urlscan.io logo urlscan.io
SecurityTrails logo

aexp.okta.com Open in urlscan Pro
54.197.192.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://amex.co/mym
Effective URL: https://aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/saml
Submission: On May 03 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 9 HTTP transactions. The main IP is 54.197.192.168, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is aexp.okta.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on June 4th 2016. Valid for: 3 years.
This is the only time aexp.okta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.13 395224 (BITLY-AS)
1 2 64.94.98.230 14807 (SHNAC1)
1 54.197.192.168 14618 (AMAZON-AES)
4 52.85.184.163 16509 (AMAZON-02)
2 52.85.184.86 16509 (AMAZON-02)
1 52.85.184.78 16509 (AMAZON-02)
9 5
1    67.199.248.13 (United States)

ASN395224 (BITLY-AS - Bitly Inc, US)
amex.co
2    64.94.98.230 (United States)

ASN14807 (SHNAC1 - Skyhigh Networks Inc, US)
square.americanexpress.com
1    54.197.192.168 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: aexp-crtrs.okta.com
aexp.okta.com
4    52.85.184.163 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-184-163.fra2.r.cloudfront.net
ok2static.oktacdn.com
2    52.85.184.86 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-184-86.fra2.r.cloudfront.net
login.okta.com
1    52.85.184.78 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-184-78.fra2.r.cloudfront.net
ok2static.oktacdn.com
Apex Domain
Subdomains		 Transfer
5 oktacdn.com
ok2static.oktacdn.com
623 KB
3 okta.com
aexp.okta.com
login.okta.com
99 KB
2 americanexpress.com
square.americanexpress.com
5 KB
1 amex.co
amex.co
433 B
9 4
Domain Requested by
5 ok2static.oktacdn.com aexp.okta.com
2 login.okta.com ok2static.oktacdn.com
login.okta.com
2 square.americanexpress.com 1 redirects
1 aexp.okta.com
1 amex.co 1 redirects
9 5

This site contains links to these domains. Also see Links.

Domain
www.okta.com
Subject Issuer Validity Valid
square.americanexpress.com
DigiCert SHA2 Extended Validation Server CA		 2017-09-01 -
2019-09-06		 2 years crt.sh
*.okta.com
DigiCert SHA2 High Assurance Server CA		 2016-06-04 -
2019-07-10		 3 years crt.sh
accounts.okta.com
DigiCert SHA2 High Assurance Server CA		 2016-08-04 -
2019-08-09		 3 years crt.sh

This page contains 2 frames:

Primary Page: https://aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/saml
Frame ID: E3FB54279BCE92DBF26D4E8F102E1A94
Requests: 7 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: 42D173B8F3DE9990D8578EB09719BBB4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://amex.co/mym HTTP 302
    https://square.americanexpress.com/community/our-company/2018-womens-conference HTTP 302
    https://square.americanexpress.com/login.jspa?referer=%2Fcommunity%2Four-company%2F2018-womens-conference Page URL
  2. https://aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/saml Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i
Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i

Page Statistics

9
Requests

44 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

726 kB
Transfer

2122 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://amex.co/mym HTTP 302
    https://square.americanexpress.com/community/our-company/2018-womens-conference HTTP 302
    https://square.americanexpress.com/login.jspa?referer=%2Fcommunity%2Four-company%2F2018-womens-conference Page URL
  2. https://aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/saml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://amex.co/mym HTTP 302
  • https://square.americanexpress.com/community/our-company/2018-womens-conference HTTP 302
  • https://square.americanexpress.com/login.jspa?referer=%2Fcommunity%2Four-company%2F2018-womens-conference

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set login.jspa
square.americanexpress.com/
Redirect Chain
  • http://amex.co/mym
  • https://square.americanexpress.com/community/our-company/2018-womens-conference
  • https://square.americanexpress.com/login.jspa?referer=%2Fcommunity%2Four-company%2F2018-womens-conference
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://square.americanexpress.com/login.jspa?referer=%2Fcommunity%2Four-company%2F2018-womens-conference
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.94.98.230 , United States, ASN14807 (SHNAC1 - Skyhigh Networks Inc, US),
Reverse DNS
Software
nginx/1.9.3 /
Resource Hash
8b94e6b92ae49eb60fb9559694ac6e44c9c9a931e7d1002066cbfcdda2bdb7de
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
square.americanexpress.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Cookie
jive.login.ts=1525325297655; JSESSIONID=6288C188B147296162CDA6B2631A928D; jive.security.context=fGJjAeacy8TiSzErtrvHnP//////////MHp/+1SQnal+1O+fz0tlcSidvOpRBgMAfNyk3LjDI2hZGxfjV+aHocN8wa8upGoFmzImc7fepgmc59BHFi+GZEJRwwAU7bhe; BIGipServerpool_americanexpress.hosted.jivesoftware.com=3004541962.20480.0000
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 03 May 2018 05:28:20 GMT
Content-Encoding
gzip
X-Jive-Request-Id
c8f56fc0-4e92-11e8-8329-0050568b31ec
P3P
CP="CAO PSA OUR"
Set-Cookie
jive.security.context=TEbzAfHBzNwVSYevqMScHP//////////QTTtfEuLOTVhRGCA457+hb2WRlk1MQ/Y+mIIUbPHgCWvlw8YwtbthfVGq7VCh5jWGzawBSktCvthByk6/mog10YUI0R7gmuC; Expires=Fri, 04-May-2018 05:28:18 GMT; Path=/; HttpOnly SHN-VH-session=b9f91f60-2214-496b-abf1-dcafed13a546|1525327100093; Path=/; Domain=.square.americanexpress.com
Connection
keep-alive
X-JSL
D=177143 t=1525325297851187
Content-Length
2576
Pragma
no-cache
Server
nginx/1.9.3
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/html;charset=UTF-8
Cache-control
no-cache, no-store, no-store, no-cache, must-revalidate, private, max-age=0
X-SkyHigh-Version
BuildNumber=50, BuildDate=2018-04-16 18:14
X-Robots-Tag
none
X-Jive-Flow-Id
c8f56fc1-4e92-11e8-8329-0050568b31ec
Expires
Thu, 03 May 2018 05:28:17 GMT

Redirect headers

Date
Thu, 03 May 2018 05:28:19 GMT
Content-Encoding
gzip
X-Jive-Request-Id
c8d76070-4e92-11e8-8329-0050568b31ec
Content-Type
text/html;charset=UTF-8
P3P
CP="CAO PSA OUR"
Set-Cookie
jive.login.ts=1525325297655; Expires=Fri, 04-May-2018 05:28:17 GMT; Path=/; HttpOnly JSESSIONID=6288C188B147296162CDA6B2631A928D; Path=/; Secure; HttpOnly jive.security.context=fGJjAeacy8TiSzErtrvHnP//////////MHp/+1SQnal+1O+fz0tlcSidvOpRBgMAfNyk3LjDI2hZGxfjV+aHocN8wa8upGoFmzImc7fepgmc59BHFi+GZEJRwwAU7bhe; Expires=Fri, 04-May-2018 05:28:17 GMT; Path=/; HttpOnly BIGipServerpool_americanexpress.hosted.jivesoftware.com=3004541962.20480.0000; path=/
Connection
keep-alive
X-JSL
D=8689 t=1525325297654193
Content-Length
20
Server
nginx/1.9.3
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Language
en-US
Location
/login.jspa?referer=%2Fcommunity%2Four-company%2F2018-womens-conference
X-JIVE-USER-ID
-1
Cache-Control
no-store, no-cache, must-revalidate, private, max-age=0
X-SkyHigh-Version
BuildNumber=50, BuildDate=2018-04-16 18:14
X-Robots-Tag
none
X-Jive-Flow-Id
c8d76071-4e92-11e8-8329-0050568b31ec
Expires
Thu, 03 May 2018 05:28:17 GMT
Primary Request Cookie set saml
aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/ 		15 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/saml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.192.168 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
aexp-crtrs.okta.com
Software
nginx /
Resource Hash
c16fc6f6e102f60318cf94b03c1571496b889192ed09083cb2c0dd5462cf0c8a
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Origin
https://square.americanexpress.com
Accept-Encoding
gzip, deflate
Host
aexp.okta.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Referer
https://square.americanexpress.com/login.jspa?referer=%2Fcommunity%2Four-company%2F2018-womens-conference
Connection
keep-alive
Content-Length
882
Referer
https://square.americanexpress.com/login.jspa?referer=%2Fcommunity%2Four-company%2F2018-womens-conference
Origin
https://square.americanexpress.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

X-Okta-Request-Id
Wuqd8j1-sjTAoizx8PvfIwAABQw
Date
Thu, 03 May 2018 05:28:18 GMT
Content-Encoding
gzip
X-Rate-Limit-Limit
10000
Content-Type
text/html;charset=utf-8
X-Rate-Limit-Remaining
9783
Transfer-Encoding
chunked
P3P
CP="HONK"
Connection
Keep-Alive
Vary
Accept-Encoding
X-UA-Compatible
IE=edge
Pragma
no-cache
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=315360000
X-Okta-backend
ok2-majorapp02b.aue1p.saasure.com ok2-majorapp02b.aue1p.saasure.com
Content-Language
en
Cache-Control
no-cache, no-store
Public-Key-Pins-Report-Only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"
Set-Cookie
ADRUM_BTa="R:105|g:981c1427-f8e9-4b3a-b174-5b0ff88d890f"; Version=1; Max-Age=30; Expires=Thu, 03-May-2018 05:28:48 GMT; Path=/ ADRUM_BTa="R:105|g:981c1427-f8e9-4b3a-b174-5b0ff88d890f|n:Okta_6d5b1e30-d05a-4894-a37b-81b5f6c60e0e"; Version=1; Max-Age=30; Expires=Thu, 03-May-2018 05:28:48 GMT; Path=/ ADRUM_BT1="R:105|i:1083"; Version=1; Max-Age=30; Expires=Thu, 03-May-2018 05:28:48 GMT; Path=/ ADRUM_BT1="R:105|i:1083|e:81"; Version=1; Max-Age=30; Expires=Thu, 03-May-2018 05:28:48 GMT; Path=/ sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ JSESSIONID=6ABB975EBF02C1993188905C136902C9; Path=/; HttpOnly t=default; Path=/
X-Rate-Limit-Reset
1525325338
X-Robots-Tag
none
Keep-Alive
timeout=5, max=100
Expires
0
okta-login-page.min.d029e518b9b3ca1cd273b982139726f2.css
ok2static.oktacdn.com/assets/loginpage/css/ 		219 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok2static.oktacdn.com/assets/loginpage/css/okta-login-page.min.d029e518b9b3ca1cd273b982139726f2.css
Requested by
Host: aexp.okta.com
URL: https://aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/saml
Protocol
SPDY
Server
52.85.184.163 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-184-163.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
f0730cdeb7fd3555596fbc00081a0474a2a6490886ef5393f26952d0691cd298
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
https://aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 20 Apr 2018 00:05:15 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1142583
x-cache
Hit from cloudfront
status
200
last-modified
Wed, 18 Apr 2018 01:44:20 GMT
server
nginx
etag
W/"5ad6a2f4-36ab4"
strict-transport-security
max-age=315360000
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"
via
1.1 7a5407bd3564d5f8494603c5f2d0661f.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
content-type
text/css
x-amz-cf-id
jYXBkdurFq6TpQiqGTWjcQ6P0ZEoDsRMYB5SCOdgXXeZi1do36mTNQ==
expires
Sat, 20 Apr 2019 00:05:15 GMT
jive60.856617bc7b81f9f167290c045b1e35b6.png
ok2static.oktacdn.com/assets/img/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok2static.oktacdn.com/assets/img/logos/jive60.856617bc7b81f9f167290c045b1e35b6.png
Requested by
Host: aexp.okta.com
URL: https://aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/saml
Protocol
SPDY
Server
52.85.184.163 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-184-163.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
57b73deab78891da805983872707ce3a8250512fe99a22629d1262b23c314f6e

Request headers

Referer
https://aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 18 Aug 2017 07:55:16 GMT
via
1.1 7a5407bd3564d5f8494603c5f2d0661f.cloudfront.net (CloudFront)
age
22282381
x-cache
Hit from cloudfront
status
200
content-length
1537
last-modified
Sat, 12 Aug 2017 01:44:12 GMT
server
nginx
etag
"598e5d6c-601"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
P2j-cBv0hzBeMaRO4nEBn1YWJmya_b9LvG12rOtUl1kTSwxkgeL1mA==
expires
Sat, 18 Aug 2018 07:55:16 GMT
initLoginPage.pack.8eb5f472624f2ba2474eac9b8e8773ab.js
ok2static.oktacdn.com/assets/js/mvc/loginpage/ 		2 MB
556 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok2static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.8eb5f472624f2ba2474eac9b8e8773ab.js
Requested by
Host: aexp.okta.com
URL: https://aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/saml
Protocol
SPDY
Server
52.85.184.163 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-184-163.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
a7fd049c86d696feb2421427256e1d1ddaf498820d14145a87cc46264f247720
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
https://aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 03 May 2018 00:07:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
19223
x-cache
Hit from cloudfront
status
200
last-modified
Fri, 27 Apr 2018 16:36:36 GMT
server
nginx
etag
W/"5ae35194-1b9287"
strict-transport-security
max-age=315360000
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"
via
1.1 7a5407bd3564d5f8494603c5f2d0661f.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
content-type
application/javascript
x-amz-cf-id
xh47itKzJFmj1oLvUnA7Zom4k2jd4KtND_MvZMbHPNznEJHTyhz16Q==
expires
Fri, 03 May 2019 00:07:55 GMT
fileStoreRecord
ok2static.oktacdn.com/bc/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok2static.oktacdn.com/bc/image/fileStoreRecord?id=fs04hmwxad5mjSgE40x7
Protocol
SPDY
Server
52.85.184.163 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-184-163.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
873c4a558518b4627a36a4b1b67d3d4dd2000893c3b1d60f1dc48e58570ee3dc
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
https://aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

x-okta-request-id
Wipq-CDfzB4EMf9NDtuv9AAADok
date
Fri, 08 Dec 2017 10:35:40 GMT
via
1.1 7a5407bd3564d5f8494603c5f2d0661f.cloudfront.net (CloudFront)
x-rate-limit-limit
10000
content-type
image/png
x-rate-limit-remaining
9995
age
1703477
x-cache
Hit from cloudfront
p3p
CP="HONK"
status
200
content-length
3403
last-modified
Thu, 10 Mar 2016 05:24:56 GMT
server
nginx
strict-transport-security
max-age=315360000
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-rate-limit-reset
1512729399
x-robots-tag
none
x-amz-cf-id
1zjhj6rvn6VKS7OxRbbOp6Ho9v-72nK1NUPEC-74BU7E5bX4lhvL8g==
expires
Sat, 08 Dec 2018 10:35:40 GMT
iframe.html
login.okta.com/discovery/ Frame 42D1 		531 B
947 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: ok2static.oktacdn.com
URL: https://ok2static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.8eb5f472624f2ba2474eac9b8e8773ab.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.184.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-184-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53049caf5bff4bc85495b9c230e5ce6f5c242f107e1946c2e5817f975d78a3c4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
login.okta.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/saml
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
https://aexp.okta.com/app/jive60/exkdpvnryoaVOv50y0x7/sso/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 05 Apr 2018 18:12:57 GMT
Via
1.1 f51b809c33f0bb5b1d5504f4df0c0a3f.cloudfront.net (CloudFront)
Last-Modified
Thu, 05 Apr 2018 18:12:49 GMT
Server
AmazonS3
Age
40460
ETag
"132efefaaa286b4e274e17c34c8ff86b"
X-Cache
Hit from cloudfront
Content-Type
text/html
Connection
keep-alive
Content-Length
531
X-Amz-Cf-Id
Bj1QnufIc6S0pIqFTeFaGUNeC0Nrd2RHVMzOqd1LMNNkCoBblLnISQ==
okticon.db28723126138387cdf40680e6e0fa5d.woff
ok2static.oktacdn.com/assets/loginpage/font/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok2static.oktacdn.com/assets/loginpage/font/okticon.db28723126138387cdf40680e6e0fa5d.woff
Protocol
SPDY
Server
52.85.184.78 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-184-78.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://ok2static.oktacdn.com/assets/loginpage/css/okta-login-page.min.d029e518b9b3ca1cd273b982139726f2.css
Origin
https://aexp.okta.com

Response headers

date
Wed, 13 Dec 2017 03:47:57 GMT
via
1.1 1a483cde6df004748f3e5c80dc46df26.cloudfront.net (CloudFront)
age
12188422
x-cache
Hit from cloudfront
status
200
content-length
20600
last-modified
Thu, 30 Nov 2017 22:15:08 GMT
server
nginx
etag
"5a2082ec-5078"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/font-woff
x-amz-cf-id
0ez5pF75W2-ptYKR5FgCh7FAjZA4O1OXRp3mwMcgldkAA6GRRFKrWA==
expires
Thu, 13 Dec 2018 03:47:57 GMT
discoveryIframe-a3766d114bdf498ab637.min.js
login.okta.com/lib/ Frame 42D1 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/lib/discoveryIframe-a3766d114bdf498ab637.min.js
Requested by
Host: login.okta.com
URL: https://login.okta.com/discovery/iframe.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.184.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-184-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20df1aa0e5f0da1d4005255d01257dfc8d34a6aec3e9c2dcdb875360af46ca47

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
login.okta.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://login.okta.com/discovery/iframe.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://login.okta.com/discovery/iframe.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 05 Apr 2018 18:12:57 GMT
Via
1.1 f51b809c33f0bb5b1d5504f4df0c0a3f.cloudfront.net (CloudFront)
Last-Modified
Thu, 05 Apr 2018 18:12:49 GMT
Server
AmazonS3
Age
40475
ETag
"55a8af21bd703a2d369c8c98370a23f8"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Content-Length
92755
X-Amz-Cf-Id
SHEaudqZ5EvDiipXwyQhpeZ7hr0EfQcbtk1wuYcQZMDPbEHHfwp9Eg==

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| okta function| runLoginPage object| OktaLogin object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| jQBrowser function| jQueryCourage object| Backbone

4 Cookies

Domain/Path Name / Value
aexp.okta.com/ Name: t
Value: default
aexp.okta.com/ Name: JSESSIONID
Value: 6ABB975EBF02C1993188905C136902C9
aexp.okta.com/ Name: ADRUM_BT1
Value: "R:105|i:1083|e:81"
aexp.okta.com/ Name: ADRUM_BTa
Value: "R:105|g:981c1427-f8e9-4b3a-b174-5b0ff88d890f|n:Okta_6d5b1e30-d05a-4894-a37b-81b5f6c60e0e"

1 Console Messages

Source Level URL
Text
console-api log URL: https://ok2static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.8eb5f472624f2ba2474eac9b8e8773ab.js(Line 26695)
Message:
[okta-auth-sdk] WARN: This browser doesn't support localStorage. Switching to sessionStorage.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN