVpBTk1zZ3pIckZxM2JPWVdiRzJCRDI4N01kQnFLcE82K3J6QVMvVitySnFGLzI4cmUxczVEVzhyMUN1NEsxK3h3bUUzdE1kOStTN0VXMHdySlE9PTsyMDIzLTEyLTA1VDIxOjU1OjQwLjk1MTI2NDhaO2VjakZTWUt4d2h5THJXZ0Rhd2swTlE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjo0fQ==
.account.rushmoreservicing.com/	1969-12-31 23:59:59	Name: x-ms-cpim-cache\|hfhwkw4dukoymkzb7qse1q_0 Value: m1.7rreYU8ExvcTjsLS.hj74LZLWUeypCHV6i2AC0Q==.0.PmY2/ro19g1BBc1Sfjve0O6B5wGjGMT3sVqR6jWnAkBKw1oll4hj/h23YbnWpxCmgp536l0/pfTgZC+SiUCWGlLoACR618bVzMxia40xhnjxE443Z3T8vaGvD/5SOJIfw77OBjxqIyVAUpTTUqvpWOTZIaBSr9IgoNYZqgdEEAHp0K6nxwGHmnxMm6Mwh4opEs6DXhq/v4edaBoCCZOi2qKjwG5afSnJdUePCka3KEpWZQq4gDbL/pyAkOxhmSd7AbsaG780PpSlxRkVyA6skHMpEXS/Zay6PBGBaygRt7wY5ECMh+G5Z/AzFFHiQwcxpT6RoNyk4eXXBYYHt7ayFWAsR6vYy3mjBMgVVHSDC4paAAHllIUlsT22lrKk0cyWtGRyLyXYc4KA5taZgq5Y4hnGq3FOEf93m8mgi09BLcR6TBol11FfEQar8Hl6fGbbTFhakK18aSh+lvQpIYWFiEo1OVvBFqYTYMreUsddsdxTxqG2so8xUqgTDCqWtphNrdWS58ZC3Q9M8cIelVhAdwscTIFjQgh4oBYbPgapaWKmV0n31hOeDK6+ie6qF8cTw8CvKt+D9LbgUO91VyLraiR4RKgPN963+c47VwIBH5X1fE4tFkKLisNFwBggQeTBdWV1Yz4zGcYLg8e43Cl9xFOCwdp5IvsjkhKVg3LdyCABnw5J1FQ6uboCgjHmeKtA/8G2R93WPuLPZkydZzQ/KVQIyG9oOAla5YX58b4spGML1nGFZMOfITWqL82N8NYq4Dj0toUQrJb5d+5JpiLtRMKBB0rHBNAMxvpGPQJuORFBx0EJbI7K1ScgN6N67x4OsRynOzBKcLxz3rAW
.account.rushmoreservicing.com/	1969-12-31 23:59:59	Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6IjkxNTY1ODg0LTFkNmUtNDNiYS05ODk4LWFjZGJlZDA0ODRkNSIsIlQiOiJydXNobW9yZXByb2Qub25taWNyb3NvZnQuY29tIiwiUCI6IkIyQ18xQV9TaWduVXBPclNpZ25JbiIsIkMiOiI0ZWQyOTlkZS0zOWE4LTRjMWItYTRiYS1kYzJlZTQzODNiMDIiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjkxNTY1ODg0LTFkNmUtNDNiYS05ODk4LWFjZGJlZDA0ODRkNSJ9
account.rushmoreservicing.com/	1970-01-21 01:29:09	Name: ai_user Value: RXuxp0H+2n12agl+4q2fX2\|2023-12-05T21:55:42.452Z
account.rushmoreservicing.com/	1970-01-20 16:43:35	Name: ai_session Value: DZ+pwLqaWJqIKQlqpx2PWb\|1701813342499\|1701813342499
.rushmoreservicing.com/	1970-01-20 18:53:09	Name: _gcl_au Value: 1.1.1860358247.1701813343
account.rushmoreservicing.com/	1969-12-31 23:59:59	Name: utm_source_cookie Value: undefined
account.rushmoreservicing.com/	1969-12-31 23:59:59	Name: utms Value: undefined,undefined,undefined,undefined,undefined
.rushmoreservicing.com/	1970-01-21 02:19:33	Name: _ga_23DY4GQG1M Value: GS1.1.1701813342.1.0.1701813342.0.0.0
.rushmoreservicing.com/	1970-01-21 02:19:33	Name: _ga Value: GA1.2.841479832.1701813343
.rushmoreservicing.com/	1970-01-20 16:44:59	Name: _gid Value: GA1.2.1981644811.1701813343
.doubleclick.net/	1970-01-20 16:43:34	Name: test_cookie Value: CheckForPermission
.rushmoreservicing.com/	1970-01-20 16:43:33	Name: _dc_gtm_UA-12910956-1 Value: 1
.rushmoreservicing.com/	1970-01-20 16:43:33	Name: _gat_UA-12910956-1 Value: 1
.rushmoreservicing.com/	1970-01-20 16:44:59	Name: _uetsid Value: 0919a34093b911eea1f09389fd2c83bf
.rushmoreservicing.com/	1970-01-21 02:05:09	Name: _uetvid Value: 0919a82093b911ee911329c29ee27c57
.rushmoreservicing.com/	1970-01-21 01:29:09	Name: _hjSessionUser_1444525 Value: eyJpZCI6ImNmZDlhZjc1LTNiY2YtNWMwNi1iM2UxLTQ4ODdhZTExMGMxYyIsImNyZWF0ZWQiOjE3MDE4MTMzNDI2NzksImV4aXN0aW5nIjpmYWxzZX0=
.rushmoreservicing.com/	1970-01-20 16:43:35	Name: _hjFirstSeen Value: 1
.rushmoreservicing.com/	1970-01-20 16:43:35	Name: _hjIncludedInSessionSample_1444525 Value: 0
.rushmoreservicing.com/	1970-01-20 16:43:35	Name: _hjSession_1444525 Value: eyJpZCI6IjExMWRlNmU1LThiMWMtNDIwNS1iYmMzLTYwZmUyMGU2MWE4NCIsImNyZWF0ZWQiOjE3MDE4MTMzNDI2ODAsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.rushmoreservicing.com/	1970-01-20 16:43:35	Name: _hjAbsoluteSessionInProgress Value: 0
.bing.com/	1970-01-21 02:05:09	Name: MUID Value: 1ACE4D93C861655506DA5E4DC9EA640C

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'strict-dynamic' 'self' 'nonce-gjBtmdtGyFZPDtMLpUtCxw==' 'report-sample'; report-uri /rushmoreprod.onmicrosoft.com/B2C_1A_SignUpOrSignIn/client/cspreport?p=B2C_1A_SignUpOrSignIn
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.rushmoreservicing.com
bat.bing.com
dc.services.visualstudio.com
extend.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
region1.google-analytics.com
rshb2cprodstg.blob.core.windows.net
s3.amazonaws.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.rushmoreservicing.com
13.69.106.211
146.75.118.109
20.38.122.68
2001:4860:4802:32::36
2606:4700:4400::ac40:9696
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::201b
2a00:1450:4001:813::2004
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:400c:c00::9a
54.231.136.64
65.9.95.121
65.9.95.91
08e948f51a803580e6745b7ce06d3761a37e04d208f2364a066a97656ab41baf
14761ddcba5ffc301381d3a96f4736323ffaa1f674ccabf9acd65506a794bce5
15123675f1ab5bbd2dd01a31b3296559f3ebe212aec4fbb1604b1340c83ec2d8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1de248af7ead14c406493067a9e66a858c8f30b92a6784b11adfe7ddeea7abc8
1fb75998f2fa71f40851834b316596e17b49fca62635e4cf469561d258ccb311
21b9d4f1078b2c364d564985c5ba5f382d61c0b540aaad96ea4e07b07557a0b6
5a71131699191f7571667937a18c8a0513d4d7d79840b5256181b1e27709a722
5a8c6f19408782cb7aeedfa44d6a94703b7ac38029acd8b613f3fcdd89f33d75
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
69c4e6d20862a6ceabf1c5ddeb722c7e546ac062a7e1b87116f9b31b8eadac14
6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9f2388f9c36f6710cc8f9a25d252857b645b4c04453630a411421d5f5ae106ab
b1c6d312e2d6d8716aad1c4b1ac366c0e0052a6cba5b06ac3fc327d4a56511be
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c76113983ba1a86f5aeae84fdaa0ea46173cfbe72d0b6ea1d27bb8d4e8d01f2b
d846ffb64c121e40d1cb2594c589a93c2aa278d2b4f4da2efd470e9f72204965
dd787ea0066722728e838769befa74071ce4853144eb771c9ada3decf7176f2d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

account.rushmoreservicing.com Open in urlscan Pro 2620:1ec:46::45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

68 %IPv6

14 Domains

19 Subdomains

18 IPs

4 Countries

1088 kBTransfer

1839 kBSize

25 Cookies

4 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

account.rushmoreservicing.com Open in urlscan Pro
2620:1ec:46::45 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

68 %
IPv6

14
Domains

19
Subdomains

18
IPs

4
Countries

1088 kB
Transfer

1839 kB
Size

25
Cookies

39 HTTP transactions
0 data transactions