login.rsmidentity.com

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 15.197.181.212, located in United States and belongs to AMAZON-02, US. The main domain is login.rsmidentity.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 2nd 2023. Valid for: a year.

This is the only time login.rsmidentity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	15.197.181.212 15.197.181.212	16509 (AMAZON-02) (AMAZON-02)
2	18.66.112.91 18.66.112.91	16509 (AMAZON-02) (AMAZON-02)
4	2

2 15.197.181.212 (United States)

ASN16509 (AMAZON-02, US)
PTR: af77c9e516730cc51.awsglobalaccelerator.com

login.rsmidentity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-91.fra56.r.cloudfront.net

ok11static.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	oktacdn.com ok11static.oktacdn.com — Cisco Umbrella Rank: 15834	177 KB
2	rsmidentity.com login.rsmidentity.com	3 KB
4	2

	Domain	Requested by
2	ok11static.oktacdn.com	login.rsmidentity.com
2	login.rsmidentity.com	login.rsmidentity.com
4	2

This site contains no links.

Subject Issuer	Validity	Valid
*.rsmidentity.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-02` - `2024-05-25`	a year	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-01-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.rsmidentity.com/welcome
Frame ID: 85BFF23A5197A6F102F2307B9C5C365B
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RSMUS LLP - Seite nicht gefunden

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

181 kB
Transfer

180 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request welcome Show response
login.rsmidentity.com/ 2 KB
2 KB 566ms
172ms Document
text/html 15.197.181.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rsmidentity.com/welcome

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.181.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

be2daa8d1dca0902c9035afdda308525ff99d51d5e58fdc14ccc5bb60e818ce8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Wed, 24 May 2023 17:51:12 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
cache-control: no-cache, no-store
content-language: de
content-security-policy: frame-ancestors 'self'
content-security-policy-report-only: frame-ancestors 'self'
expires: 0
pragma: no-cache
x-frame-options: SAMEORIGIN
x-okta-request-id: ZG5OkKlKH76t1H4SgNE28gAAAYc

GET
H/1.1 200
OK errors-v2.css
login.rsmidentity.com/assets/css/sections/ 2 KB
1 KB 147ms
146ms Stylesheet
text/css 15.197.181.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rsmidentity.com/assets/css/sections/errors-v2.css

Requested by

Host: login.rsmidentity.com
URL: https://login.rsmidentity.com/welcome

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.181.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.rsmidentity.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 17:51:13 GMT
x-amz-meta-sha1sum: a0af4ecf251187b0203ff095d16f850cc57a38c1
Content-Encoding: gzip
Strict-Transport-Security: max-age=315360000; includeSubDomains
Last-Modified: Thu, 03 Nov 2022 21:57:23 GMT
Server: nginx
ETag: W/"80127ba5c47706686501006723ba83da"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Expires: Thu, 23 May 2024 17:51:13 GMT

GET
H2 200 fs0nkkph4uFZLikBZ4x6
ok11static.oktacdn.com/fs/bco/1/ 2 KB
2 KB 178ms
40ms Image
image/png 18.66.112.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok11static.oktacdn.com/fs/bco/1/fs0nkkph4uFZLikBZ4x6

Requested by

Host: login.rsmidentity.com
URL: https://login.rsmidentity.com/welcome

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-91.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

219c1d066128be23c31ac65b6a6f397865b7715e05ce2cc7f27ce1be5dca0320

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.rsmidentity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:49:20 GMT
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 745313
x-cache: Hit from cloudfront
content-length: 1782
last-modified: Thu, 30 Jul 2020 15:51:41 GMT
server: nginx
etag: "5054ac772c67e549d1a4499fca9de0f0"
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: Sfu7qOXBPwFPuZAFozL5BcuKqTG-57K-BIspVL4TRxjPBbwl85riFQ==
expires: Wed, 15 May 2024 02:49:20 GMT

GET
H2 200 fs0b499rfkLTiQ5hC4x7
ok11static.oktacdn.com/fs/bco/7/ 174 KB
175 KB 49ms
49ms Image
image/jpeg 18.66.112.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok11static.oktacdn.com/fs/bco/7/fs0b499rfkLTiQ5hC4x7

Requested by

Host: login.rsmidentity.com
URL: https://login.rsmidentity.com/welcome

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-91.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

173bf5477d298018ba647f3ca2290f2fb119d9725ee7447fd174d07fbfca1813

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.rsmidentity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 09:33:53 GMT
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 807440
x-cache: Hit from cloudfront
content-length: 178220
last-modified: Tue, 31 Jan 2023 20:46:13 GMT
server: nginx
etag: "48001081529f0ceb6cd27ef94569e92c"
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: R58K3xnBIXHN4vohnEDCohuynsxSSzB_RBExEJXQp98XdUzvQaGuWg==
expires: Tue, 14 May 2024 09:33:53 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.rsmidentity.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 20B8DF930C09C87450D3E12DC2BEF213
login.rsmidentity.com/	1969-12-31 23:59:59	Name: t Value: default
login.rsmidentity.com/	1970-01-20 21:38:30	Name: DT Value: DI1aVbfrO0iSOeBkk3f-wqqSQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login.rsmidentity.com/welcome Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.rsmidentity.com
ok11static.oktacdn.com
15.197.181.212
18.66.112.91
07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1
173bf5477d298018ba647f3ca2290f2fb119d9725ee7447fd174d07fbfca1813
219c1d066128be23c31ac65b6a6f397865b7715e05ce2cc7f27ce1be5dca0320
be2daa8d1dca0902c9035afdda308525ff99d51d5e58fdc14ccc5bb60e818ce8

login.rsmidentity.com Open in urlscan Pro 15.197.181.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

181 kBTransfer

180 kBSize

3 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

login.rsmidentity.com Open in urlscan Pro
15.197.181.212 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

181 kB
Transfer

180 kB
Size

3
Cookies

4 HTTP transactions
0 data transactions