urlscan.io logo urlscan.io
SecurityTrails logo

xero.okta.com Open in urlscan Pro
3.33.201.229  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://axiom.xero-support.com/
Effective URL: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1h0l3vh4mAl8nH0h8&nonce=iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJ...
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On September 09 via api from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 29 HTTP transactions. The main IP is 3.33.201.229, located in United States and belongs to AMAZON-02, US. The main domain is xero.okta.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 22nd 2023. Valid for: a year.
This is the only time xero.okta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 95.101.111.130 20940 (AKAMAI-ASN1)
3 95.101.111.173 20940 (AKAMAI-ASN1)
1 23.206.209.78 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 3.33.201.229 16509 (AMAZON-02)
2 108.138.7.107 16509 (AMAZON-02)
29 9
1    95.101.111.130 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-130.deploy.static.akamaitechnologies.com
axiom.xero-support.com
3    95.101.111.173 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-173.deploy.static.akamaitechnologies.com
axiom.xero-support.com
1    23.206.209.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-209-78.deploy.static.akamaitechnologies.com
edge.xero.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
16    3.33.201.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: a89c2f8ab8ab01436.awsglobalaccelerator.com
xero.okta.com
2    108.138.7.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-107.fra56.r.cloudfront.net
login.okta.com
Apex Domain
Subdomains		 Transfer
18 okta.com
xero.okta.com
login.okta.com — Cisco Umbrella Rank: 5198
1 MB
4 xero-support.com
axiom.xero-support.com
503 KB
2 gstatic.com
fonts.gstatic.com
64 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
21 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
351 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
980 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
51 KB
1 xero.com
edge.xero.com — Cisco Umbrella Rank: 41154
24 KB
29 8
Domain Requested by
16 xero.okta.com axiom.xero-support.com
xero.okta.com
4 axiom.xero-support.com 1 redirects axiom.xero-support.com
2 login.okta.com xero.okta.com
login.okta.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com axiom.xero-support.com
1 stats.g.doubleclick.net axiom.xero-support.com
1 fonts.googleapis.com axiom.xero-support.com
1 www.googletagmanager.com axiom.xero-support.com
1 edge.xero.com axiom.xero-support.com
29 9

This site contains links to these domains. Also see Links.

Domain
www.okta.com
Subject Issuer Validity Valid
topology.xero-support.com
R3		 2023-09-08 -
2023-12-07		 3 months crt.sh
*.xero.com
GeoTrust RSA CA 2018		 2023-07-17 -
2024-07-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.okta.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-22 -
2024-04-12		 a year crt.sh
accounts.okta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2024-07-24		 a year crt.sh

This page contains 2 frames:

Primary Page: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1h0l3vh4mAl8nH0h8&nonce=iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJQo6Dc34HLN8X3ZcOybpY3BoZcoqxhzk2D&redirect_uri=https%3A%2F%2Faxiom.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=QeHJdfFulExEN317u9FGkxEEIwuTAgfppegIwBUNEN8HejNyjd9Kgr9a0hKoIXJ6&scope=openid%20email%20profile
Frame ID: 7FE0B8E911DE42D79758E98098BFCFCC
Requests: 27 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: FAC9B3A9D14F56170F170273B24491E2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Xero - Se connecter

Page URL History Show full URLs

  1. http://axiom.xero-support.com/ HTTP 301
    https://axiom.xero-support.com/ Page URL
  2. https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1h0l3vh4mAl8nH0h8&nonce=iNZgRQtI5KL... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

29
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

1980 kB
Transfer

5305 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://axiom.xero-support.com/ HTTP 301
    https://axiom.xero-support.com/ Page URL
  2. https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1h0l3vh4mAl8nH0h8&nonce=iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJQo6Dc34HLN8X3ZcOybpY3BoZcoqxhzk2D&redirect_uri=https%3A%2F%2Faxiom.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=QeHJdfFulExEN317u9FGkxEEIwuTAgfppegIwBUNEN8HejNyjd9Kgr9a0hKoIXJ6&scope=openid%20email%20profile Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://axiom.xero-support.com/ HTTP 301
  • https://axiom.xero-support.com/

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
axiom.xero-support.com/
Redirect Chain
  • http://axiom.xero-support.com/
  • https://axiom.xero-support.com/
28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://axiom.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-173.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
57e9cc94b325b2211125ef757100ff0ec5543a3dd4fadca8ffa4f25ebac6b87b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=0
content-encoding
gzip
content-length
10289
content-type
text/html
date
Sat, 09 Sep 2023 03:04:05 GMT
etag
"153b9fad0232a4b537c6aeb3819a1699"
expires
Sat, 09 Sep 2023 03:04:05 GMT
last-modified
Tue, 31 May 2022 03:52:51 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-id-2
QEgQLdtvaCT/EAWgVI4PsreJQWYjKh7B491BkVrKP+ivG5ULTH+AwqD4aPS2KonQWf00tY7Yvw0=
x-amz-request-id
S4S1YVA9Y07PN8TN

Redirect headers

Cache-Control
max-age=0
Connection
keep-alive
Content-Length
0
Date
Sat, 09 Sep 2023 03:04:04 GMT
Expires
Sat, 09 Sep 2023 03:04:04 GMT
Location
https://axiom.xero-support.com/
Server
AkamaiGHost
xui.min.css
edge.xero.com/style/xui/19.5.1/ 		245 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/style/xui/19.5.1/xui.min.css
Requested by
Host: axiom.xero-support.com
URL: https://axiom.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.209.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-209-78.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
211769e41e3a976822b3ef6c2624f5fd766d455628bd2b0c63776cbc7ac677e9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://axiom.xero-support.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
bxw5EM2nxRr6sOlJdyDg3yAc91yJZP19
content-encoding
br
date
Sat, 09 Sep 2023 03:04:05 GMT
x-amz-request-id
294YCS5Y36AYC4VR
x-amz-replication-status
COMPLETED
content-length
24006
x-amz-id-2
ijJb26GEkXn+em2T7iLy85xuX0vX+mdpqPen/FpGFOjOQLL1+Catrg/501/NspGIB7Gvn9yX2RI=
last-modified
Wed, 06 Sep 2023 01:53:15 GMT
server
Akamai Resource Optimizer
etag
"f2fd3cdc882651b20e30c1885c4abd41"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=7775926
accept-ranges
bytes
main.29fca65d.js
axiom.xero-support.com/static/js/ 		2 MB
462 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://axiom.xero-support.com/static/js/main.29fca65d.js
Requested by
Host: axiom.xero-support.com
URL: https://axiom.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-173.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://axiom.xero-support.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:04:05 GMT
content-encoding
gzip
last-modified
Tue, 31 May 2022 03:52:51 GMT
server
AmazonS3
x-amz-request-id
203CXA1CWKAEH33A
etag
"47e80207e79e2bb53a550a7000203cea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0
accept-ranges
bytes
x-amz-id-2
XEecteOX5ZSEA0E7QmAjGWSc23b09RplSCHLsc3BiDBDQrAuchqvWr7CLKQxSYr4idHQz77CsjQ=
expires
Sat, 09 Sep 2023 03:04:05 GMT
main.e932312d.css
axiom.xero-support.com/static/css/ 		236 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://axiom.xero-support.com/static/css/main.e932312d.css
Requested by
Host: axiom.xero-support.com
URL: https://axiom.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-173.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
39ad150f2e64b3802321235c18a7aada3a7aa36b741eb8b0c57f682717959ba2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://axiom.xero-support.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:04:05 GMT
content-encoding
gzip
last-modified
Tue, 31 May 2022 03:52:51 GMT
server
AmazonS3
x-amz-request-id
0BR63JWYPJJJT8WP
etag
"1023ee6ed3c6d1f263e944f43acc1d8e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=82046
accept-ranges
bytes
content-length
30259
x-amz-id-2
OE44hKVPw3d29P1+FtsherZMOhjo2PNcWvRChh889Y/xYhKQqxedioH6Kn6H3rU4xEgIbBHwBKc=
expires
Sun, 10 Sep 2023 01:51:31 GMT
gtm.js
www.googletagmanager.com/ 		130 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NBZLWK3
Requested by
Host: axiom.xero-support.com
URL: https://axiom.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bcf5c427b3828050839f41c71edb4141f5da9ab0107c0d03d97d3f44dcce3453
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://axiom.xero-support.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:04:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51390
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Sep 2023 03:04:05 GMT
css
fonts.googleapis.com/ 		3 KB
980 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:400,700
Requested by
Host: axiom.xero-support.com
URL: https://axiom.xero-support.com/static/css/main.e932312d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22f9f53b2cbc7abcbb3ee7c7d4a96b5ea899deabaf7771e5856ec866f19b2fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://axiom.xero-support.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Sep 2023 03:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 02:32:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Sep 2023 03:04:05 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: axiom.xero-support.com
URL: https://axiom.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://axiom.xero-support.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 01:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4462
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 09 Sep 2023 03:49:43 GMT
collect
www.google-analytics.com/j/ 		4 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=321557036&t=pageview&_s=1&dl=https%3A%2F%2Faxiom.xero-support.com%2F&ul=en-us&de=UTF-8&dt=Axiom&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1880697425&gjid=462518769&cid=1131051733.1694228646&tid=UA-3776042-54&_gid=1167699659.1694228646&_r=1&_slc=1&gtm=45He3960n81NBZLWK3&z=1044993408
Requested by
Host: axiom.xero-support.com
URL: https://axiom.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://axiom.xero-support.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 03:04:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://axiom.xero-support.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3776042-54&cid=1131051733.1694228646&jid=1880697425&gjid=462518769&_gid=1167699659.1694228646&_u=YEBAAAAAAAAAAC~&z=1938157103
Requested by
Host: axiom.xero-support.com
URL: https://axiom.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://axiom.xero-support.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 09 Sep 2023 03:04:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://axiom.xero-support.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://axiom.xero-support.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 04:09:19 GMT
x-content-type-options
nosniff
age
600887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:05:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 04:09:19 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://axiom.xero-support.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 19:14:59 GMT
x-content-type-options
nosniff
age
28147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 19:14:59 GMT
Primary Request authorize
xero.okta.com/oauth2/default/v1/ 		24 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1h0l3vh4mAl8nH0h8&nonce=iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJQo6Dc34HLN8X3ZcOybpY3BoZcoqxhzk2D&redirect_uri=https%3A%2F%2Faxiom.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=QeHJdfFulExEN317u9FGkxEEIwuTAgfppegIwBUNEN8HejNyjd9Kgr9a0hKoIXJ6&scope=openid%20email%20profile
Requested by
Host: axiom.xero-support.com
URL: https://axiom.xero-support.com/static/js/main.29fca65d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e650e9d2b03a3ba0306224b99fe361f93e6217c55841768d40152e66ff7d402a
Security Headers
Name Value
Content-Security-Policy default-src 'self' xero.okta.com *.oktacdn.com; connect-src 'self' xero.okta.com xero-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com xero.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' xero.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' xero.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' xero.okta.com xero-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' xero.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' xero.okta.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://axiom.xero-support.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-language
fr
content-security-policy
default-src 'self' xero.okta.com *.oktacdn.com; connect-src 'self' xero.okta.com xero-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com xero.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' xero.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' xero.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' xero.okta.com xero-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' xero.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' xero.okta.com data: *.oktacdn.com fonts.gstatic.com
content-type
text/html;charset=utf-8
date
Sat, 09 Sep 2023 03:04:06 GMT
expires
0
p3p
CP="HONK"
pragma
no-cache
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-okta-request-id
ZPvgplRIfWdWQB6i7my3lgAAB3c
x-rate-limit-limit
2000
x-rate-limit-remaining
1954
x-rate-limit-reset
1694228674
x-robots-tag
noindex,nofollow
x-ua-compatible
IE=edge
x-xss-protection
0
okta-sign-in.min.js
xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/js/ 		2 MB
477 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/js/okta-sign-in.min.js
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1h0l3vh4mAl8nH0h8&nonce=iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJQo6Dc34HLN8X3ZcOybpY3BoZcoqxhzk2D&redirect_uri=https%3A%2F%2Faxiom.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=QeHJdfFulExEN317u9FGkxEEIwuTAgfppegIwBUNEN8HejNyjd9Kgr9a0hKoIXJ6&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
b078b4439ac28390fa15c166a410d9d317a7cb528f4162491b2e2169122100ed
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:04:06 GMT
x-amz-meta-sha1sum
177593f1d7587ba81e38de5e73a79cb25ff653ee
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Tue, 29 Aug 2023 02:19:32 GMT
server
nginx
etag
W/"2886ed018e3f5882013a05e53d0fcf63"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
expires
Sun, 08 Sep 2024 03:04:06 GMT
okta-sign-in.min.css
xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/css/ 		216 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/css/okta-sign-in.min.css
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1h0l3vh4mAl8nH0h8&nonce=iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJQo6Dc34HLN8X3ZcOybpY3BoZcoqxhzk2D&redirect_uri=https%3A%2F%2Faxiom.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=QeHJdfFulExEN317u9FGkxEEIwuTAgfppegIwBUNEN8HejNyjd9Kgr9a0hKoIXJ6&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
b072d9b98bfc6d4992e142b940f4f4860156c4464227c9e1e5e5c37e53cf1457
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:04:06 GMT
x-amz-meta-sha1sum
3ae13bad2268aa3198c24b8ad9709ce5b25254f7
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Tue, 29 Aug 2023 02:18:17 GMT
server
nginx
etag
W/"07655b3f2b8b24a071727f94f566a06e"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
expires
Sun, 08 Sep 2024 03:04:06 GMT
loginpage-theme.c1227d73b70be13e51aae80fe238b0ae.css
xero.okta.com/assets/loginpage/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/assets/loginpage/css/loginpage-theme.c1227d73b70be13e51aae80fe238b0ae.css
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1h0l3vh4mAl8nH0h8&nonce=iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJQo6Dc34HLN8X3ZcOybpY3BoZcoqxhzk2D&redirect_uri=https%3A%2F%2Faxiom.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=QeHJdfFulExEN317u9FGkxEEIwuTAgfppegIwBUNEN8HejNyjd9Kgr9a0hKoIXJ6&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e1e44d4c36b5065da95f5c9fba78d36deb4a28e09751ae05aa1675121041af51
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:04:06 GMT
x-amz-meta-sha1sum
db76514c4942184db3baedf6ac119ff9538368fc
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Tue, 07 Feb 2023 00:39:41 GMT
server
nginx
etag
W/"c1227d73b70be13e51aae80fe238b0ae"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
expires
Sun, 08 Sep 2024 03:04:06 GMT
style-sheet
xero.okta.com/api/internal/brand/theme/ 		556 B
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=abc4780733b2999dc5536ea4bf18a7237d32beafe91e2f7611b8af3ecb8ae0d0dfb208992a3b1ecefd0c0f9333f4b59d
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1h0l3vh4mAl8nH0h8&nonce=iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJQo6Dc34HLN8X3ZcOybpY3BoZcoqxhzk2D&redirect_uri=https%3A%2F%2Faxiom.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=QeHJdfFulExEN317u9FGkxEEIwuTAgfppegIwBUNEN8HejNyjd9Kgr9a0hKoIXJ6&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
9af30b5e4695010f9be253f861784e638c81274ca0390214629886029ca9b509
Security Headers
Name Value
Content-Security-Policy default-src 'self' xero.okta.com *.oktacdn.com; connect-src 'self' xero.okta.com xero-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com xero.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' xero.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' xero.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' xero.okta.com xero-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' xero.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' xero.okta.com data: *.oktacdn.com fonts.gstatic.com; report-uri https://oktacsp.report-uri.com/r/t/csp/enforce; report-to csp
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-okta-request-id
ZPvgpkVqmnQTbCv25cvD0wAAC4A
date
Sat, 09 Sep 2023 03:04:06 GMT
content-security-policy
default-src 'self' xero.okta.com *.oktacdn.com; connect-src 'self' xero.okta.com xero-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com xero.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' xero.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' xero.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' xero.okta.com xero-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' xero.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' xero.okta.com data: *.oktacdn.com fonts.gstatic.com; report-uri https://oktacsp.report-uri.com/r/t/csp/enforce; report-to csp
x-rate-limit-limit
2400
x-content-type-options
nosniff
content-encoding
gzip
x-rate-limit-remaining
2396
strict-transport-security
max-age=315360000; includeSubDomains
content-security-policy-report-only
default-src 'self' xero.okta.com *.oktacdn.com; connect-src 'self' xero.okta.com xero-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com xero.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' xero.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' xero.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' xero.okta.com xero-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' xero.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' xero.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
p3p
CP="HONK"
x-xss-protection
0
server
nginx
vary
Accept-Encoding
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://oktacsp.report-uri.com/a/t/g"}],"include_subdomains":true}
content-type
text/css
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-rate-limit-reset
1694228689
cache-control
max-age=31536000, must-revalidate
expires
Sun, 08 Sep 2024 03:04:06 GMT
fs01h11mknbFcNz9l0h8
xero.okta.com/fs/bco/4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xero.okta.com/fs/bco/4/fs01h11mknbFcNz9l0h8
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1h0l3vh4mAl8nH0h8&nonce=iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJQo6Dc34HLN8X3ZcOybpY3BoZcoqxhzk2D&redirect_uri=https%3A%2F%2Faxiom.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=QeHJdfFulExEN317u9FGkxEEIwuTAgfppegIwBUNEN8HejNyjd9Kgr9a0hKoIXJ6&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
047eb825ddf81aa61d5b13d1ae2794c5a142287a1f749a31616a7494b8e4a849
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:04:07 GMT
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Wed, 17 Jul 2019 21:19:40 GMT
server
nginx
etag
"c69a9ace4b9e8f2cce8ac609ff59d784"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-length
2759
expires
Sun, 08 Sep 2024 03:04:07 GMT
fs02vl8jezDJFANBZSJW
xero.okta.com/fs/bco/1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xero.okta.com/fs/bco/1/fs02vl8jezDJFANBZSJW
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1h0l3vh4mAl8nH0h8&nonce=iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJQo6Dc34HLN8X3ZcOybpY3BoZcoqxhzk2D&redirect_uri=https%3A%2F%2Faxiom.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=QeHJdfFulExEN317u9FGkxEEIwuTAgfppegIwBUNEN8HejNyjd9Kgr9a0hKoIXJ6&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
4aab00468ab032ab934c1e40174b176781b64df67d256203d1d44e1d9bc84bda
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:04:07 GMT
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Tue, 16 Jul 2019 19:33:37 GMT
server
nginx
etag
"0de2590a902e0af182998e4ffeca09d3"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-length
1635
expires
Sun, 08 Sep 2024 03:04:07 GMT
initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js
xero.okta.com/assets/js/mvc/loginpage/ 		204 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/assets/js/mvc/loginpage/initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1h0l3vh4mAl8nH0h8&nonce=iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJQo6Dc34HLN8X3ZcOybpY3BoZcoqxhzk2D&redirect_uri=https%3A%2F%2Faxiom.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=QeHJdfFulExEN317u9FGkxEEIwuTAgfppegIwBUNEN8HejNyjd9Kgr9a0hKoIXJ6&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
bb7b04fe7a146c5260e3f1a82db4c675c3d41f53f0fe4fb7517840cef54f2b0b
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
Origin
https://xero.okta.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:04:07 GMT
x-amz-meta-sha1sum
34f075e4d0f6b20eb712a2053d423869bb60771b
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Mon, 10 Jul 2023 22:04:34 GMT
server
nginx
etag
W/"d05a8c2e6bdf6d212b92af4d6b9cfefe"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
expires
Sun, 08 Sep 2024 03:04:07 GMT
fs01t8m28ccI2DKPL0h8
xero.okta.com/fs/bco/7/ 		406 KB
407 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xero.okta.com/fs/bco/7/fs01t8m28ccI2DKPL0h8
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1h0l3vh4mAl8nH0h8&nonce=iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJQo6Dc34HLN8X3ZcOybpY3BoZcoqxhzk2D&redirect_uri=https%3A%2F%2Faxiom.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=QeHJdfFulExEN317u9FGkxEEIwuTAgfppegIwBUNEN8HejNyjd9Kgr9a0hKoIXJ6&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
8268220ac9eaf2ad57ea4d7be800aaa1505f982f9da03b892b4c4499e9d886d6
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1h0l3vh4mAl8nH0h8&nonce=iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJQo6Dc34HLN8X3ZcOybpY3BoZcoqxhzk2D&redirect_uri=https%3A%2F%2Faxiom.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=QeHJdfFulExEN317u9FGkxEEIwuTAgfppegIwBUNEN8HejNyjd9Kgr9a0hKoIXJ6&scope=openid%20email%20profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:04:07 GMT
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Fri, 01 Sep 2023 15:59:21 GMT
server
nginx
etag
"e5b45563da4fbe4c2e14a6012be6b06c"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-length
415675
expires
Sun, 08 Sep 2024 03:04:07 GMT
iframe.html
login.okta.com/discovery/ Frame FAC9 		451 B
955 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/assets/js/mvc/loginpage/initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-107.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
312961c3e2abd191b80c96dc095382f8a09226a70ea00dbccc20ee26a67ced59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Age
65847
Connection
keep-alive
Content-Length
451
Content-Type
text/html
Date
Fri, 08 Sep 2023 08:46:41 GMT
ETag
"f8b177440411e7269b647ae1012388bb"
Last-Modified
Thu, 01 Jun 2023 17:31:02 GMT
Server
AmazonS3
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
2Qy4oCmsb1iPAHwa7ekTwBGRkhyC0ZChblzF1paCj3TIuvD9kOTaXQ==
X-Amz-Cf-Pop
FRA56-P6
X-Cache
Hit from cloudfront
login_fr.json
xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/labels/json/ 		108 KB
109 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/labels/json/login_fr.json
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/js/okta-sign-in.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
683c5770878e5a50d6e4710ec8d17f3931b73be179bb9700defee425ca64cd10
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept
application/json
Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 09 Sep 2023 03:04:07 GMT
x-amz-meta-sha1sum
96a972e33dbb0c644415f1d6f30def01518aa22f
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Tue, 29 Aug 2023 02:19:38 GMT
server
nginx
etag
"ba8ff2e5da542d2d46c5ce5083b05b45"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-length
110921
expires
Sun, 08 Sep 2024 03:04:07 GMT
country_fr.json
xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/labels/json/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/labels/json/country_fr.json
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/js/okta-sign-in.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
5b06a9544547cc907a3377de7733c76417c125bf2198fb7228bc48c494c12182
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept
application/json
Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 09 Sep 2023 03:04:07 GMT
x-amz-meta-sha1sum
cccbe2f62288f2de341c61b3b5c968c7f1d82e64
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Tue, 29 Aug 2023 02:19:36 GMT
server
nginx
etag
"dc611481799e7fbcf1557a87b65ca51d"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-length
4836
expires
Sun, 08 Sep 2024 03:04:07 GMT
discoveryIframe-88dc7396afa19c320b05.min.js
login.okta.com/lib/ Frame FAC9 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/lib/discoveryIframe-88dc7396afa19c320b05.min.js
Requested by
Host: login.okta.com
URL: https://login.okta.com/discovery/iframe.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-107.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccf6add544df0956a4db5ffeab1cd89d06f63c7f5ec8081b4584d948cdb6604c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://login.okta.com/discovery/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Fri, 08 Sep 2023 05:31:55 GMT
Via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 01 Jun 2023 17:31:03 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
77533
ETag
"19953e3854535d02dccdbf809bacf44a"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Content-Length
98194
X-Amz-Cf-Id
lvXz1XO6vmSQTEVi0E-rGHmREUQZ-nIDO1d6F_Z-fN00mLgW6I8uZw==
introspect
xero.okta.com/idp/idx/ 		13 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/idp/idx/introspect
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/js/okta-sign-in.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
258e44b01eafb1282a1d858b1196014d6d4f5eaa3ed2e9e2ddf6f67bc132a3e6
Security Headers
Name Value
Content-Security-Policy default-src 'self' xero.okta.com *.oktacdn.com; connect-src 'self' xero.okta.com xero-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com xero.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' xero.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' xero.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' xero.okta.com xero-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' xero.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' xero.okta.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/ion+json; okta-version=1.0.0
Referer
X-Okta-User-Agent-Extended
okta-auth-js/7.0.1 okta-signin-widget-7.9.1
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/ion+json; okta-version=1.0.0

Response headers

x-okta-request-id
ZPvgp0VqmnQTbCv25cvD2gAAC4A
date
Sat, 09 Sep 2023 03:04:07 GMT
content-security-policy
default-src 'self' xero.okta.com *.oktacdn.com; connect-src 'self' xero.okta.com xero-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com xero.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' xero.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' xero.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' xero.okta.com xero-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' xero.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' xero.okta.com data: *.oktacdn.com fonts.gstatic.com
x-rate-limit-limit
2000
x-content-type-options
nosniff
x-rate-limit-remaining
1999
strict-transport-security
max-age=315360000; includeSubDomains
content-security-policy-report-only
default-src 'self' xero.okta.com *.oktacdn.com; connect-src 'self' xero.okta.com xero-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com xero.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' xero.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' xero.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' xero.okta.com xero-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' xero.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' xero.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
p3p
CP="HONK"
x-xss-protection
0
pragma
no-cache
server
nginx
vary
Origin
content-type
application/ion+json;okta-version=1.0.0
access-control-allow-origin
https://xero.okta.com
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-rate-limit-reset
1694228707
access-control-allow-credentials
true
cache-control
no-cache, no-store
x-robots-tag
noindex,nofollow
expires
0
checkbox-sign-in-widget.png
xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:04:07 GMT
x-amz-meta-sha1sum
e0bb021ffdf93c68fef44de2a3b08f378b6fb50a
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Tue, 29 Aug 2023 02:18:19 GMT
server
nginx
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-length
3141
expires
Sun, 08 Sep 2024 03:04:07 GMT
okticon.woff
xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/font/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/font/okticon.woff
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/css/okta-sign-in.min.css
Origin
https://xero.okta.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:04:07 GMT
x-amz-meta-sha1sum
4d706297987d613a4e3f4f23d08c62d16830845d
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Tue, 29 Aug 2023 02:18:18 GMT
server
nginx
etag
"db28723126138387cdf40680e6e0fa5d"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-length
20600
expires
Sun, 08 Sep 2024 03:04:07 GMT
montserrat-okta-regular-webfont.woff
xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/font/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/font/montserrat-okta-regular-webfont.woff
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/css/okta-sign-in.min.css
Origin
https://xero.okta.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:04:07 GMT
x-amz-meta-sha1sum
b838e30072520735c49eda52cb2d3a0f4b30f0f2
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Tue, 29 Aug 2023 02:18:18 GMT
server
nginx
etag
"8f2822b73b5f9c106c6f2e0db820bcbb"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-length
21980
expires
Sun, 08 Sep 2024 03:04:07 GMT
montserrat-okta-light-webfont.woff
xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/font/montserrat-okta-light-webfont.woff
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://xero.okta.com/assets/js/sdk/okta-signin-widget/7.9.1/css/okta-sign-in.min.css
Origin
https://xero.okta.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:04:07 GMT
x-amz-meta-sha1sum
3449db1ccdfe0aeaf89101cc28ecafaecae9fc89
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Tue, 29 Aug 2023 02:18:18 GMT
server
nginx
etag
"6225f3ca44b83090833064727a09cc95"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-length
22112
expires
Sun, 08 Sep 2024 03:04:07 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture string| cspNonce object| regeneratorRuntime function| jQueryCourage object| u2f function| OktaSignIn object| okta function| runLoginPage object| OktaLogin object| jQBrowser

11 Cookies

Domain/Path Name / Value
.xero-support.com/ Name: ak_bmsc
Value: 47CD17198E81A522AE4C8B21ACF76E7A~000000000000000000000000000000~YAAQrdAXAmwH9HWKAQAAXobldxWZqM2KObiG8MRIVc8Jg2cYTzE4+Ng8WLAY41+M77RLHpseUJY/3okMnaQo0tTkvvc0IeF8JVGdhJslqX6ki+RfbbIitwX6JTWRr9PMv7rpiRsgkdjyFIaIMSr7fiTwm46pbvLb4RUAp2bc77jq3Etas44wrXD/AMX4RTttydiiKn4/6zAbPmYqLQ/yegssA1VsC+EK8aP9V36aERpk3yFXV6KGvZj0JuHVERcCiStoAwwPsRtFbQIF5zkEzbnNRvvsR+uKfO8zEn3h32lKbYiDgiHPCB7/yls1/GVCKqY6s45reyHlEGvp1QtiJ+YhLJcFiduydqzgCfYxvZfxFt79jBzWoFA0HD13/xq7ZeTMCvvbZpdrdQHlvROHkQ==
.axiom.xero-support.com/ Name: _ga
Value: GA1.3.1131051733.1694228646
.axiom.xero-support.com/ Name: _gid
Value: GA1.3.1167699659.1694228646
.axiom.xero-support.com/ Name: _gat_UA-3776042-54
Value: 1
.xero-support.com/ Name: mp_9f8f39cd73b33da99e3778c26e0bdf74_mixpanel
Value: %7B%22distinct_id%22%3A%20%2218a77e5890bb14-09374c3f6dc686-6332525b-1d4c00-18a77e5890c98d%22%2C%22%24device_id%22%3A%20%2218a77e5890bb14-09374c3f6dc686-6332525b-1d4c00-18a77e5890c98d%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
axiom.xero-support.com/ Name: okta-oauth-redirect-params
Value: {%22responseType%22:[%22id_token%22%2C%22token%22]%2C%22state%22:%22QeHJdfFulExEN317u9FGkxEEIwuTAgfppegIwBUNEN8HejNyjd9Kgr9a0hKoIXJ6%22%2C%22nonce%22:%22iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJQo6Dc34HLN8X3ZcOybpY3BoZcoqxhzk2D%22%2C%22scopes%22:[%22openid%22%2C%22email%22%2C%22profile%22]%2C%22clientId%22:%220oa1h0l3vh4mAl8nH0h8%22%2C%22urls%22:{%22issuer%22:%22https://xero.okta.com/oauth2/default%22%2C%22authorizeUrl%22:%22https://xero.okta.com/oauth2/default/v1/authorize%22%2C%22userinfoUrl%22:%22https://xero.okta.com/oauth2/default/v1/userinfo%22%2C%22tokenUrl%22:%22https://xero.okta.com/oauth2/default/v1/token%22%2C%22revokeUrl%22:%22https://xero.okta.com/oauth2/default/v1/revoke%22%2C%22logoutUrl%22:%22https://xero.okta.com/oauth2/default/v1/logout%22}%2C%22ignoreSignature%22:false}
axiom.xero-support.com/ Name: okta-oauth-nonce
Value: iNZgRQtI5KLwyJcHXHte7krX8Uc3ZvJQo6Dc34HLN8X3ZcOybpY3BoZcoqxhzk2D
axiom.xero-support.com/ Name: okta-oauth-state
Value: QeHJdfFulExEN317u9FGkxEEIwuTAgfppegIwBUNEN8HejNyjd9Kgr9a0hKoIXJ6
xero.okta.com/ Name: t
Value: default
xero.okta.com/ Name: DT
Value: DI17-t3Hv-sRK-oDGYomiFdag
xero.okta.com/ Name: JSESSIONID
Value: 0CA9535540E7604772AA42DC4A622CF5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

axiom.xero-support.com
edge.xero.com
fonts.googleapis.com
fonts.gstatic.com
login.okta.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
xero.okta.com
108.138.7.107
23.206.209.78
2a00:1450:4001:827::200a
2a00:1450:4001:828::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9c
3.33.201.229
95.101.111.130
95.101.111.173
047eb825ddf81aa61d5b13d1ae2794c5a142287a1f749a31616a7494b8e4a849
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
211769e41e3a976822b3ef6c2624f5fd766d455628bd2b0c63776cbc7ac677e9
22f9f53b2cbc7abcbb3ee7c7d4a96b5ea899deabaf7771e5856ec866f19b2fc4
258e44b01eafb1282a1d858b1196014d6d4f5eaa3ed2e9e2ddf6f67bc132a3e6
312961c3e2abd191b80c96dc095382f8a09226a70ea00dbccc20ee26a67ced59
39ad150f2e64b3802321235c18a7aada3a7aa36b741eb8b0c57f682717959ba2
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
4aab00468ab032ab934c1e40174b176781b64df67d256203d1d44e1d9bc84bda
57e9cc94b325b2211125ef757100ff0ec5543a3dd4fadca8ffa4f25ebac6b87b
5b06a9544547cc907a3377de7733c76417c125bf2198fb7228bc48c494c12182
683c5770878e5a50d6e4710ec8d17f3931b73be179bb9700defee425ca64cd10
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
8268220ac9eaf2ad57ea4d7be800aaa1505f982f9da03b892b4c4499e9d886d6
9af30b5e4695010f9be253f861784e638c81274ca0390214629886029ca9b509
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b072d9b98bfc6d4992e142b940f4f4860156c4464227c9e1e5e5c37e53cf1457
b078b4439ac28390fa15c166a410d9d317a7cb528f4162491b2e2169122100ed
bb7b04fe7a146c5260e3f1a82db4c675c3d41f53f0fe4fb7517840cef54f2b0b
bcf5c427b3828050839f41c71edb4141f5da9ab0107c0d03d97d3f44dcce3453
ccf6add544df0956a4db5ffeab1cd89d06f63c7f5ec8081b4584d948cdb6604c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1e44d4c36b5065da95f5c9fba78d36deb4a28e09751ae05aa1675121041af51
e650e9d2b03a3ba0306224b99fe361f93e6217c55841768d40152e66ff7d402a
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace