okta.chipotle.com Open in urlscan Pro
54.189.255.224  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://stg-customeradmin.chipotle.com/ Page URL
2. https://oktauat.chipotle.com/oauth2/aus3m8e91mALbvGtG4x7/v1/authorize?client_id=0oa3m8frboD7nspqX4x7&code_challenge=JRsIIGvW-Uv217uOEXKgzu69CTtwDiXbk6IAQSP1nbI&code_challenge_method=S256&nonce=wuBI82eXQEiDltBWHDGUs1g6fYPuzKFP0zDLY1qh8C6ljI26i9H9y887IAHQY16I&redirect_uri=https%3A%2F%2Fstg-customeradmin.chipotle.com%2Flogin%2Fcallback&response_type=code&state=Gzhte3koTcFUEVR6wHxFnPEMyIfjla78XDcRzvNfkqjQt93TPjcG8ZQcxfMu01HI&scope=openid%20profile%20email Page URL
3. https://okta.chipotle.com/app/okta_org2org/exkaccuvutjw1lmXc357/sso/saml Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response stg-customeradmin.chipotle.com/	820 B 1 KB	656ms 572ms	Document text/html	2620:1ec:46::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://stg-customeradmin.chipotle.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash b4078acf73ce16a847fda8357feb2bd2bce897dcb2fc1a07110ccfe8196077fb Request headers :method GET :authority stg-customeradmin.chipotle.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-length 820 content-type text/html content-md5 mJ8UreABGH5Lt7WSqk3MbQ== last-modified Thu, 12 Aug 2021 18:52:03 GMT accept-ranges bytes etag "0x8D95DC2464AB6C5" server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-cache TCP_MISS x-ms-request-id 3dd91a8b-f01e-006f-09ae-8f0bea000000 x-ms-version 2018-03-28 x-azure-ref-originshield 00XMVYQAAAAA/JfYuXMZzQ4j/TDei9mFgTE9OMjFFREdFMDIwNwBmMTYwNDIyMS03N2VjLTRkZTAtYTk2NC04NDZjZGJlNGQ5Zjk= x-azure-ref 00XMVYQAAAABWSc+o5NimSLX5su7YWehTRlJBRURHRTEwMjEAZjE2MDQyMjEtNzdlYy00ZGUwLWE5NjQtODQ2Y2RiZTRkOWY5 date Thu, 12 Aug 2021 19:17:37 GMT
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	35ms 15ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700 Requested by Host: stg-customeradmin.chipotle.com URL: https://stg-customeradmin.chipotle.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://stg-customeradmin.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 12 Aug 2021 17:42:30 GMT server ESF date Thu, 12 Aug 2021 19:17:37 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 12 Aug 2021 19:17:37 GMT
GET H2	200	app.a0816ad5d36bc09e9a734abed5b028e3.css stg-customeradmin.chipotle.com/static/css/	213 KB 34 KB	1016ms 1015ms	Stylesheet text/css	2620:1ec:46::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://stg-customeradmin.chipotle.com/static/css/app.a0816ad5d36bc09e9a734abed5b028e3.css Requested by Host: stg-customeradmin.chipotle.com URL: https://stg-customeradmin.chipotle.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 68ad574acf72798eb2dbbc11747ad88e16048f8797d410df3138e88dafc0ce2a Request headers :path /static/css/app.a0816ad5d36bc09e9a734abed5b028e3.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority stg-customeradmin.chipotle.com referer https://stg-customeradmin.chipotle.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://stg-customeradmin.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 Aug 2021 19:17:38 GMT content-encoding br last-modified Thu, 12 Aug 2021 18:52:03 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 content-md5 O234gwuDN50NIZgsKmaoRw== etag "0x8D95DC24649F353" x-azure-ref 00XMVYQAAAABvchWmVwhPT6GwL5rFUjUnRlJBRURHRTEwMjEAZjE2MDQyMjEtNzdlYy00ZGUwLWE5NjQtODQ2Y2RiZTRkOWY5 x-cache TCP_MISS content-type text/css x-ms-request-id 71ded801-e01e-0073-57ae-8f598a000000 x-ms-version 2018-03-28 x-azure-ref-originshield 00XMVYQAAAAAZ3euIQhOcRK5dnfbOjomwTE9OMjFFREdFMDIwOQBmMTYwNDIyMS03N2VjLTRkZTAtYTk2NC04NDZjZGJlNGQ5Zjk= accept-ranges bytes
GET H2	200	manifest.8af3c6c240144784b974.js Show response stg-customeradmin.chipotle.com/static/js/	2 KB 1 KB	560ms 559ms	Script application/x-javascript	2620:1ec:46::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://stg-customeradmin.chipotle.com/static/js/manifest.8af3c6c240144784b974.js Requested by Host: stg-customeradmin.chipotle.com URL: https://stg-customeradmin.chipotle.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 9c157b128f72e80385b304df9010368f50a1f8aaa5038a53d1ad4cc33ca462b5 Request headers :path /static/js/manifest.8af3c6c240144784b974.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority stg-customeradmin.chipotle.com referer https://stg-customeradmin.chipotle.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://stg-customeradmin.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 Aug 2021 19:17:38 GMT content-encoding br last-modified Thu, 12 Aug 2021 18:52:03 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 content-md5 Le1+OSxlQrVPZVkoCC4+Zw== etag "0x8D95DC2464D7666" x-azure-ref 00XMVYQAAAACqwymqxgeWR7VNWPqy0moTRlJBRURHRTEwMjEAZjE2MDQyMjEtNzdlYy00ZGUwLWE5NjQtODQ2Y2RiZTRkOWY5 x-cache TCP_MISS content-type application/x-javascript x-ms-request-id 207639fc-201e-0031-32ae-8fe00a000000 x-ms-version 2018-03-28 x-azure-ref-originshield 00XMVYQAAAACslB25+LQ3SqetaAEf8YR7TE9OMjFFREdFMDEwNwBmMTYwNDIyMS03N2VjLTRkZTAtYTk2NC04NDZjZGJlNGQ5Zjk= accept-ranges bytes
GET H2	200	vendor.d3783d8db2a20ffbd949.js Show response stg-customeradmin.chipotle.com/static/js/	557 KB 138 KB	1258ms 1257ms	Script application/x-javascript	2620:1ec:46::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://stg-customeradmin.chipotle.com/static/js/vendor.d3783d8db2a20ffbd949.js Requested by Host: stg-customeradmin.chipotle.com URL: https://stg-customeradmin.chipotle.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash fd5a691d9a95fe43c13334ca33cb48045c4c6b5ac8d3042bfc8a482ae6f0e26f Request headers :path /static/js/vendor.d3783d8db2a20ffbd949.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority stg-customeradmin.chipotle.com referer https://stg-customeradmin.chipotle.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://stg-customeradmin.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 Aug 2021 19:17:38 GMT content-encoding br last-modified Thu, 12 Aug 2021 18:52:03 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 content-md5 6iKAal18PrnEMBAZFY3rCg== etag "0x8D95DC2464FE7D9" x-azure-ref 00XMVYQAAAAB9Jf00RwVrSLRoTRhgdOnLRlJBRURHRTEwMjEAZjE2MDQyMjEtNzdlYy00ZGUwLWE5NjQtODQ2Y2RiZTRkOWY5 x-cache TCP_MISS content-type application/x-javascript x-ms-request-id 7ada6fcc-501e-0004-25ae-8f8c1e000000 x-ms-version 2018-03-28 x-azure-ref-originshield 00XMVYQAAAACl0a5P7YYATIBGtusLuVGrTE9OMjFFREdFMTUxOABmMTYwNDIyMS03N2VjLTRkZTAtYTk2NC04NDZjZGJlNGQ5Zjk= accept-ranges bytes
GET H2	200	app.a0e3b13b380443135b62.js Show response stg-customeradmin.chipotle.com/static/js/	32 KB 8 KB	670ms 670ms	Script application/x-javascript	2620:1ec:46::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://stg-customeradmin.chipotle.com/static/js/app.a0e3b13b380443135b62.js Requested by Host: stg-customeradmin.chipotle.com URL: https://stg-customeradmin.chipotle.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash a38335f5e7f7fb70f13d77716ae2f360d385c8c92052f0d890a931574cca3e95 Request headers :path /static/js/app.a0e3b13b380443135b62.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority stg-customeradmin.chipotle.com referer https://stg-customeradmin.chipotle.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://stg-customeradmin.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 Aug 2021 19:17:38 GMT content-encoding br last-modified Thu, 12 Aug 2021 18:52:03 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 content-md5 bpDWx9cWOkyOOvHyz/XRYA== etag "0x8D95DC24645ACC6" x-azure-ref 00XMVYQAAAAAvJHm3CGMhQIi9YVHumg7ZRlJBRURHRTEwMjEAZjE2MDQyMjEtNzdlYy00ZGUwLWE5NjQtODQ2Y2RiZTRkOWY5 x-cache TCP_MISS content-type application/x-javascript x-ms-request-id 77edb4ba-e01e-0063-0dae-8f9ce2000000 x-ms-version 2018-03-28 x-azure-ref-originshield 00XMVYQAAAAAPxZI6+9P9Q6+/yUfYPa9FTE9OMjFFREdFMTUxOQBmMTYwNDIyMS03N2VjLTRkZTAtYTk2NC04NDZjZGJlNGQ5Zjk= accept-ranges bytes
GET H2	200	4.589fc5353646cd2eb206.js Show response stg-customeradmin.chipotle.com/static/js/	10 KB 4 KB	586ms 586ms	Script application/x-javascript	2620:1ec:46::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://stg-customeradmin.chipotle.com/static/js/4.589fc5353646cd2eb206.js Requested by Host: stg-customeradmin.chipotle.com URL: https://stg-customeradmin.chipotle.com/static/js/manifest.8af3c6c240144784b974.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 361cc62215cdb332dd0394ac32a1bad00cd0f54dd75b4bd35d10ad02f9676ce4 Request headers :path /static/js/4.589fc5353646cd2eb206.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority stg-customeradmin.chipotle.com referer https://stg-customeradmin.chipotle.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://stg-customeradmin.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 Aug 2021 19:17:39 GMT content-encoding br last-modified Thu, 12 Aug 2021 18:52:03 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 content-md5 35mrEU0J6Ysq4DOCYS3PIA== etag "0x8D95DC24645ACC6" x-azure-ref 003MVYQAAAABjGUmnv1r1T5YAaGaC9e5uRlJBRURHRTEwMjEAZjE2MDQyMjEtNzdlYy00ZGUwLWE5NjQtODQ2Y2RiZTRkOWY5 x-cache TCP_MISS content-type application/x-javascript x-ms-request-id e7d8abd1-701e-0013-6dae-8f2515000000 x-ms-version 2018-03-28 x-azure-ref-originshield 003MVYQAAAABHO9IkmZOmQaB/EOUEal3WTE9OMjFFREdFMTUwOQBmMTYwNDIyMS03N2VjLTRkZTAtYTk2NC04NDZjZGJlNGQ5Zjk= accept-ranges bytes
GET H2	200	loadingPepper.a09166e.gif stg-customeradmin.chipotle.com/static/img/	20 KB 20 KB	547ms 547ms	Image image/gif	2620:1ec:46::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://stg-customeradmin.chipotle.com/static/img/loadingPepper.a09166e.gif Requested by Host: stg-customeradmin.chipotle.com URL: https://stg-customeradmin.chipotle.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash af480bafb544e2d74e7cc893982895e1e090b7f1feaa15a0ab2249b93b48ec74 Request headers :path /static/img/loadingPepper.a09166e.gif pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority stg-customeradmin.chipotle.com referer https://stg-customeradmin.chipotle.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://stg-customeradmin.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 Aug 2021 19:17:39 GMT last-modified Thu, 12 Aug 2021 18:52:03 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 content-md5 oJFm6HdIXitUVB2PpwjBIw== etag "0x8D95DC246481E42" x-azure-ref 003MVYQAAAAC/2B5gBpvQQoqfDbmCW0hlRlJBRURHRTEwMjEAZjE2MDQyMjEtNzdlYy00ZGUwLWE5NjQtODQ2Y2RiZTRkOWY5 x-cache TCP_MISS content-type image/gif x-ms-request-id 152d78a4-f01e-0050-08ae-8fc349000000 x-ms-version 2018-03-28 x-azure-ref-originshield 003MVYQAAAADZQ148oPaNQYNZwR8YcE2ITE9OMjFFREdFMTUxMABmMTYwNDIyMS03N2VjLTRkZTAtYTk2NC04NDZjZGJlNGQ5Zjk= accept-ranges bytes content-length 20516
GET H2	200	chi_logo-trans.1c2130b.png stg-customeradmin.chipotle.com/static/img/	12 KB 13 KB	578ms 578ms	Image image/png	2620:1ec:46::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://stg-customeradmin.chipotle.com/static/img/chi_logo-trans.1c2130b.png Requested by Host: stg-customeradmin.chipotle.com URL: https://stg-customeradmin.chipotle.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 1f655af7376dbfd961614a42291fcef4ce27c6080fa36d990040e09e8908d22e Request headers :path /static/img/chi_logo-trans.1c2130b.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority stg-customeradmin.chipotle.com referer https://stg-customeradmin.chipotle.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://stg-customeradmin.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 Aug 2021 19:17:39 GMT last-modified Thu, 12 Aug 2021 18:52:03 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 content-md5 HCEws5wPFDBPAbcISJ7owg== etag "0x8D95DC24647F72D" x-azure-ref 003MVYQAAAACXVLdNY/5tT7fXPbiwa4TiRlJBRURHRTEwMjEAZjE2MDQyMjEtNzdlYy00ZGUwLWE5NjQtODQ2Y2RiZTRkOWY5 x-cache TCP_MISS content-type image/png x-ms-request-id cb8f0632-d01e-0057-66ae-8faf2a000000 x-ms-version 2018-03-28 x-azure-ref-originshield 003MVYQAAAADI2ja2EF57RZfZJwPaEWvVTE9OMjFFREdFMTUwNwBmMTYwNDIyMS03N2VjLTRkZTAtYTk2NC04NDZjZGJlNGQ5Zjk= accept-ranges bytes content-length 12762
GET H2	200	ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 fonts.gstatic.com/s/robotocondensed/v19/	15 KB 16 KB	26ms 7ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://stg-customeradmin.chipotle.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 00:30:52 GMT x-content-type-options nosniff age 240407 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15720 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:08:56 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 10 Aug 2022 00:30:52 GMT
OPTIONS H/1.1	200 OK	openid-configuration oktauat.chipotle.com/oauth2/aus3m8e91mALbvGtG4x7/.well-known/ Frame	0 0	467ms 126ms	Preflight application/octet-stream	3.15.36.195 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://oktauat.chipotle.com/oauth2/aus3m8e91mALbvGtG4x7/.well-known/openid-configuration Protocol HTTP/1.1 Server 3.15.36.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-15-36-195.us-east-2.compute.amazonaws.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type,x-okta-user-agent-extended Origin https://stg-customeradmin.chipotle.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Date Thu, 12 Aug 2021 19:17:40 GMT Server nginx Content-Type application/octet-stream Content-Length 0 Access-Control-Allow-Origin https://stg-customeradmin.chipotle.com Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, OPTIONS Access-Control-Allow-Headers content-type,x-okta-user-agent-extended Vary Origin Access-Control-Max-Age 3600 X-Okta-Request-Id YRVz1DDFdysteyDz5oIZHQAABt8 Strict-Transport-Security max-age=315360000; includeSubDomains Keep-Alive timeout=5, max=100 Connection Keep-Alive
GET H/1.1	200 OK	openid-configuration Show response oktauat.chipotle.com/oauth2/aus3m8e91mALbvGtG4x7/.well-known/	2 KB 3 KB	393ms 145ms	Fetch application/json	3.15.36.195 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://oktauat.chipotle.com/oauth2/aus3m8e91mALbvGtG4x7/.well-known/openid-configuration Requested by Host: stg-customeradmin.chipotle.com URL: https://stg-customeradmin.chipotle.com/static/js/vendor.d3783d8db2a20ffbd949.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.15.36.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-15-36-195.us-east-2.compute.amazonaws.com Software nginx / Resource Hash 13816bd55be1b9cca7f395fd031723e9b81c62bdaf64c266340e433f5e356e07 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept application/json Referer https://stg-customeradmin.chipotle.com/ X-Okta-User-Agent-Extended @okta/okta-vue/3.1.0 okta-auth-js/4.9.2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers X-Okta-Request-Id YRVz1PYcYjUPDpmjTt1JQgAADZA Date Thu, 12 Aug 2021 19:17:40 GMT x-content-type-options nosniff Transfer-Encoding chunked p3p CP="HONK" Connection Keep-Alive vary Origin x-xss-protection 0 Server nginx expect-ct report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0 Strict-Transport-Security max-age=315360000; includeSubDomains Content-Type application/json Access-Control-Allow-Origin https://stg-customeradmin.chipotle.com cache-control max-age=86400, must-revalidate Access-Control-Allow-Credentials true Keep-Alive timeout=5, max=100 expires Fri, 13 Aug 2021 19:17:40 GMT
GET H/1.1	200 OK	authorize Show response oktauat.chipotle.com/oauth2/aus3m8e91mALbvGtG4x7/v1/	17 KB 9 KB	400ms 400ms	Document text/html	3.15.36.195 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://oktauat.chipotle.com/oauth2/aus3m8e91mALbvGtG4x7/v1/authorize?client_id=0oa3m8frboD7nspqX4x7&code_challenge=JRsIIGvW-Uv217uOEXKgzu69CTtwDiXbk6IAQSP1nbI&code_challenge_method=S256&nonce=wuBI82eXQEiDltBWHDGUs1g6fYPuzKFP0zDLY1qh8C6ljI26i9H9y887IAHQY16I&redirect_uri=https%3A%2F%2Fstg-customeradmin.chipotle.com%2Flogin%2Fcallback&response_type=code&state=Gzhte3koTcFUEVR6wHxFnPEMyIfjla78XDcRzvNfkqjQt93TPjcG8ZQcxfMu01HI&scope=openid%20profile%20email Requested by Host: stg-customeradmin.chipotle.com URL: https://stg-customeradmin.chipotle.com/static/js/vendor.d3783d8db2a20ffbd949.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.15.36.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-15-36-195.us-east-2.compute.amazonaws.com Software nginx / Resource Hash be6eb4b834dffb66e21c99d5fd77c2a97afb0c2400f9565204422637636f1e45 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Host oktauat.chipotle.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://stg-customeradmin.chipotle.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://stg-customeradmin.chipotle.com/ Response headers Date Thu, 12 Aug 2021 19:17:41 GMT Server nginx Content-Type text/html;charset=utf-8 Vary Accept-Encoding x-okta-request-id YRVz1PYcYjUPDpmjTt1JRwAADZA x-xss-protection 0 p3p CP="HONK" x-rate-limit-limit 60 x-rate-limit-remaining 59 x-rate-limit-reset 1628795920 expect-ct report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0 referrer-policy no-referrer cache-control no-cache, no-store pragma no-cache expires 0 x-content-type-options nosniff content-language en Strict-Transport-Security max-age=315360000; includeSubDomains X-Robots-Tag none Content-Encoding gzip set-cookie sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ JSESSIONID=177DBB928C4CD3545A44F085BE13A2DD; Path=/; Secure; HttpOnly t=red-dark; Path=/ DT=DI0iUw8UD46SXSFitmOzRKokA;Version=1;Path=/;Max-Age=63072000;Secure;Expires=Sat, 12 Aug 2023 19:17:40 GMT;SameSite=None sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ t=red-dark; Path=/ DT=DI0iUw8UD46SXSFitmOzRKokA;Version=1;Path=/;Max-Age=63072000;Secure;Expires=Sat, 12 Aug 2023 19:17:41 GMT;SameSite=None sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ Keep-Alive timeout=5, max=99 Connection Keep-Alive Transfer-Encoding chunked
GET H2	200	jquery-1.12.4.05ced5937a65bd185b03749fdd833c98.js Show response ok11static.oktacdn.com/assets/js/	287 KB 101 KB	112ms 22ms	Script application/javascript	143.204.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok11static.oktacdn.com/assets/js/jquery-1.12.4.05ced5937a65bd185b03749fdd833c98.js Requested by Host: oktauat.chipotle.com URL: https://oktauat.chipotle.com/oauth2/aus3m8e91mALbvGtG4x7/v1/authorize?client_id=0oa3m8frboD7nspqX4x7&code_challenge=JRsIIGvW-Uv217uOEXKgzu69CTtwDiXbk6IAQSP1nbI&code_challenge_method=S256&nonce=wuBI82eXQEiDltBWHDGUs1g6fYPuzKFP0zDLY1qh8C6ljI26i9H9y887IAHQY16I&redirect_uri=https%3A%2F%2Fstg-customeradmin.chipotle.com%2Flogin%2Fcallback&response_type=code&state=Gzhte3koTcFUEVR6wHxFnPEMyIfjla78XDcRzvNfkqjQt93TPjcG8ZQcxfMu01HI&scope=openid%20profile%20email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-97.fra50.r.cloudfront.net Software nginx / Resource Hash 4a92592a10ee14828698950e3f4ce5d0b011fca631839c64d45f25637c7e2d1a Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Origin https://oktauat.chipotle.com Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=315360000; includeSubDomains content-encoding gzip etag W/"05ced5937a65bd185b03749fdd833c98" age 434690 x-cache Hit from cloudfront access-control-allow-origin * last-modified Wed, 24 Feb 2021 01:55:36 GMT server nginx date Sat, 07 Aug 2021 18:32:51 GMT vary Accept-Encoding content-type application/javascript via 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA50-C1 x-amz-cf-id XV8IMCUluw2jTW5hR3SMmHxu6VGIGkyNQYk6TaFDi-E-B0bAg4P__A== expires Sun, 07 Aug 2022 18:32:51 GMT
GET H2	200	interstitial.a54a1edc95056b8486c088d765565d49.css ok11static.oktacdn.com/assets/css/sections/	6 KB 2 KB	109ms 19ms	Stylesheet text/css	143.204.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok11static.oktacdn.com/assets/css/sections/interstitial.a54a1edc95056b8486c088d765565d49.css Requested by Host: oktauat.chipotle.com URL: https://oktauat.chipotle.com/oauth2/aus3m8e91mALbvGtG4x7/v1/authorize?client_id=0oa3m8frboD7nspqX4x7&code_challenge=JRsIIGvW-Uv217uOEXKgzu69CTtwDiXbk6IAQSP1nbI&code_challenge_method=S256&nonce=wuBI82eXQEiDltBWHDGUs1g6fYPuzKFP0zDLY1qh8C6ljI26i9H9y887IAHQY16I&redirect_uri=https%3A%2F%2Fstg-customeradmin.chipotle.com%2Flogin%2Fcallback&response_type=code&state=Gzhte3koTcFUEVR6wHxFnPEMyIfjla78XDcRzvNfkqjQt93TPjcG8ZQcxfMu01HI&scope=openid%20profile%20email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-97.fra50.r.cloudfront.net Software nginx / Resource Hash b03ab66644aac3f5586848ac6289288a8bf2d4c84a0ab66f3bbf6765775b055f Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 00:12:44 GMT content-encoding gzip vary Accept-Encoding age 932697 x-cache Hit from cloudfront access-control-allow-origin * last-modified Tue, 20 Aug 2019 20:07:56 GMT server nginx etag W/"a54a1edc95056b8486c088d765565d49" strict-transport-security max-age=315360000; includeSubDomains content-type text/css via 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA50-C1 x-amz-cf-id OawDsau_al8IJbFOQQNWcNg7aHVXAl313DKV8wfo1a-VjKJQmywJFw== expires Tue, 02 Aug 2022 00:12:44 GMT
GET H2	200	new_interstitial.c41c3b6f3a84458aca9a5919f238fbe3.gif ok11static.oktacdn.com/assets/img/ui/indicators/	354 KB 355 KB	26ms 25ms	Image image/gif	143.204.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ok11static.oktacdn.com/assets/img/ui/indicators/new_interstitial.c41c3b6f3a84458aca9a5919f238fbe3.gif Requested by Host: oktauat.chipotle.com URL: https://oktauat.chipotle.com/oauth2/aus3m8e91mALbvGtG4x7/v1/authorize?client_id=0oa3m8frboD7nspqX4x7&code_challenge=JRsIIGvW-Uv217uOEXKgzu69CTtwDiXbk6IAQSP1nbI&code_challenge_method=S256&nonce=wuBI82eXQEiDltBWHDGUs1g6fYPuzKFP0zDLY1qh8C6ljI26i9H9y887IAHQY16I&redirect_uri=https%3A%2F%2Fstg-customeradmin.chipotle.com%2Flogin%2Fcallback&response_type=code&state=Gzhte3koTcFUEVR6wHxFnPEMyIfjla78XDcRzvNfkqjQt93TPjcG8ZQcxfMu01HI&scope=openid%20profile%20email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-97.fra50.r.cloudfront.net Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 00:32:59 GMT via 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront) age 1536282 x-cache Hit from cloudfront content-length 362138 last-modified Tue, 20 Aug 2019 20:04:36 GMT server nginx etag "c41c3b6f3a84458aca9a5919f238fbe3" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/gif x-amz-cf-id WLD3LQVherUV8siFvx8FEvJaxacllz1x1ZeSHgvSjSMojWWPGRBPVA== expires Tue, 26 Jul 2022 00:32:59 GMT
GET H2	200	interstitial.474dce61acfac4a4d016921943cf2a68.js Show response ok11static.oktacdn.com/assets/js/app/sso/	678 B 1 KB	28ms 27ms	Script application/javascript	143.204.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok11static.oktacdn.com/assets/js/app/sso/interstitial.474dce61acfac4a4d016921943cf2a68.js Requested by Host: oktauat.chipotle.com URL: https://oktauat.chipotle.com/oauth2/aus3m8e91mALbvGtG4x7/v1/authorize?client_id=0oa3m8frboD7nspqX4x7&code_challenge=JRsIIGvW-Uv217uOEXKgzu69CTtwDiXbk6IAQSP1nbI&code_challenge_method=S256&nonce=wuBI82eXQEiDltBWHDGUs1g6fYPuzKFP0zDLY1qh8C6ljI26i9H9y887IAHQY16I&redirect_uri=https%3A%2F%2Fstg-customeradmin.chipotle.com%2Flogin%2Fcallback&response_type=code&state=Gzhte3koTcFUEVR6wHxFnPEMyIfjla78XDcRzvNfkqjQt93TPjcG8ZQcxfMu01HI&scope=openid%20profile%20email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-97.fra50.r.cloudfront.net Software nginx / Resource Hash 77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Origin https://oktauat.chipotle.com Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 23 Jul 2021 22:43:54 GMT content-encoding gzip vary Accept-Encoding age 1715627 x-cache Hit from cloudfront access-control-allow-origin * last-modified Tue, 20 Aug 2019 20:02:20 GMT server nginx etag W/"474dce61acfac4a4d016921943cf2a68" strict-transport-security max-age=315360000; includeSubDomains content-type application/javascript via 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA50-C1 x-amz-cf-id lomP05_2PCqbY3fdytJMk_jrm4guto2NY6wEuKoIJqADgAyEXTn5nw== expires Sat, 23 Jul 2022 22:43:54 GMT
POST H/1.1	200 OK	Primary Request saml Show response okta.chipotle.com/app/okta_org2org/exkaccuvutjw1lmXc357/sso/	443 KB 188 KB	695ms 294ms	Document text/html	54.189.255.224 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://okta.chipotle.com/app/okta_org2org/exkaccuvutjw1lmXc357/sso/saml Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.189.255.224 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ok7-crtrs.okta.com Software nginx / Resource Hash b004e774ba308b9457a68a16d4fa2eeff4eb126e15fc6fe7c0759a1593b8e9a3 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Host okta.chipotle.com Connection keep-alive Content-Length 4122 Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 Origin null Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 Origin null Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 Aug 2021 19:17:41 GMT Server nginx Content-Type text/html;charset=utf-8 Vary Accept-Encoding x-okta-request-id YRVz1a4L@dGz2gk48Y@VKwAACCA x-xss-protection 0 p3p CP="HONK" x-rate-limit-limit 850 x-rate-limit-remaining 836 x-rate-limit-reset 1628795870 expect-ct report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0 cache-control no-cache, no-store pragma no-cache expires 0 x-content-type-options nosniff x-ua-compatible IE=edge content-language en Strict-Transport-Security max-age=315360000; includeSubDomains X-Robots-Tag none Content-Encoding gzip set-cookie sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ JSESSIONID=47D88827F8C0ECCA64048EF2E0B06A5A; Path=/; Secure; HttpOnly t=red-dark; Path=/ DT=DI0zhrHaTcxSwOKNnr2UESbKA;Version=1;Path=/;Max-Age=63072000;Secure;Expires=Sat, 12 Aug 2023 19:17:41 GMT;SameSite=None Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked
GET H2	200	okta-sign-in.min.js Show response ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.3.3/js/	1 MB 447 KB	125ms 46ms	Script application/javascript	52.222.139.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.3.3/js/okta-sign-in.min.js Requested by Host: okta.chipotle.com URL: https://okta.chipotle.com/app/okta_org2org/exkaccuvutjw1lmXc357/sso/saml Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-44.ams50.r.cloudfront.net Software nginx / Resource Hash 7454b07514e89843a08b45cbf1547203f43de8453231e023758472216092e9b6 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer https://okta.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 31 Jul 2021 19:13:46 GMT content-encoding gzip vary Accept-Encoding age 1037036 x-cache Hit from cloudfront access-control-allow-origin * last-modified Wed, 03 Mar 2021 00:25:09 GMT server nginx etag W/"6ff6d790717305ff17419af26a9f6f69" strict-transport-security max-age=315360000; includeSubDomains content-type application/javascript via 1.1 4f516e51d4c38a41272c9098bf829774.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop AMS50-C1 x-amz-cf-id h9Kubfydm1XVEx39bgFV3oG9D0XhHK_EhUd193JVuY4gcxN6HJdIng== expires Sun, 31 Jul 2022 19:13:46 GMT
GET H2	200	okta-sign-in.min.css ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.3.3/css/	198 KB 35 KB	115ms 36ms	Stylesheet text/css	52.222.139.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.3.3/css/okta-sign-in.min.css Requested by Host: okta.chipotle.com URL: https://okta.chipotle.com/app/okta_org2org/exkaccuvutjw1lmXc357/sso/saml Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-44.ams50.r.cloudfront.net Software nginx / Resource Hash 6ea4b42594980717d2e8df38a591cf56f4646a6176d35cdd4816bdf26d6cf8fb Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer https://okta.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 25 Jul 2021 12:48:50 GMT content-encoding gzip vary Accept-Encoding age 1578532 x-cache Hit from cloudfront access-control-allow-origin * last-modified Wed, 03 Mar 2021 00:24:58 GMT server nginx etag W/"bacc95858d598ebc02b4130fdb9407e7" strict-transport-security max-age=315360000; includeSubDomains content-type text/css via 1.1 4f516e51d4c38a41272c9098bf829774.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop AMS50-C1 x-amz-cf-id ayzmlEk6-WdC1rnn6Aeh-Wxd5sU7rnXDdh4xxBIuNUvgM0FFoem3GQ== expires Mon, 25 Jul 2022 12:48:50 GMT
GET H2	200	custom-signin.bb8f4ce4363dd17160adb27f2ab5f478.css ok7static.oktacdn.com/assets/loginpage/css/	1 KB 1 KB	104ms 25ms	Stylesheet text/css	52.222.139.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/loginpage/css/custom-signin.bb8f4ce4363dd17160adb27f2ab5f478.css Requested by Host: okta.chipotle.com URL: https://okta.chipotle.com/app/okta_org2org/exkaccuvutjw1lmXc357/sso/saml Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-44.ams50.r.cloudfront.net Software nginx / Resource Hash 6ad0ad11086d50749bb41cf96cf712c1e61f458b4f6844f36f4ba21960417250 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer https://okta.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 30 Jul 2021 01:55:40 GMT content-encoding gzip vary Accept-Encoding age 1185722 x-cache Hit from cloudfront access-control-allow-origin * last-modified Wed, 19 Feb 2020 23:31:30 GMT server nginx etag W/"bb8f4ce4363dd17160adb27f2ab5f478" strict-transport-security max-age=315360000; includeSubDomains content-type text/css via 1.1 4f516e51d4c38a41272c9098bf829774.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop AMS50-C1 x-amz-cf-id _nyLjgLX8pDaXv4KQWP5DW3RMLJCY2LB25CMWEb3lE7CXdP68AIFIg== expires Sat, 30 Jul 2022 01:55:40 GMT
GET H2	200	gfs7rbrd7vbfNcC8U357 ok7static.oktacdn.com/fs/bcg/4/	7 KB 7 KB	25ms 24ms	Image image/png	52.222.139.44 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ok7static.oktacdn.com/fs/bcg/4/gfs7rbrd7vbfNcC8U357 Requested by Host: okta.chipotle.com URL: https://okta.chipotle.com/app/okta_org2org/exkaccuvutjw1lmXc357/sso/saml Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-44.ams50.r.cloudfront.net Software nginx / Resource Hash 81f179fe271cf41bb25a2479e71e015cf71fad64d25641f07467e357d6252567 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer https://okta.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=315360000; includeSubDomains via 1.1 4f516e51d4c38a41272c9098bf829774.cloudfront.net (CloudFront) etag "9542e9658ed26272f941d864b280002b" age 1684602 x-cache Hit from cloudfront content-length 6776 last-modified Thu, 18 Feb 2021 16:15:38 GMT server nginx date Sat, 24 Jul 2021 07:21:00 GMT content-type image/png access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop AMS50-C1 accept-ranges bytes x-amz-cf-id QK5w-zpnWTz--WLkne-Yxxrw0ylbOKFqfVDfnIRXexynLKnWs6vftw== expires Sun, 24 Jul 2022 07:21:00 GMT
GET H2	200	initLoginPage.pack.de2a7ed7dca23249f4ab0af3eb4c9d0a.js Show response ok7static.oktacdn.com/assets/js/mvc/loginpage/	396 KB 107 KB	26ms 25ms	Script application/javascript	52.222.139.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.de2a7ed7dca23249f4ab0af3eb4c9d0a.js Requested by Host: URL: OktaUtil.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-44.ams50.r.cloudfront.net Software nginx / Resource Hash 7e0df065d0c9978769a33396accd42d8751a173cef5261e54802c96475dac4b2 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer https://okta.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 00:08:13 GMT content-encoding gzip vary Accept-Encoding age 932969 x-cache Hit from cloudfront access-control-allow-origin * last-modified Tue, 29 Jun 2021 23:41:41 GMT server nginx etag W/"de2a7ed7dca23249f4ab0af3eb4c9d0a" strict-transport-security max-age=315360000; includeSubDomains content-type application/javascript via 1.1 4f516e51d4c38a41272c9098bf829774.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop AMS50-C1 x-amz-cf-id 6QaQMw9s84Pwa-HXb2blj4geXgkFEsaJSv8f07up47qiEZtHKEhyyA== expires Tue, 02 Aug 2022 00:08:13 GMT
GET H2	200	fs03yf7x1mdX0LoGl357 ok7static.oktacdn.com/fs/bco/7/	695 KB 697 KB	28ms 28ms	Image image/jpeg	52.222.139.44 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ok7static.oktacdn.com/fs/bco/7/fs03yf7x1mdX0LoGl357 Requested by Host: okta.chipotle.com URL: https://okta.chipotle.com/app/okta_org2org/exkaccuvutjw1lmXc357/sso/saml Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-44.ams50.r.cloudfront.net Software nginx / Resource Hash bf12919e330e9913d9b622bc69b6533a2c12cfdbc4b4b10cb83b4d5eacf2155f Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer https://okta.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 18:17:03 GMT via 1.1 4f516e51d4c38a41272c9098bf829774.cloudfront.net (CloudFront) age 1213239 x-cache Hit from cloudfront content-length 711415 last-modified Tue, 19 May 2020 17:50:17 GMT server nginx etag "02a63d0762acfe7f7f7818d1c496c245" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop AMS50-C1 accept-ranges bytes content-type image/jpeg x-amz-cf-id b2qrLCO1plwxoyRDsJVOoKe1qmY8c1v9WApohLi9v5_WlJKsZol3xw== expires Fri, 29 Jul 2022 18:17:03 GMT
GET H2	200	fs03yf9jm3reEvHGP357 ok7static.oktacdn.com/fs/bco/1/	3 KB 4 KB	26ms 25ms	Image image/png	52.222.139.44 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ok7static.oktacdn.com/fs/bco/1/fs03yf9jm3reEvHGP357 Requested by Host: okta.chipotle.com URL: https://okta.chipotle.com/signin/refresh-auth-state/00qk9mKZOhjoTtkNHt9VE8M18ajyIkizsnO37DDigv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-44.ams50.r.cloudfront.net Software nginx / Resource Hash 4d719370b8ba3952ebb56da70287190637f6e5c3c345aa4f022ecc47b668c05f Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer https://okta.chipotle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 01 Aug 2021 14:17:28 GMT via 1.1 4f516e51d4c38a41272c9098bf829774.cloudfront.net (CloudFront) age 968414 x-cache Hit from cloudfront content-length 3492 last-modified Tue, 19 May 2020 17:50:50 GMT server nginx etag "2a66884a38d97b5588a568dff9c2ca15" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop AMS50-C1 accept-ranges bytes content-type image/png x-amz-cf-id 54b4qF1mnZf_5Yeb58Xc1sLqqY3tv2cjpDZmCZgrwGSdrmidgmvbUg== expires Mon, 01 Aug 2022 14:17:28 GMT
GET DATA	200 OK	truncated /	69 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6e63a68cdf1db200b3792c5aed27065afcddf91bfb1f50e9312c1d7166b848ae Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	4 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a224e0a28793bad868b3c34ac3c59f2ac5ecce4f4f45168c07ba2e09c1b1b743 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
POST H/1.1	200 OK	introspect Show response okta.chipotle.com/api/v1/authn/	740 B 1 KB	213ms 213ms	Fetch application/json	54.189.255.224 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://okta.chipotle.com/api/v1/authn/introspect Requested by Host: ok7static.oktacdn.com URL: https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.3.3/js/okta-sign-in.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.189.255.224 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ok7-crtrs.okta.com Software nginx / Resource Hash f2c551a9a938ac9301a9fbc05ba981425354bf1e34c093b2e238f8948d12cf29 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Origin https://okta.chipotle.com Accept-Encoding gzip, deflate, br Accept-Language en Sec-Fetch-Dest empty Cookie JSESSIONID=47D88827F8C0ECCA64048EF2E0B06A5A; t=red-dark; DT=DI0zhrHaTcxSwOKNnr2UESbKA Connection keep-alive Content-Length 59 Pragma no-cache X-Okta-User-Agent-Extended okta-signin-widget-5.3.3 Host okta.chipotle.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Accept application/json Cache-Control no-cache Referer https://okta.chipotle.com/signin/refresh-auth-state/00qk9mKZOhjoTtkNHt9VE8M18ajyIkizsnO37DDigv Sec-Fetch-Site same-origin Accept application/json Referer https://okta.chipotle.com/signin/refresh-auth-state/00qk9mKZOhjoTtkNHt9VE8M18ajyIkizsnO37DDigv X-Okta-User-Agent-Extended okta-signin-widget-5.3.3 Accept-Language en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers x-okta-request-id YRVz1q4L@dGz2gk48Y@VLwAACCA Date Thu, 12 Aug 2021 19:17:42 GMT Content-Encoding gzip x-rate-limit-limit 600 x-rate-limit-remaining 599 Transfer-Encoding chunked p3p CP="HONK" Connection Keep-Alive Vary Accept-Encoding,Origin x-xss-protection 0 pragma no-cache access-control-allow-headers Content-Type Server nginx expect-ct report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0 Strict-Transport-Security max-age=315360000; includeSubDomains Content-Type application/json access-control-allow-origin https://okta.chipotle.com cache-control no-cache, no-store access-control-allow-credentials true x-rate-limit-reset 1628795922 set-cookie sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ JSESSIONID=9D80030B1B6EDB6D4902D8B9D3C9505C; Path=/; Secure; HttpOnly Keep-Alive timeout=5, max=99 x-content-type-options nosniff expires 0
GET H2	200	montserrat-light-webfont.woff ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.3.3/font/	22 KB 22 KB	88ms 37ms	Font application/font-woff	52.222.139.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.3.3/font/montserrat-light-webfont.woff Requested by Host: ok7static.oktacdn.com URL: https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.3.3/css/okta-sign-in.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-44.ams50.r.cloudfront.net Software nginx / Resource Hash feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Origin https://okta.chipotle.com Referer https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.3.3/css/okta-sign-in.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 17:10:22 GMT via 1.1 559401aa49f4b835c1816ad004278e3e.cloudfront.net (CloudFront) age 180440 x-cache Hit from cloudfront content-length 22112 last-modified Wed, 03 Mar 2021 00:24:59 GMT server nginx etag "6225f3ca44b83090833064727a09cc95" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop AMS50-C1 accept-ranges bytes content-type application/font-woff x-amz-cf-id sBAltTd9SmWJlqFtigYuOQaXSYRlIm0ALC2O1K0wBrbI2lRMRDUMYw== expires Wed, 10 Aug 2022 17:10:22 GMT
GET H/1.1	200 OK	iframe.html Show response login.okta.com/discovery/ Frame 666C	546 B 986 B	113ms 19ms	Document text/html	143.204.98.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.okta.com/discovery/iframe.html Requested by Host: ok7static.oktacdn.com URL: https://ok7static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.de2a7ed7dca23249f4ab0af3eb4c9d0a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.98.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-65.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 893efca8616a32e2315c319fb7e78636634ff77379f7e6220c21ede088ee9f0a Request headers Host login.okta.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://okta.chipotle.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://okta.chipotle.com/ Response headers Content-Type text/html Content-Length 546 Connection keep-alive Last-Modified Thu, 05 Aug 2021 17:56:55 GMT Server AmazonS3 Date Thu, 12 Aug 2021 14:52:16 GMT ETag "953e10853c650e0e1662b7e24256ad76" X-Cache Hit from cloudfront Via 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id Hb3lsTxxK9YvJlFbnCwejjwQQ9FoapOFScdFDjW6LkY6U3nkugVvVg== Age 15927
GET H/1.1	200 OK	discoveryIframe-d662b785a6524906f1db.min.js Show response login.okta.com/lib/ Frame 666C	96 KB 96 KB	21ms 21ms	Script application/javascript	143.204.98.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.okta.com/lib/discoveryIframe-d662b785a6524906f1db.min.js Requested by Host: login.okta.com URL: https://login.okta.com/discovery/iframe.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.98.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-65.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 32fa94f1d4deaef904f6e3c2d6b74db6e813b2b323c386029ed72315007f24fe Request headers Referer https://login.okta.com/discovery/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 Aug 2021 07:21:45 GMT Via 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront) Last-Modified Thu, 05 Aug 2021 17:56:57 GMT Server AmazonS3 Age 42958 ETag "2c2055024824c671b474d98ba0bab013" X-Cache Hit from cloudfront Content-Type application/javascript Connection keep-alive X-Amz-Cf-Pop FRA50-C1 Content-Length 97891 X-Amz-Cf-Id IPEn7wpPdy-TTT6kBJpbpjC8KhPN8-zdfYbVEwsafcuEEz_RZgDOLQ==
GET DATA	200 OK	truncated /	196 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8caad8eae971752f1074e12117892fec5100e4b27ef3614307b6230f12d818d8 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	140 KB 140 KB		Font font/ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash afce756fd76bdde823a9855a67428c7dabeb2d7cc1ea437d9e567aa1ea1116a8 Request headers Origin https://okta.chipotle.com Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type font/ttf
GET DATA	200 OK	truncated /	95 KB 95 KB		Font font/ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ba358d29576c727a7ba49e257c25c7ac9f5bb2dd411000f47da5c7a29eb246e9 Request headers Origin https://okta.chipotle.com Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type font/ttf

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Backbone function| jQueryCourage function| OktaSignIn function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil object| config object| oktaSignIn object| OktaLogin object| jQBrowser

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			okta.chipotle.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 9D80030B1B6EDB6D4902D8B9D3C9505C
			okta.chipotle.com/	1970-01-19 20:26:39	Name: oktaStateToken Value: 00qk9mKZOhjoTtkNHt9VE8M18ajyIkizsnO37DDigv
			okta.chipotle.com/	1970-01-20 13:57:47	Name: DT Value: DI0zhrHaTcxSwOKNnr2UESbKA
			okta.chipotle.com/	1969-12-31 23:59:59	Name: t Value: red-dark

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://stg-customeradmin.chipotle.com/static/js/vendor.d3783d8db2a20ffbd949.js(Line 112) Message: [okta-auth-sdk] WARN: This browser doesn't support localStorage. Switching to sessionStorage.
console-api	warning	URL: https://stg-customeradmin.chipotle.com/static/js/vendor.d3783d8db2a20ffbd949.js(Line 112) Message: [okta-auth-sdk] WARN: This browser doesn't support localStorage. Switching to sessionStorage.
console-api	warning	URL: https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.3.3/js/okta-sign-in.min.js(Line 98) Message: [okta-auth-sdk] WARN: This browser doesn't support localStorage. Switching to sessionStorage.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
login.okta.com
ok11static.oktacdn.com
ok7static.oktacdn.com
okta.chipotle.com
oktauat.chipotle.com
stg-customeradmin.chipotle.com
143.204.98.65
143.204.98.97
2620:1ec:46::45
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
3.15.36.195
52.222.139.44
54.189.255.224
13816bd55be1b9cca7f395fd031723e9b81c62bdaf64c266340e433f5e356e07
1f655af7376dbfd961614a42291fcef4ce27c6080fa36d990040e09e8908d22e
32fa94f1d4deaef904f6e3c2d6b74db6e813b2b323c386029ed72315007f24fe
361cc62215cdb332dd0394ac32a1bad00cd0f54dd75b4bd35d10ad02f9676ce4
4a92592a10ee14828698950e3f4ce5d0b011fca631839c64d45f25637c7e2d1a
4d719370b8ba3952ebb56da70287190637f6e5c3c345aa4f022ecc47b668c05f
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
68ad574acf72798eb2dbbc11747ad88e16048f8797d410df3138e88dafc0ce2a
6ad0ad11086d50749bb41cf96cf712c1e61f458b4f6844f36f4ba21960417250
6e63a68cdf1db200b3792c5aed27065afcddf91bfb1f50e9312c1d7166b848ae
6ea4b42594980717d2e8df38a591cf56f4646a6176d35cdd4816bdf26d6cf8fb
7454b07514e89843a08b45cbf1547203f43de8453231e023758472216092e9b6
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
7e0df065d0c9978769a33396accd42d8751a173cef5261e54802c96475dac4b2
81f179fe271cf41bb25a2479e71e015cf71fad64d25641f07467e357d6252567
893efca8616a32e2315c319fb7e78636634ff77379f7e6220c21ede088ee9f0a
8caad8eae971752f1074e12117892fec5100e4b27ef3614307b6230f12d818d8
9c157b128f72e80385b304df9010368f50a1f8aaa5038a53d1ad4cc33ca462b5
a224e0a28793bad868b3c34ac3c59f2ac5ecce4f4f45168c07ba2e09c1b1b743
a38335f5e7f7fb70f13d77716ae2f360d385c8c92052f0d890a931574cca3e95
a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4
af480bafb544e2d74e7cc893982895e1e090b7f1feaa15a0ab2249b93b48ec74
afce756fd76bdde823a9855a67428c7dabeb2d7cc1ea437d9e567aa1ea1116a8
b004e774ba308b9457a68a16d4fa2eeff4eb126e15fc6fe7c0759a1593b8e9a3
b03ab66644aac3f5586848ac6289288a8bf2d4c84a0ab66f3bbf6765775b055f
b4078acf73ce16a847fda8357feb2bd2bce897dcb2fc1a07110ccfe8196077fb
ba358d29576c727a7ba49e257c25c7ac9f5bb2dd411000f47da5c7a29eb246e9
be6eb4b834dffb66e21c99d5fd77c2a97afb0c2400f9565204422637636f1e45
bf12919e330e9913d9b622bc69b6533a2c12cfdbc4b4b10cb83b4d5eacf2155f
f2c551a9a938ac9301a9fbc05ba981425354bf1e34c093b2e238f8948d12cf29
fd5a691d9a95fe43c13334ca33cb48045c4c6b5ac8d3042bfc8a482ae6f0e26f
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace