urlscan.io logo urlscan.io
SecurityTrails logo

login.rsm.global Open in urlscan Pro
3.33.238.178  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.rsmlink.global/
Effective URL: https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3...
Submission: On January 30 via manual from NO — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 26 HTTP transactions. The main IP is 3.33.238.178, located in United States and belongs to AMAZON-02, US. The main domain is login.rsm.global.
TLS certificate: Issued by R3 on January 4th 2024. Valid for: 3 months.
This is the only time login.rsm.global was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 82.163.233.25 198736 (STREAMNET...)
1 1 20.49.174.206 8075 (MICROSOFT...)
3 3.33.238.178 16509 (AMAZON-02)
9 13.225.78.98 16509 (AMAZON-02)
8 104.18.70.113 13335 (CLOUDFLAR...)
2 108.138.7.126 16509 (AMAZON-02)
3 104.16.51.111 13335 (CLOUDFLAR...)
26 6
3    82.163.233.25 (Banbury, United Kingdom)

ASN198736 (STREAMNETWORKS, GB)
www.rsmlink.global
1    20.49.174.206 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rsmapplications.rsmlink.global
3    3.33.238.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac4b547508e00da8e.awsglobalaccelerator.com
login.rsm.global
9    13.225.78.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-98.fra2.r.cloudfront.net
ok9static.oktacdn.com
8    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
2    108.138.7.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-126.fra56.r.cloudfront.net
login.okta.com
3    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
rsmloginsupport.zendesk.com
Apex Domain
Subdomains		 Transfer
9 oktacdn.com
ok9static.oktacdn.com — Cisco Umbrella Rank: 35227
1 MB
8 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2047
ekr.zdassets.com — Cisco Umbrella Rank: 2364
214 KB
4 rsmlink.global
www.rsmlink.global
rsmapplications.rsmlink.global
3 KB
3 zendesk.com
rsmloginsupport.zendesk.com
1 KB
3 rsm.global
login.rsm.global
25 KB
2 okta.com
login.okta.com — Cisco Umbrella Rank: 4349
97 KB
26 6
Domain Requested by
9 ok9static.oktacdn.com login.rsm.global
ok9static.oktacdn.com
7 static.zdassets.com login.rsm.global
static.zdassets.com
3 rsmloginsupport.zendesk.com static.zdassets.com
3 login.rsm.global login.rsm.global
ok9static.oktacdn.com
3 www.rsmlink.global 2 redirects
2 login.okta.com ok9static.oktacdn.com
login.okta.com
1 ekr.zdassets.com static.zdassets.com
1 rsmapplications.rsmlink.global 1 redirects
26 8

This site contains links to these domains. Also see Links.

Domain
www.rsm.global
Subject Issuer Validity Valid
*.rsmlink.global
GeoTrust RSA CA 2018		 2023-02-13 -
2024-02-27		 a year crt.sh
login.rsm.global
R3		 2024-01-04 -
2024-04-03		 3 months crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-15 -
2025-01-02		 a year crt.sh
zdassets.com
E1		 2024-01-04 -
2024-04-03		 3 months crt.sh
accounts.okta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2024-07-24		 a year crt.sh
rsmloginsupport.zendesk.com
Cloudflare Inc ECC CA-3		 2023-09-30 -
2024-09-29		 a year crt.sh

This page contains 3 frames:

Primary Page: https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3F2q1AFT417&wctx=/Pages/PostSSOLoginRedirection.aspx?ReturnUrl=https://www.rsmlink.global/engageAuth/authenticate.aspx?redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
Frame ID: E39C8B6C60BE94DD4BD881C1F4C3171E
Requests: 15 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: 022A5B0809BCE1D4444474F5BAC5F3F6
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Frame ID: 0AD93BA172852E24CEF512EAFF493D13
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

rsmglobal - Sign In

Page URL History Show full URLs

  1. https://www.rsmlink.global/ HTTP 302
    https://www.rsmlink.global/sorce/ HTTP 302
    https://www.rsmlink.global/engageAuth/authenticate.aspx?otk=taVcjiVZk0cO%2bvSg7PFM8gWWF4oqplZi&redirect... Page URL
  2. https://rsmapplications.rsmlink.global/_layouts/15/RSM.ConnectPlus/Login.aspx?ReturnURL=https%3a%2f%2fwww.rsmlink.g... HTTP 302
    https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

6
IPs

3
Countries

1869 kB
Transfer

3878 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.rsmlink.global/ HTTP 302
    https://www.rsmlink.global/sorce/ HTTP 302
    https://www.rsmlink.global/engageAuth/authenticate.aspx?otk=taVcjiVZk0cO%2bvSg7PFM8gWWF4oqplZi&redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx Page URL
  2. https://rsmapplications.rsmlink.global/_layouts/15/RSM.ConnectPlus/Login.aspx?ReturnURL=https%3a%2f%2fwww.rsmlink.global%2fengageAuth%2fauthenticate.aspx%3fredirect%3dhttps%253a%252f%252fwww.rsmlink.global%253a443%252fsorce%252fdefault.aspx HTTP 302
    https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3F2q1AFT417&wctx=/Pages/PostSSOLoginRedirection.aspx?ReturnUrl=https://www.rsmlink.global/engageAuth/authenticate.aspx?redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.rsmlink.global/ HTTP 302
  • https://www.rsmlink.global/sorce/ HTTP 302
  • https://www.rsmlink.global/engageAuth/authenticate.aspx?otk=taVcjiVZk0cO%2bvSg7PFM8gWWF4oqplZi&redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
authenticate.aspx
www.rsmlink.global/engageAuth/
Redirect Chain
  • https://www.rsmlink.global/
  • https://www.rsmlink.global/sorce/
  • https://www.rsmlink.global/engageAuth/authenticate.aspx?otk=taVcjiVZk0cO%2bvSg7PFM8gWWF4oqplZi&redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
284 B
449 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rsmlink.global/engageAuth/authenticate.aspx?otk=taVcjiVZk0cO%2bvSg7PFM8gWWF4oqplZi&redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.163.233.25 Banbury, United Kingdom, ASN198736 (STREAMNETWORKS, GB),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26e4b9aa328a59d2ca486dcf53d51238062838733f91959f047b3098f46d4145
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-length
284
content-type
text/html; charset=utf-8
date
Tue, 30 Jan 2024 10:52:53 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
strict-transport-security
max-age=0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET

Redirect headers

cache-control
no-cache
content-security-policy
style-src p.typekit.net fonts.googleapis.com/css fonts.googleapis.com/css2 use.typekit.net 'unsafe-inline' 'self'; img-src data: www.w3c.org 'self'; script-src munchkin.marketo.net www.googletagmanager.com/gtag/js www.google-analytics.com 'unsafe-inline' 'unsafe-eval' 'self'; connect-src www.google-analytics.com 'self'; frame-ancestors 'self'; frame-src rsmint.eu.qualtrics.com takingchargeofchange.global countdown.rsmmissiontransform.global *.issuu.com vimeo.com *.vimeo.com logictry.com *.adobe.com *.youtube.com 'self'; font-src data: fonts.gstatic.com use.typekit.net 'self'; default-src 'self';
content-type
text/html; charset=utf-8
date
Tue, 30 Jan 2024 10:52:53 GMT
expires
-1
location
https://www.rsmlink.global/engageAuth/authenticate.aspx?otk=taVcjiVZk0cO%2bvSg7PFM8gWWF4oqplZi&redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
pragma
no-cache
server
Microsoft-IIS/10.0
strict-transport-security
max-age=0
x-ua-compatible
IE=edge
Primary Request passive
login.rsm.global//app/sharepoint_onpremise/sso/wsfed/
Redirect Chain
  • https://rsmapplications.rsmlink.global/_layouts/15/RSM.ConnectPlus/Login.aspx?ReturnURL=https%3a%2f%2fwww.rsmlink.global%2fengageAuth%2fauthenticate.aspx%3fredirect%3dhttps%253a%252f%252fwww.rsmlin...
  • https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3F2q1AFT417&wctx=/Pages/PostSSOLoginRedirection.aspx?ReturnUrl=https://www.rs...
16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3F2q1AFT417&wctx=/Pages/PostSSOLoginRedirection.aspx?ReturnUrl=https://www.rsmlink.global/engageAuth/authenticate.aspx?redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.238.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac4b547508e00da8e.awsglobalaccelerator.com
Software
nginx /
Resource Hash
0b7ea65af03a1ecd7d759fab1e0e7717b642dadeef9c10595f3232faf293ab9c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri https://oktacsp.report-uri.com/r/t/csp/enforce; report-to csp
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.rsmlink.global/engageAuth/authenticate.aspx?otk=taVcjiVZk0cO%2bvSg7PFM8gWWF4oqplZi&redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Tue, 30 Jan 2024 10:52:55 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
accept-ch
Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store
content-language
en
content-security-policy
frame-ancestors 'self'; report-uri https://oktacsp.report-uri.com/r/t/csp/enforce; report-to csp
content-security-policy-report-only
frame-ancestors 'self'
expires
0
p3p
CP="HONK"
pragma
no-cache
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://oktacsp.report-uri.com/a/t/g"}],"include_subdomains":true}
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-okta-request-id
ZbjVB2U84ev_EPQCoewkaQAABO4
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1706612035
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
8841
Content-Security-Policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com;
Content-Type
text/html; charset=utf-8
Date
Tue, 30 Jan 2024 10:52:54 GMT
Location
https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3F2q1AFT417&wctx=/Pages/PostSSOLoginRedirection.aspx?ReturnUrl=https://www.rsmlink.global/engageAuth/authenticate.aspx?redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
MicrosoftSharePointTeamServices
16.0.0.5412
SPIisLatency
1
SPRequestDuration
34
SPRequestGuid
cfc206a1-41af-00d4-2da9-aa3932e0488e
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
SAMEORIGIN
X-MS-InvokeApp
1; RequireReadOnly
X-Powered-By
ASP.NET
X-SharePointHealthScore
0
request-id
cfc206a1-41af-00d4-2da9-aa3932e0488e
style-sheet
login.rsm.global/api/internal/brand/theme/ 		606 B
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.rsm.global/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=027a3260f8b27564c78237d9e84ab1e508b355b4463a94fbcbe244291127a94d9e7164df968325c3e13742b93e958ed7
Requested by
Host: login.rsm.global
URL: https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3F2q1AFT417&wctx=/Pages/PostSSOLoginRedirection.aspx?ReturnUrl=https://www.rsmlink.global/engageAuth/authenticate.aspx?redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.238.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac4b547508e00da8e.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e06eba5b6082d7f1bf2dfd8be6096e1bb93fc4a3d1748b4c02b85ff33e56f60d
Security Headers
Name Value
Content-Security-Policy default-src 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com; connect-src 'self' rsmglobal.okta.com rsmglobal-admin.okta.com login.rsm.global *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com rsmglobal.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com; style-src 'unsafe-inline' 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com; frame-src 'self' rsmglobal.okta.com rsmglobal-admin.okta.com login.rsm.global login.okta.com com-okta-authenticator:; img-src 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' rsmglobal.okta.com login.rsm.global data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3F2q1AFT417&wctx=/Pages/PostSSOLoginRedirection.aspx?ReturnUrl=https://www.rsmlink.global/engageAuth/authenticate.aspx?redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-okta-request-id
ZbjVB2U84ev_EPQCoewkdAAABO4
Date
Tue, 30 Jan 2024 10:52:55 GMT
content-security-policy
default-src 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com; connect-src 'self' rsmglobal.okta.com rsmglobal-admin.okta.com login.rsm.global *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com rsmglobal.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com; style-src 'unsafe-inline' 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com; frame-src 'self' rsmglobal.okta.com rsmglobal-admin.okta.com login.rsm.global login.okta.com com-okta-authenticator:; img-src 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' rsmglobal.okta.com login.rsm.global data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit
2400
x-content-type-options
nosniff
Content-Encoding
gzip
x-rate-limit-remaining
2398
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
Vary
Accept-Encoding
Content-Type
text/css
x-rate-limit-reset
1706612009
cache-control
max-age=31536000, must-revalidate
Keep-Alive
timeout=5, max=99
expires
Wed, 29 Jan 2025 10:52:55 GMT
okta-sign-in.min.js
ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/js/ 		2 MB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/js/okta-sign-in.min.js
Requested by
Host: login.rsm.global
URL: https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3F2q1AFT417&wctx=/Pages/PostSSOLoginRedirection.aspx?ReturnUrl=https://www.rsmlink.global/engageAuth/authenticate.aspx?redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
9daf3347512399224f539e52835e58e95719f510297e544fed33e18a99bda076
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.rsm.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 07:45:52 GMT
x-amz-meta-sha1sum
780804dd723a375058f81c58c0d4d8f9c3e85a0a
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
1393623
x-cache
Hit from cloudfront
last-modified
Tue, 29 Nov 2022 18:48:32 GMT
server
nginx
etag
W/"e1e293ebd34a4b6e2155c41f9eed7073"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
sEcDiu-PSAy6bXFq4k_0k3CFf5YwmirJkcmqHPqs8RhI2B4ByiPnrw==
expires
Mon, 13 Jan 2025 07:45:52 GMT
okta-sign-in.min.css
ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/css/ 		222 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/css/okta-sign-in.min.css
Requested by
Host: login.rsm.global
URL: https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3F2q1AFT417&wctx=/Pages/PostSSOLoginRedirection.aspx?ReturnUrl=https://www.rsmlink.global/engageAuth/authenticate.aspx?redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
f82da44225ccffe54b17728bca07164af78a2807ca5c0f22bae83e07b9877575
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.rsm.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 23:52:17 GMT
x-amz-meta-sha1sum
f89344013d233a955e8765deee6ec272f477f859
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
1076438
x-cache
Hit from cloudfront
last-modified
Tue, 29 Nov 2022 18:47:36 GMT
server
nginx
etag
W/"c9bf93734c591718e3e48bf20e27845a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
R8V4s0MEr19ghmyjMM5SVwSfwIqF8J88E7trkURNE5wHvcY9pJOgDw==
expires
Thu, 16 Jan 2025 23:52:17 GMT
custom-signin.737a914842b846fb44d117b7a2900fcb.css
ok9static.oktacdn.com/assets/loginpage/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/loginpage/css/custom-signin.737a914842b846fb44d117b7a2900fcb.css
Requested by
Host: login.rsm.global
URL: https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3F2q1AFT417&wctx=/Pages/PostSSOLoginRedirection.aspx?ReturnUrl=https://www.rsmlink.global/engageAuth/authenticate.aspx?redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
40da9031157c48968b99f3765f874400bbc5389fa5c7198894defc6ec137a5ba
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.rsm.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-sha1sum
f4435f7649134c3a393983234d53ddec02cd33b4
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
date
Sun, 28 Jan 2024 16:15:54 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
153421
x-cache
Hit from cloudfront
last-modified
Tue, 07 Nov 2023 18:55:34 GMT
server
nginx
etag
W/"737a914842b846fb44d117b7a2900fcb"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
zl5xssrIz82omUBV6MG6LsKVyDSXQYSKvU6p0dOed-U9QtSObqauwQ==
expires
Mon, 27 Jan 2025 16:15:54 GMT
fs080llxfrg0DxsUi417
ok9static.oktacdn.com/fs/bco/1/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok9static.oktacdn.com/fs/bco/1/fs080llxfrg0DxsUi417
Requested by
Host: login.rsm.global
URL: https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3F2q1AFT417&wctx=/Pages/PostSSOLoginRedirection.aspx?ReturnUrl=https://www.rsmlink.global/engageAuth/authenticate.aspx?redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
fee96903a1903ed87d700fd057e6b2d7bb591588225ce7c38fc008e5729f8efb
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.rsm.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 07:04:54 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
1136881
x-cache
Hit from cloudfront
content-length
3531
last-modified
Wed, 21 Jun 2023 20:51:34 GMT
server
nginx
etag
"6c61d9bb0706b44727fd7a69b273860e"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
eT31duxFY0c2gtSs6DJDXnoKOLteE9HvTMf3JJ_Z298pFLex7ElcFg==
expires
Thu, 16 Jan 2025 07:04:54 GMT
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=91344861-db82-4c50-b9c9-5b1e935dbc04
Requested by
Host: login.rsm.global
URL: https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3F2q1AFT417&wctx=/Pages/PostSSOLoginRedirection.aspx?ReturnUrl=https://www.rsmlink.global/engageAuth/authenticate.aspx?redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.rsm.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:52:55 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
9X4B0G1GWNB25PJG
age
18
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-amz-id-2
4OYei3DkpSYkS6dKBDFbZjtSdVexoHjQ1eS9Mf3MCmEOCurZC/+Isbd1AVVpsiKAmJ7FWWviPJSrjy0q3mZxeg==
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ye4vW5u0YwxpsYJummC1VfLHdUqYcvBHXm53W9IEFXY%2BXKAb9sbpo2EAmgBuC2N%2FJbtkQFiE7vLx0LGW1sTpQmZ3fW0XKolKQA65WHPsZPfrhKLexFnHWEu2Z3Jb1bpRmAOX1o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
84d92b111e936347-LHR
initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
ok9static.oktacdn.com/assets/js/mvc/loginpage/ 		204 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
Requested by
Host:
URL: OktaUtil.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.rsm.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 09:31:57 GMT
x-amz-meta-sha1sum
91eca02abf11239ec4af7a30b1da6e2610f1b9a6
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
1300859
x-cache
Hit from cloudfront
last-modified
Tue, 07 Nov 2023 18:55:17 GMT
server
nginx
etag
W/"58de3be0c9b511a0fdfd7ea4f69b56fc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
LjqTsclhtgPBr7Vtig2cPwkNcKE7sX1JlukNfyUgdYa0FFs6UIY9mA==
expires
Tue, 14 Jan 2025 09:31:57 GMT
fs0b10gme99k5n0P6417
ok9static.oktacdn.com/fs/bco/7/ 		860 KB
861 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok9static.oktacdn.com/fs/bco/7/fs0b10gme99k5n0P6417
Requested by
Host: login.rsm.global
URL: https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3F2q1AFT417&wctx=/Pages/PostSSOLoginRedirection.aspx?ReturnUrl=https://www.rsmlink.global/engageAuth/authenticate.aspx?redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
d639277e40379f8da6b7a7e3a8f6ddb9767c9012babdb8e7222ce06ebc06c4ac
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.rsm.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 10:56:22 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
863794
x-cache
Hit from cloudfront
content-length
880655
last-modified
Sat, 20 Jan 2024 10:46:32 GMT
server
nginx
etag
"384aaf0e490a6c5a6a13093dd3eef106"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
VMNUjgnwUQ6dujJostvzroPRYlOW55ldIVuUfolEOPo4UfmI0nPiuw==
expires
Sun, 19 Jan 2025 10:56:22 GMT
91344861-db82-4c50-b9c9-5b1e935dbc04
ekr.zdassets.com/compose/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/91344861-db82-4c50-b9c9-5b1e935dbc04
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=91344861-db82-4c50-b9c9-5b1e935dbc04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454ec75142ffa975454c8443545d38dc67b385b0f9ef5d0c54326b4f12dd4eb8
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.rsm.global/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:52:56 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8308f917ec95899a-SEA, 8308f917ec95899a-SEA
x-runtime
0.009372
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"454ec75142ffa975454c8443545d38dc"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xL7fb4MNW%2FT5%2BSZvc299vsyyer%2FJBcw5EUVVGbn%2FldkU3DKwGU%2BahW8Ud9kBETC%2Bhl15ir%2BHAQEdQ3DTcXvbSpov30eXOmupNpXj9c8Hjy7451oN15ZFmndD0JZPtX2i1II%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
84d92b13793776f6-LHR
introspect
login.rsm.global/idp/idx/ 		12 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.rsm.global/idp/idx/introspect
Requested by
Host: ok9static.oktacdn.com
URL: https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/js/okta-sign-in.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.238.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac4b547508e00da8e.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2e61b943e8a6ac3dbea3faf3f359e41178b8fc3cc03a719217967c7864e00177
Security Headers
Name Value
Content-Security-Policy default-src 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com; connect-src 'self' rsmglobal.okta.com rsmglobal-admin.okta.com login.rsm.global *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com rsmglobal.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com; style-src 'unsafe-inline' 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com; frame-src 'self' rsmglobal.okta.com rsmglobal-admin.okta.com login.rsm.global login.okta.com com-okta-authenticator:; img-src 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' rsmglobal.okta.com login.rsm.global data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/ion+json; okta-version=1.0.0
Referer
https://login.rsm.global//app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:okta:sharepoint:exk5klntm3F2q1AFT417&wctx=/Pages/PostSSOLoginRedirection.aspx?ReturnUrl=https://www.rsmlink.global/engageAuth/authenticate.aspx?redirect=https%3a%2f%2fwww.rsmlink.global%3a443%2fsorce%2fdefault.aspx
X-Okta-User-Agent-Extended
okta-auth-js/6.9.0 okta-signin-widget-6.9.0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/ion+json; okta-version=1.0.0

Response headers

x-okta-request-id
ZbjVCGU84ev_EPQCoewkhAAABO4
Date
Tue, 30 Jan 2024 10:52:56 GMT
content-security-policy
default-src 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com; connect-src 'self' rsmglobal.okta.com rsmglobal-admin.okta.com login.rsm.global *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com rsmglobal.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com; style-src 'unsafe-inline' 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com; frame-src 'self' rsmglobal.okta.com rsmglobal-admin.okta.com login.rsm.global login.okta.com com-okta-authenticator:; img-src 'self' rsmglobal.okta.com login.rsm.global *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' rsmglobal.okta.com login.rsm.global data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit
2000
x-content-type-options
nosniff
x-rate-limit-remaining
1997
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
pragma
no-cache
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin
Content-Type
application/ion+json;okta-version=1.0.0
access-control-allow-origin
https://login.rsm.global
x-rate-limit-reset
1706612012
access-control-allow-credentials
true
cache-control
no-cache, no-store
X-Robots-Tag
noindex,nofollow
Keep-Alive
timeout=5, max=98
expires
0
iframe.html
login.okta.com/discovery/ Frame 022A 		451 B
955 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: ok9static.oktacdn.com
URL: https://ok9static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04e5a6a734bb7d87c3edca98ab40003f8972aba152440e7df17bda26d9ce0f8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://login.rsm.global/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Age
28849
Connection
keep-alive
Content-Length
451
Content-Type
text/html
Date
Tue, 30 Jan 2024 02:52:08 GMT
ETag
"fe4139cbc5a13528dbecbf548e6dd39c"
Last-Modified
Wed, 01 Nov 2023 16:07:38 GMT
Server
AmazonS3
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
X-Amz-Cf-Id
DhTIleBqb_xwPrLichBe63Av05Zf73NWL6_qM8gZJtX4lmEPl2co5A==
X-Amz-Cf-Pop
FRA56-P6
X-Cache
Hit from cloudfront
checkbox-sign-in-widget.png
ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: ok9static.oktacdn.com
URL: https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-sha1sum
e0bb021ffdf93c68fef44de2a3b08f378b6fb50a
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
date
Tue, 30 Jan 2024 02:11:11 GMT
x-amz-cf-pop
FRA2-C2
age
31305
x-cache
Hit from cloudfront
content-length
3141
last-modified
Tue, 29 Nov 2022 18:47:37 GMT
server
nginx
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
spF8soja2_kQYj-bXtIVdcoaGFwhG6V69SxQIUikAWqimpCYLrVM3g==
expires
Wed, 29 Jan 2025 02:11:11 GMT
proximanova-sbold-webfont.41acb8650115f83780fc.woff2
ok9static.oktacdn.com/assets/loginpage/font/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/loginpage/font/assets/proximanova-sbold-webfont.41acb8650115f83780fc.woff2
Requested by
Host: ok9static.oktacdn.com
URL: https://ok9static.oktacdn.com/assets/loginpage/css/custom-signin.737a914842b846fb44d117b7a2900fcb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ok9static.oktacdn.com/assets/loginpage/css/custom-signin.737a914842b846fb44d117b7a2900fcb.css
Origin
https://login.rsm.global
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:51:46 GMT
x-amz-meta-sha1sum
dd4beda27e8057403b27d1276ca9d68902692615
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
FRA2-C2
age
1242070
x-cache
Hit from cloudfront
content-length
20328
last-modified
Tue, 07 Nov 2023 18:52:06 GMT
server
nginx
etag
"27429b092c0595aa8803b611bd7508f3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
j5S3aW2FOTEfsyCyMEk6jPQbrTISQyPkitn613DcebFqzpJO-gwAdw==
expires
Wed, 15 Jan 2025 01:51:46 GMT
proximanova-reg-webfont.353416ed0ff540352235.woff2
ok9static.oktacdn.com/assets/loginpage/font/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2
Requested by
Host: ok9static.oktacdn.com
URL: https://ok9static.oktacdn.com/assets/loginpage/css/custom-signin.737a914842b846fb44d117b7a2900fcb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ok9static.oktacdn.com/assets/loginpage/css/custom-signin.737a914842b846fb44d117b7a2900fcb.css
Origin
https://login.rsm.global
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 09:32:10 GMT
x-amz-meta-sha1sum
2b5fcd8431953c44e410d0489899e74f6d2cfecc
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
FRA2-C2
age
1300846
x-cache
Hit from cloudfront
content-length
20416
last-modified
Tue, 07 Nov 2023 18:53:48 GMT
server
nginx
etag
"d99a7377dabb55772ca9f986b0a04b57"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
4iWtR1SqDuXsnKoh10V0jnpAREoq84xPeptczmssjPit5qh8u-9gsQ==
expires
Tue, 14 Jan 2025 09:32:10 GMT
web-widget-main-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 0AD9 		435 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=91344861-db82-4c50-b9c9-5b1e935dbc04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8557fabe455b2a528bb3bc78a1586c880f14936fcec7d6d4293b7716073982
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:52:56 GMT
x-amz-version-id
RqZIDjLbqQCJse5.5YPoIz6l3bVKH2F9
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FSF5803D2MZ177K
age
4867440
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
s6NVEjlxQ0X409+93Y+AyzPpDVdCnUzkj58R435QREy4lvYOga3kZ8DuxKYs3kScc5mlXhydQ7o=
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"531e7cd49856ceac1ab739dee1bd9825"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUN4VEPbAyDgzWIDy%2FJesdaQ1%2BNWFcZDMd0VccciQ%2BVACqfF7XACAucwcYrViNMlktlG5TsdNoa93SgC9i7ay9SvzIUr04zjek5xVw%2BtV79CLkT3SYZ7gub%2FqpjZnYS%2BfSekg9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
84d92b14ce816347-LHR
expires
Wed, 04 Dec 2024 00:28:35 GMT
en-us-json-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 0AD9 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:52:56 GMT
x-amz-version-id
0TD6PAWfsyxN8kJamulTpqLVZArSSWuB
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FS8D41MZJZMYG1B
age
4867434
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
MlQYiQ2dqb9h/OIVYc60rdAWwzi2m98faLu/nzTPmQXpoeHOhtgWXpnmexReeLW5Qx210z3PGrY=
last-modified
Tue, 05 Dec 2023 00:28:38 GMT
server
cloudflare
etag
W/"2d7a163ff937b4b9ea7ab13e6c8dfadf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VW1tLdcEZp3nMpjqEo2AjViWsaZEkWzafp4LysMpujYt7eKhVh8p95QCvJOyOY7W41xAzbWsnvmGP7hb13iRfE8DMAty045jNYUrYOloErEcn0NAqUSrBZBl7WkWDZpL8x%2BAsYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
84d92b15a8406347-LHR
expires
Wed, 04 Dec 2024 00:28:37 GMT
web-widget-4852-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 0AD9 		139 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:52:56 GMT
x-amz-version-id
rgQyDw8mO5OrfYenQWJeUHQhMhROhIV.
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FS6K6N3BED5C9DX
age
4867440
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
mZYDmVwtmpMlbyBFUcvQAyVxK3nKNxXriZZENjdf3EjmZopRc63mtrIJzjjk+FTJoP0ZDs3BETM=
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"ea51d3eb674c1f286144bbe26ba05c86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OXSD8V%2BRntYQ6l9pk3ZYo%2F4%2BxUNl7x0pQe526%2BhRKPcI50awFzwQBFt7RwxwEryTqBlAZ9DPCqmnC7PlUWoKEZ86FUsfh%2F5xQVaYUrEMnYBYzYIy244O03mDN5dXPFee2E8WVM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
84d92b15a8426347-LHR
expires
Wed, 04 Dec 2024 00:28:35 GMT
web-widget-519-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 0AD9 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:52:56 GMT
x-amz-version-id
GVsqCvOfUiBJYIwZLFLTQX5MyDUCOwc2
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FS3V2M4QJ2ZK33P
age
4867440
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ZcwJ01puBTNkg0AiqHh4Jwsz8eTxW4l9Gmz7kmYejNT5ylWWy39mTLN7KSZvvQMqOIGQL7p8G4s=
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"1c9884a2069c7bec6b20dac62004eb1b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENqY8y9xa%2BRXxq4IMZlEsn9A4k4Hso0wpv8uEXSnjSiljzpAiGM27OePHTROTnR9R7TdAgEVlF5eZryjDdtXLN3Zddkx%2BNwq0NSq4fg6QhDrPxiRbak%2BCU5%2BPe%2Fp1mzeivbRJ9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
84d92b15c8786347-LHR
expires
Wed, 04 Dec 2024 00:28:35 GMT
web-widget-5178-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 0AD9 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:52:56 GMT
x-amz-version-id
NLi469M1WczuGaqZLXtxIgWwTh.1j.zh
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FS7C58SVHM9XWRN
age
4867440
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
UHe8in2/NNlJQ8+xqDERT39dCXeKxCJVrG2UC/shLH4h+ZNVARF4OnkmVkfqjVmg/Z5Cp8G4Dco=
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"11034f049f5eef05b26ed292ac59e1fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vcsh%2BfsBjW6DuAHqGUPDUZ4%2B3pHAXAbIFje%2B4nwFL7fo%2FkJHSGbT6xKg5Nqv9DnLclHD4j%2FBNWrZPWdqg2PWXCCBuJo3rrfTsc2k5Fy6DOPb1Z6oVgtzZR9CRbbcWcK2D8CdpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
84d92b15c87d6347-LHR
expires
Wed, 04 Dec 2024 00:28:35 GMT
web-widget-9535-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 0AD9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:52:56 GMT
x-amz-version-id
ty1N93CTNGjm.TymHP.kwa5RR_YIsyxf
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FS0JNEYMFMYAKH2
age
4867440
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
KZ6JU9UjGIwkXQxX79VJPt5IBQz+RyTOOPzgoaj8Fyg4FIN4CX5ErJSJSDOj+qVg7hRI7zO5uEc=
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"d46547a6c79c8800ac99ed5408528a12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfUzEN2j1amKCde3GRZeFxTCIi34Haj8qyXYQp7r3x%2BJnVIqsNejn5%2BtwzDDQbISTbHVRqeSQfAkFlKZ1jSuZJ%2BsR0GkjrEfWeaGLgpReS%2FXdRb8LsFh9vgc%2FEdX2u3UKiBeVtQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
84d92b15c87f6347-LHR
expires
Wed, 04 Dec 2024 00:28:35 GMT
discoveryIframe-ea9230c42a202475efd8.min.js
login.okta.com/lib/ Frame 022A 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/lib/discoveryIframe-ea9230c42a202475efd8.min.js
Requested by
Host: login.okta.com
URL: https://login.okta.com/discovery/iframe.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
058bb9d17b2131122ad576569715e4e35cc79848433645fba5d768d9627acbd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.okta.com/discovery/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 30 Jan 2024 06:24:53 GMT
Via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 01 Nov 2023 16:07:39 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
16084
ETag
"6ba68ae0d3bea7d2d2d7262b7afe570e"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Content-Length
98194
X-Amz-Cf-Id
GWhWXeZVeDdfLa1gzpNbtIXGkbiTh1z9THBqAW7T49vSQ0AQ8Ud9ZQ==
pv
rsmloginsupport.zendesk.com/frontendevents/ Frame 0AD9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rsmloginsupport.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 30 Jan 2024 10:52:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlaOt41xAoQm8olydGWWzjVaIuFFNy0XuiN2KgUgpSCqMVwHOrgiyQ5xFGFxIClSy3QMGXj7MmFhwmnBM7PBt3XvLoEoWJbsvby4gQeTW1XlGUCTVk8blMABEjxKsW8HLVBBsujotGAHNyEwvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
84d92b177b04d16c-LHR
content-length
0
x-request-id
84d92b177b04d16c-LHR
config
rsmloginsupport.zendesk.com/embeddable/ Frame 0AD9 		823 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rsmloginsupport.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b681005a5f6ffc081b837ec7c0a5f4752e6327f810ee0e79749d7fc4976c53

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:52:56 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-54b9dbf9c8-tklg5
x-cached
MISS
x-request-id
84d92b16fa65d16c-LHR
x-runtime
0.002060
last-modified
Tue, 30 Jan 2024 10:18:24 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zcfa0jEWNuhVMsjkoYH47Z06c8086ebfwmvOiHxygrwxz7wvUYwUMdTZ%2B3dgEVv5QEMT2OwDATPaNz%2FohgAiJHp7q9OwlEItlGJm9qGlx%2BLJ0InnWRpcrTqTNo4NHOuqThwmQUykHqUHl9p0YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
84d92b16fa65d16c-LHR
pv
rsmloginsupport.zendesk.com/frontendevents/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rsmloginsupport.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://login.rsm.global
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
84d92b16fa64d16c-LHR
date
Tue, 30 Jan 2024 10:52:56 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFA1Cu1MlBaCh0PrvNknMS4UB5Nc7tpgFHOlVDvKeDVcfOJFYZbUBitQqarcbtfpK2BTEKVEkLz0yAK8Cj4%2BjWaYiXS8rRSO7IZTLuxObEhnO04wowOJ7uhQglNiLt3OdwoAfc8ZoNtiYGcDng%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
84d92b16fa64d16c-LHR
x-zendesk-zorg
yes

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| regeneratorRuntime function| setImmediate function| clearImmediate function| jQueryCourage object| u2f function| OktaSignIn function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil object| zEWebpackACJsonp function| zE function| zEmbed object| config object| oktaSignIn object| OktaLogin object| jQBrowser boolean| zEACLoaded

4 Cookies

Domain/Path Name / Value
www.rsmlink.global/ Name: ASP.NET_SessionId
Value:
login.rsm.global/ Name: t
Value: default
login.rsm.global/ Name: DT
Value: DI1yyA9J8gTSzaGD9yUJvPkuA
login.rsm.global/ Name: JSESSIONID
Value: EA6B378EAB120ECEC1FF8FE4F9C809C8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ekr.zdassets.com
login.okta.com
login.rsm.global
ok9static.oktacdn.com
rsmapplications.rsmlink.global
rsmloginsupport.zendesk.com
static.zdassets.com
www.rsmlink.global
104.16.51.111
104.18.70.113
108.138.7.126
13.225.78.98
20.49.174.206
3.33.238.178
82.163.233.25
0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391
04e5a6a734bb7d87c3edca98ab40003f8972aba152440e7df17bda26d9ce0f8a
058bb9d17b2131122ad576569715e4e35cc79848433645fba5d768d9627acbd0
0b7ea65af03a1ecd7d759fab1e0e7717b642dadeef9c10595f3232faf293ab9c
26e4b9aa328a59d2ca486dcf53d51238062838733f91959f047b3098f46d4145
2e61b943e8a6ac3dbea3faf3f359e41178b8fc3cc03a719217967c7864e00177
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
40da9031157c48968b99f3765f874400bbc5389fa5c7198894defc6ec137a5ba
454ec75142ffa975454c8443545d38dc67b385b0f9ef5d0c54326b4f12dd4eb8
45b681005a5f6ffc081b837ec7c0a5f4752e6327f810ee0e79749d7fc4976c53
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
7c8557fabe455b2a528bb3bc78a1586c880f14936fcec7d6d4293b7716073982
9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be
9daf3347512399224f539e52835e58e95719f510297e544fed33e18a99bda076
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d639277e40379f8da6b7a7e3a8f6ddb9767c9012babdb8e7222ce06ebc06c4ac
e06eba5b6082d7f1bf2dfd8be6096e1bb93fc4a3d1748b4c02b85ff33e56f60d
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
f82da44225ccffe54b17728bca07164af78a2807ca5c0f22bae83e07b9877575
fee96903a1903ed87d700fd057e6b2d7bb591588225ce7c38fc008e5729f8efb