partnerdemo300.aprimo.com Open in urlscan Pro
51.105.188.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login.rosalind-stg.activator.cloud/
Effective URL:
https://partnerdemo300.aprimo.com/login/Account/Login?ReturnUrl=%2Flogin%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%2...
Submission: On May 15 via automatic, source certstream-suspicious (May 15th 2024, 12:26:10 pm UTC) — Scanned from DE

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 11 HTTP transactions. The main IP is 51.105.188.104, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is partnerdemo300.aprimo.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on July 8th 2023. Valid for: a year.

This is the only time partnerdemo300.aprimo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700::68... 2606:4700::6813:9813	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	13.33.187.66 13.33.187.66	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:1c00:5:57e9:e553:c21	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:20a... 2600:9000:20ae:f000:16:fecd:21c0:21	16509 (AMAZON-02) (AMAZON-02)
1	138.199.36.10 138.199.36.10	60068 (CDN77 _) (CDN77 _)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1 1	104.19.153.19 104.19.153.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	51.105.188.104 51.105.188.104	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	5

2 2606:4700::6813:9813 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

login.rosalind-stg.activator.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.33.187.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-66.fra60.r.cloudfront.net

rosalind-stg.activator.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:1c00:5:57e9:e553:c21 (United States)

ASN16509 (AMAZON-02, US)

cdn.ably.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ae:f000:16:fecd:21c0:21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d1azc1qln24ryf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.36.10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 138-199-36-10.bunnyinfra.net

cdn.icomoon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.153.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

login.rosalind-stg.activator.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.105.188.104 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

partnerdemo300.aprimo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	activator.cloud 3 redirects login.rosalind-stg.activator.cloud rosalind-stg.activator.cloud	1 MB
4	aprimo.com 1 redirects partnerdemo300.aprimo.com	4 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
1	icomoon.io cdn.icomoon.io — Cisco Umbrella Rank: 13561	3 KB
1	cloudfront.net 1 redirects d1azc1qln24ryf.cloudfront.net	297 B
1	ably.com cdn.ably.com — Cisco Umbrella Rank: 336088	64 KB
11	6

	Domain	Requested by
4	partnerdemo300.aprimo.com	1 redirects rosalind-stg.activator.cloud partnerdemo300.aprimo.com
4	rosalind-stg.activator.cloud	rosalind-stg.activator.cloud
3	login.rosalind-stg.activator.cloud	3 redirects
2	fonts.googleapis.com	rosalind-stg.activator.cloud
1	cdn.icomoon.io	rosalind-stg.activator.cloud
1	d1azc1qln24ryf.cloudfront.net	1 redirects
1	cdn.ably.com	rosalind-stg.activator.cloud
11	7

This site contains links to these domains. Also see Links.

Domain
www.aprimo.com

Subject Issuer	Validity	Valid
*.rosalind-stg.activator.cloud Amazon RSA 2048 M02	`2024-05-15` - `2025-06-13`	a year	crt.sh
cdn.ably.com Amazon RSA 2048 M03	`2024-04-14` - `2025-05-14`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.aprimo.com GlobalSign RSA OV SSL CA 2018	`2023-07-08` - `2024-08-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://partnerdemo300.aprimo.com/login/Account/Login?ReturnUrl=%2Flogin%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Flogin.rosalind-stg.activator.cloud%252Flogin%252Fcallback%26scope%3Dapi%2520offline_access%26code_challenge%3DFh-uOA7hCaVdwun7hk-tEZSWczB_cJGa4eImm_3dPBM%26code_challenge_method%3DS256%26state%3D_9I-UC6sUJLZ2ccmADuly889UUsKL3Qn%26client_id%3DC925LM48-C925
Frame ID: 0A87E6BC6A78A1CDC418BC74C5B4F3E5
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Agree to Terms of Use

Page URL History Show full URLs

https://login.rosalind-stg.activator.cloud/ HTTP 302
https://rosalind-stg.activator.cloud/ Page URL
https://login.rosalind-stg.activator.cloud/authorize?client_id=UCtq4QQ1URvzUFjuEefeq29MO9hvRVhW&scope=openid+profile+em... HTTP 302
https://login.rosalind-stg.activator.cloud/u/login?state=hqFo2SBBLXFXZjBDUHJYaDROT3ZMSVdUWWQtRGxDcjZiTTZzNaFur3VuaXZlcn... HTTP 302
https://partnerdemo300.aprimo.com/login/connect/authorize?login_hint=&response_type=code&redirect_uri=https%3A... HTTP 302
https://partnerdemo300.aprimo.com/login/Account/Login?ReturnUrl=%2Flogin%2Fconnect%2Fauthorize%2Fcallback%3Fre... Page URL

Page Statistics

11
Requests

91 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

5
IPs

4
Countries

1486 kB
Transfer

5170 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.aprimo.com/terms-eval/
Title: Terms and Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.rosalind-stg.activator.cloud/ HTTP 302
https://rosalind-stg.activator.cloud/ Page URL
https://login.rosalind-stg.activator.cloud/authorize?client_id=UCtq4QQ1URvzUFjuEefeq29MO9hvRVhW&scope=openid+profile+email&audience=rosalind-staging-backend%2FAPI&organization=org_ciTloY153of1pSHV&redirect_uri=https%3A%2F%2Frosalind-stg.activator.cloud%2Fcallback&max_age=3600&response_type=code&response_mode=query&state=Q2tsSHNNN0RhWS03V0o3RWdsMzhzU3dBVEhCMU5wVnBvQXRNUkhVeVZqLQ%3D%3D&nonce=OXN2NTIxYldWdTlLTEU5YUJVYVBWU1FRZ0dNYm9ZQXQ1TzlVWWgzVnJ5Tw%3D%3D&code_challenge=xnU8cABGtsFQ-yKZ48eXrFS1yp-qBNW35W2NyVC49MA&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtdnVlIiwidmVyc2lvbiI6IjIuMy4xIn0%3D HTTP 302
https://login.rosalind-stg.activator.cloud/u/login?state=hqFo2SBBLXFXZjBDUHJYaDROT3ZMSVdUWWQtRGxDcjZiTTZzNaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHdEb1Q4WlVXa1BSbktEUFpabzlqT0F2U0pSbjMwc1Zzo2NpZNkgVUN0cTRRUTFVUnZ6VUZqdUVlZmVxMjlNTzlodlJWaFelb3JnaWS0b3JnX2NpVGxvWTE1M29mMXBTSFanb3JnbmFtZbVkZW1vLXJvc2FsaW5kLXN0YWdpbmc HTTP 302
https://partnerdemo300.aprimo.com/login/connect/authorize?login_hint=&response_type=code&redirect_uri=https%3A%2F%2Flogin.rosalind-stg.activator.cloud%2Flogin%2Fcallback&scope=api%20offline_access&code_challenge=Fh-uOA7hCaVdwun7hk-tEZSWczB_cJGa4eImm_3dPBM&code_challenge_method=S256&state=_9I-UC6sUJLZ2ccmADuly889UUsKL3Qn&client_id=C925LM48-C925 HTTP 302
https://partnerdemo300.aprimo.com/login/Account/Login?ReturnUrl=%2Flogin%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Flogin.rosalind-stg.activator.cloud%252Flogin%252Fcallback%26scope%3Dapi%2520offline_access%26code_challenge%3DFh-uOA7hCaVdwun7hk-tEZSWczB_cJGa4eImm_3dPBM%26code_challenge_method%3DS256%26state%3D_9I-UC6sUJLZ2ccmADuly889UUsKL3Qn%26client_id%3DC925LM48-C925 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://login.rosalind-stg.activator.cloud/ HTTP 302
https://rosalind-stg.activator.cloud/

Request Chain 2

https://d1azc1qln24ryf.cloudfront.net/214395/Blackburn/style.css?ai2fyf HTTP 302
https://cdn.icomoon.io/214395/Blackburn/style.css

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
rosalind-stg.activator.cloud/
Redirect Chain

https://login.rosalind-stg.activator.cloud/
https://rosalind-stg.activator.cloud/

628 B
974 B

85ms
50ms

Document
text/html

13.33.187.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rosalind-stg.activator.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03be12e8add38805766743dbf6ec7c8c5bb39a099709029ca7baff99b6160f41

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-length: 628
content-type: text/html
date: Wed, 15 May 2024 12:26:05 GMT
etag: "af3a43262ef48e94affcc7ca98286c6a"
last-modified: Wed, 15 May 2024 12:21:05 GMT
server: AmazonS3
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
x-amz-cf-id: pkz5W3u0qRxCx7i2RG8SJMRerTwgLagF7pTUE72Zjb6pLDgKioBnuw==
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

Redirect headers

age: 2
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 88431d418b41bbfd-FRA
content-type: text/html; charset=utf-8
date: Wed, 15 May 2024 12:26:04 GMT
location: https://rosalind-stg.activator.cloud/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-auth0-requestid: c0f1508ed8f45f07373b
x-content-type-options: nosniff

GET
H2 200 ably.min-1.js Show response
cdn.ably.com/lib/ 234 KB
64 KB 58ms
10ms Script
application/javascript 2600:9000:211e:1c00:5:57e9:e553:c21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ably.com/lib/ably.min-1.js
Requested by: Host: rosalind-stg.activator.cloud
URL: https://rosalind-stg.activator.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1c00:5:57e9:e553:c21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a64625eb9dfdc04e88c65f33f03521c11a96d2252e4e0f02e05de3de0624d16

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rosalind-stg.activator.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 9KibkfBYfJHVxzcq7xOeOBhN_ZgOOMB1
content-encoding: gzip
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
date: Tue, 14 May 2024 22:52:45 GMT
x-amz-cf-pop: FRA56-C2
age: 48800
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 21 Mar 2024 17:32:15 GMT
server: AmazonS3
etag: W/"3c85a5ea0a6feab97592d32938de723d"
access-control-max-age: 3000
access-control-allow-methods: POST, GET, HEAD, DELETE, PUT
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: q_35I_Ikl33p7eIbHBhrmMD2OAXM96L4f-HuXCpaFWWHDLZ3dBzTYw==

GET
H2

200

style.css
cdn.icomoon.io/214395/Blackburn/
Redirect Chain

https://d1azc1qln24ryf.cloudfront.net/214395/Blackburn/style.css?ai2fyf
https://cdn.icomoon.io/214395/Blackburn/style.css

17 KB
3 KB

52ms
9ms

Stylesheet
text/css

138.199.36.10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.icomoon.io/214395/Blackburn/style.css
Requested by: Host: rosalind-stg.activator.cloud
URL: https://rosalind-stg.activator.cloud/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 059fb6408b023be9375aac48d6af916cb0160f5f63fc0bee079fc9aea313156a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://rosalind-stg.activator.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 15 May 2024 12:26:04 GMT
content-encoding: br
cdn-edgestorageid: 860
cdn-cachedat: 05/13/2024 05:58:34
cdn-pullzone: 1460617
last-modified: Thu, 25 Apr 2024 07:19:50 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"bc97d6aa807c89a0c75819c080218344"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 95ff04b1aa3a47648fd09edb9020cb3c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Wed, 15 May 2024 12:26:04 GMT
via: 1.1 38f46facdae93530546676e451869f4c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P5
vary: Origin
x-cache: FunctionGeneratedResponse from cloudfront
location: https://cdn.icomoon.io/214395/Blackburn/style.css
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: N2YNInmfcAcWCJNmzRjCLflpcsahlSElGQiIEDtjl6p5asObxekPBQ==

GET
H2 200 index-B4g0xtzl.js Show response
rosalind-stg.activator.cloud/assets/ 4 MB
1 MB 145ms
144ms Script
text/javascript 13.33.187.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rosalind-stg.activator.cloud/assets/index-B4g0xtzl.js
Requested by: Host: rosalind-stg.activator.cloud
URL: https://rosalind-stg.activator.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17c6af4b4b897779d2c1bad25337431d284795510f236ffcda19f72185216808

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rosalind-stg.activator.cloud/
Origin: https://rosalind-stg.activator.cloud
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:26:05 GMT
content-encoding: gzip
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
last-modified: Wed, 15 May 2024 12:21:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
etag: W/"f7a91cd2e3d89264107d9115d0ebbeb1"
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: POST, GET, HEAD, DELETE, PUT
content-type: text/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-amz-cf-id: 77APOFBqpb646sve_6I7RqjJQYR4FEn6_KrHscFoE-P7xF0CMPxelg==

GET
H2 200 index-DfSq7NNi.css
rosalind-stg.activator.cloud/assets/ 839 KB
111 KB 71ms
71ms Stylesheet
text/css 13.33.187.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rosalind-stg.activator.cloud/assets/index-DfSq7NNi.css
Requested by: Host: rosalind-stg.activator.cloud
URL: https://rosalind-stg.activator.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e4b1f7344b42988b886503b90500435e31cb9e5d3467ff722f1474abb3ed630

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rosalind-stg.activator.cloud/
Origin: https://rosalind-stg.activator.cloud
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:26:05 GMT
content-encoding: gzip
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
last-modified: Wed, 15 May 2024 12:21:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
etag: W/"96fdacf57a3b2bcf2c41fa732e12e06e"
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: POST, GET, HEAD, DELETE, PUT
content-type: text/css
access-control-allow-origin: *
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-amz-cf-id: YOkv8NMXhJAqvJmj9Yg3-pnXG2ytsHtpYMH2TAlswvGC6aJOMW4NyQ==

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
835 B 38ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500&display=swap

Requested by

Host: rosalind-stg.activator.cloud
URL: https://rosalind-stg.activator.cloud/assets/index-DfSq7NNi.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dbff13d97513108c8e0da70575cc5b79a250927dea752f51fbc942317645d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rosalind-stg.activator.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 May 2024 12:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 May 2024 12:03:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 May 2024 12:26:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ 779 B
464 B 44ms
22ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Mono&display=swap

Requested by

Host: rosalind-stg.activator.cloud
URL: https://rosalind-stg.activator.cloud/assets/index-DfSq7NNi.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

607b5918e6bae9995819772f5e430060b265354a505c27c3f21980d409da41cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rosalind-stg.activator.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 May 2024 12:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 May 2024 12:04:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 May 2024 12:26:04 GMT

GET
H/1.1

200
OK

Primary Request Login Show response
partnerdemo300.aprimo.com/login/Account/
Redirect Chain

https://login.rosalind-stg.activator.cloud/authorize?client_id=UCtq4QQ1URvzUFjuEefeq29MO9hvRVhW&scope=openid+profile+email&audience=rosalind-staging-backend%2FAPI&organization=org_ciTloY153of1pSHV&...
https://login.rosalind-stg.activator.cloud/u/login?state=hqFo2SBBLXFXZjBDUHJYaDROT3ZMSVdUWWQtRGxDcjZiTTZzNaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHdEb1Q4WlVXa1BSbktEUFpabzlqT0F2U0pSbjMwc1Zzo2NpZNkgVUN0cTRR...
https://partnerdemo300.aprimo.com/login/connect/authorize?login_hint=&response_type=code&redirect_uri=https%3A%2F%2Flogin.rosalind-stg.activator.cloud%2Flogin%2Fcallback&scope=api%20offline_access&...
https://partnerdemo300.aprimo.com/login/Account/Login?ReturnUrl=%2Flogin%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Flogin.rosalind-stg.activator.cl...

1 KB
1 KB

36ms
35ms

Document
text/html

51.105.188.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://partnerdemo300.aprimo.com/login/Account/Login?ReturnUrl=%2Flogin%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Flogin.rosalind-stg.activator.cloud%252Flogin%252Fcallback%26scope%3Dapi%2520offline_access%26code_challenge%3DFh-uOA7hCaVdwun7hk-tEZSWczB_cJGa4eImm_3dPBM%26code_challenge_method%3DS256%26state%3D_9I-UC6sUJLZ2ccmADuly889UUsKL3Qn%26client_id%3DC925LM48-C925

Requested by

Host: rosalind-stg.activator.cloud
URL: https://rosalind-stg.activator.cloud/assets/index-B4g0xtzl.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.105.188.104 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1cd4c1e75d8f3d49ca33ec68bcb07293d79c240cfd9c66ca547f5c5921308fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://rosalind-stg.activator.cloud/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Wed, 15 May 2024 12:26:05 GMT
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000
x-aprimo-adc-request-id: 0c2579813be1f096e163e4003a635528
x-aprimo-adc-sid: p09eu2ngx00001y

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 15 May 2024 12:26:05 GMT
Location: https://partnerdemo300.aprimo.com/login/Account/Login?ReturnUrl=%2Flogin%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Flogin.rosalind-stg.activator.cloud%252Flogin%252Fcallback%26scope%3Dapi%2520offline_access%26code_challenge%3DFh-uOA7hCaVdwun7hk-tEZSWczB_cJGa4eImm_3dPBM%26code_challenge_method%3DS256%26state%3D_9I-UC6sUJLZ2ccmADuly889UUsKL3Qn%26client_id%3DC925LM48-C925
Request-Context: appId=cid-v1:ea3da35d-8633-4b1f-8b86-0d05b4be7e66
X-SID: uls-5c6f85bc74-b6bpf
strict-transport-security: max-age=31536000
x-aprimo-adc-request-id: f1f06cf0e5e478fe08afc7aee7bbf259
x-aprimo-adc-sid: p09eu2ngx00001y
x-aprimo-aks-sid: nginx-ingress-pm-r04-ingress-nginx-controller-5f4969cd56-m446r
x-aprimo-request-id: 660a6f3ea6e6d714f5ec688a6211dfc9

GET
H2 200 favicon.ico
rosalind-stg.activator.cloud/ 628 B
975 B 82ms
81ms Other
text/html 13.33.187.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rosalind-stg.activator.cloud/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rosalind-stg.activator.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:26:06 GMT
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
last-modified: Wed, 15 May 2024 12:21:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
etag: "af3a43262ef48e94affcc7ca98286c6a"
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-type: text/html
accept-ranges: bytes
content-length: 628
x-amz-cf-id: jKPbTMjXH1_wPftYEyIboeUHyGlF-Ch8DBbOHdyW2-QCHtPOHXB6gg==

GET
H/1.1 200
OK style.css
partnerdemo300.aprimo.com/error-pages/ 1 KB
1 KB 14ms
14ms Stylesheet
text/css 51.105.188.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://partnerdemo300.aprimo.com/error-pages/style.css

Requested by

Host: partnerdemo300.aprimo.com
URL: https://partnerdemo300.aprimo.com/login/Account/Login?ReturnUrl=%2Flogin%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Flogin.rosalind-stg.activator.cloud%252Flogin%252Fcallback%26scope%3Dapi%2520offline_access%26code_challenge%3DFh-uOA7hCaVdwun7hk-tEZSWczB_cJGa4eImm_3dPBM%26code_challenge_method%3DS256%26state%3D_9I-UC6sUJLZ2ccmADuly889UUsKL3Qn%26client_id%3DC925LM48-C925

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.105.188.104 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e5841fa687ffda3685d9863b59f2f4408c05e4d6cc20bd8201757c428a5f3f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://partnerdemo300.aprimo.com/login/Account/Login?ReturnUrl=%2Flogin%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Flogin.rosalind-stg.activator.cloud%252Flogin%252Fcallback%26scope%3Dapi%2520offline_access%26code_challenge%3DFh-uOA7hCaVdwun7hk-tEZSWczB_cJGa4eImm_3dPBM%26code_challenge_method%3DS256%26state%3D_9I-UC6sUJLZ2ccmADuly889UUsKL3Qn%26client_id%3DC925LM48-C925
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 12:26:05 GMT
strict-transport-security: max-age=31536000
x-aprimo-adc-request-id: c922e4ce4142991e8d32973aedafe237
Last-Modified: Fri, 10 May 2024 06:35:58 GMT
ETag: "663dc04e-40b"
Content-Type: text/css
x-aprimo-adc-sid: p09eu2ngx00001y
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1035

GET
H/1.1 404
Not Found favicon.ico
partnerdemo300.aprimo.com/ 584 B
875 B 14ms
14ms Other
text/html 51.105.188.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://partnerdemo300.aprimo.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.105.188.104 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b2fbf927d9813f99ec1322a47bef556fe287552998a28de6b6d4ae165a0f2611

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://partnerdemo300.aprimo.com/login/Account/Login?ReturnUrl=%2Flogin%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Flogin.rosalind-stg.activator.cloud%252Flogin%252Fcallback%26scope%3Dapi%2520offline_access%26code_challenge%3DFh-uOA7hCaVdwun7hk-tEZSWczB_cJGa4eImm_3dPBM%26code_challenge_method%3DS256%26state%3D_9I-UC6sUJLZ2ccmADuly889UUsKL3Qn%26client_id%3DC925LM48-C925
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 12:26:06 GMT
strict-transport-security: max-age=31536000
x-aprimo-adc-sid: p09eu2ngx00001y
x-aprimo-adc-request-id: 982d056ba2c05206a8658e8655690cfb
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| button

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.rosalind-stg.activator.cloud/	1970-01-21 05:22:13	Name: did Value: s%3Av0%3A4ce04a10-12b6-11ef-8190-79ccb2c1a314.rDUQ1eJF0tAkyGSslZ%2F3VTskv7WG5W7Y%2FoP%2B4P5qaOk
login.rosalind-stg.activator.cloud/	1970-01-20 20:40:35	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQK5hBm4BizgPn_V8KL_KJ5QZJrz3KAZIloEx9wgYKZ4ZTn_8qF-l5xIWYbwHtGQ-cNXFLZIHLC1DYuRNVrKhld6mY29va2llg6dleHBpcmVz1_-Ha_gAZkieXa5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.gLGvt8GbPvGpaog63%2FJJFHgBr4sck6TY0rFI%2FTts%2FBE
login.rosalind-stg.activator.cloud/	1970-01-21 05:22:13	Name: did_compat Value: s%3Av0%3A4ce04a10-12b6-11ef-8190-79ccb2c1a314.rDUQ1eJF0tAkyGSslZ%2F3VTskv7WG5W7Y%2FoP%2B4P5qaOk
login.rosalind-stg.activator.cloud/	1970-01-20 20:40:35	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQK5hBm4BizgPn_V8KL_KJ5QZJrz3KAZIloEx9wgYKZ4ZTn_8qF-l5xIWYbwHtGQ-cNXFLZIHLC1DYuRNVrKhld6mY29va2llg6dleHBpcmVz1_-Ha_gAZkieXa5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.gLGvt8GbPvGpaog63%2FJJFHgBr4sck6TY0rFI%2FTts%2FBE
.login.rosalind-stg.activator.cloud/	1970-01-20 20:36:17	Name: __cf_bm Value: k9pVJJyb8OpBCfZnLEC8uNsy4YtBm3yM9DVb6_9h1PM-1715775965-1.0.1.1-zReBcAgoC82PUM6hSutPb7G4.9Xx7SPvfMpu2PviWVfbn6PpBD7JAriGhi8s3NJ0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://partnerdemo300.aprimo.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ably.com
cdn.icomoon.io
d1azc1qln24ryf.cloudfront.net
fonts.googleapis.com
login.rosalind-stg.activator.cloud
partnerdemo300.aprimo.com
rosalind-stg.activator.cloud
104.19.153.19
13.33.187.66
138.199.36.10
2600:9000:20ae:f000:16:fecd:21c0:21
2600:9000:211e:1c00:5:57e9:e553:c21
2606:4700::6813:9813
2a00:1450:4001:81c::200a
51.105.188.104
03be12e8add38805766743dbf6ec7c8c5bb39a099709029ca7baff99b6160f41
059fb6408b023be9375aac48d6af916cb0160f5f63fc0bee079fc9aea313156a
0e4b1f7344b42988b886503b90500435e31cb9e5d3467ff722f1474abb3ed630
17c6af4b4b897779d2c1bad25337431d284795510f236ffcda19f72185216808
1cd4c1e75d8f3d49ca33ec68bcb07293d79c240cfd9c66ca547f5c5921308fec
4dbff13d97513108c8e0da70575cc5b79a250927dea752f51fbc942317645d52
607b5918e6bae9995819772f5e430060b265354a505c27c3f21980d409da41cd
9a64625eb9dfdc04e88c65f33f03521c11a96d2252e4e0f02e05de3de0624d16
b2fbf927d9813f99ec1322a47bef556fe287552998a28de6b6d4ae165a0f2611
e5841fa687ffda3685d9863b59f2f4408c05e4d6cc20bd8201757c428a5f3f81

partnerdemo300.aprimo.com Open in urlscan Pro 51.105.188.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

91 %HTTPS

50 %IPv6

6 Domains

7 Subdomains

5 IPs

4 Countries

1486 kBTransfer

5170 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

partnerdemo300.aprimo.com Open in urlscan Pro
51.105.188.104 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

5
IPs

4
Countries

1486 kB
Transfer

5170 kB
Size

5
Cookies

11 HTTP transactions
0 data transactions