dev-82148223.okta.com Open in urlscan Pro
44.234.52.10  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://staging.authz.thoughtworks.net/ Page URL
2. https://dev-82148223.okta.com/oauth2/default/v1/authorize?client_id=0oa6uecxcQRYXhTY35d6&code_challenge=BGOK-6Uh6xPf8CXcjO9Lu-Aa_5n1k-CaBNO_7oXzy_U&code_challenge_method=S256&nonce=AJwIwDKECSsbZNliTl5I3WuDky4jlvn9oghxiDWkjDjXdL3K7F4S1gJSsP2B59EP&redirect_uri=https%3A%2F%2Fstaging.authz.thoughtworks.net%2Flogin%2Fcallback&response_type=code&state=vMHMeH1b8VkZc5HobKtvi1AGu91RyFYWZIsEG6FBAMI0hJi4DUblbViKdu9FyIer&scope=openid%20profile%20email Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response staging.authz.thoughtworks.net/	2 KB 2 KB	1842ms 1809ms	Document text/html	34.117.227.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://staging.authz.thoughtworks.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.227.193 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 193.227.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 58f2f4015c2c98ceb09180a902c74fa8ff3380877f22c3a8160d86c7a3bfbe6b Security Headers Name Value Content-Security-Policy font-src 'self' fonts.googleapis.com fonts.gstatic.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;script-src 'self' 'unsafe-inline' *.okta.com Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers :method GET :authority staging.authz.thoughtworks.net :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy font-src 'self' fonts.googleapis.com fonts.gstatic.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;script-src 'self' 'unsafe-inline' *.okta.com permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=() referrer-policy no-referrer strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-frame-options SAMEORIGIN date Thu, 03 Jun 2021 03:23:16 GMT expires Thu, 03 Jun 2021 03:33:16 GMT cache-control public, max-age=600 etag "DA4q9g" x-cloud-trace-context 987de749ffc7fbae6ed967d269a4c649 content-type text/html content-encoding gzip server Google Frontend via 1.1 google alt-svc clear
GET H2	200	css2 fonts.googleapis.com/	3 KB 634 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Bitter:wght@400;500 Requested by Host: staging.authz.thoughtworks.net URL: https://staging.authz.thoughtworks.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b47a2ad4a4df16b0b44c78e9c92dff29f4b6b6e3419f7d22347b79acc6fb3c21 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 03 Jun 2021 03:23:16 GMT server ESF date Thu, 03 Jun 2021 03:23:16 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 03 Jun 2021 03:23:16 GMT
GET H2	200	css2 fonts.googleapis.com/	2 KB 616 B	17ms 15ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter Requested by Host: staging.authz.thoughtworks.net URL: https://staging.authz.thoughtworks.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 26402835141f3e40df8d23d8440ea800d82abbbecfdeebc7abf90f30a266451c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 03 Jun 2021 03:23:16 GMT server ESF date Thu, 03 Jun 2021 03:23:16 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 03 Jun 2021 03:23:16 GMT
GET H2	200	2.c5b6f512.chunk.css staging.authz.thoughtworks.net/static/css/	512 KB 89 KB	1945ms 1944ms	Stylesheet text/css	34.117.227.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://staging.authz.thoughtworks.net/static/css/2.c5b6f512.chunk.css Requested by Host: staging.authz.thoughtworks.net URL: https://staging.authz.thoughtworks.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.227.193 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 193.227.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash eb217346388bedfadec150d025b4c1fc85551d7e602ea42419d06d58c8611228 Security Headers Name Value Content-Security-Policy font-src 'self' fonts.googleapis.com fonts.gstatic.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;script-src 'self' 'unsafe-inline' *.okta.com Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers :path /static/css/2.c5b6f512.chunk.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority staging.authz.thoughtworks.net :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 03 Jun 2021 03:23:17 GMT alt-svc clear referrer-policy no-referrer server Google Frontend etag "DA4q9g" x-frame-options SAMEORIGIN content-type text/css via 1.1 google x-cloud-trace-context ba7d9d29b875d82e883f9de177a1fc40 cache-control public, max-age=600 permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=() content-security-policy font-src 'self' fonts.googleapis.com fonts.gstatic.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;script-src 'self' 'unsafe-inline' *.okta.com expires Thu, 03 Jun 2021 03:33:17 GMT
GET H2	200	main.7151f34a.chunk.css staging.authz.thoughtworks.net/static/css/	8 KB 3 KB	1799ms 1798ms	Stylesheet text/css	34.117.227.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://staging.authz.thoughtworks.net/static/css/main.7151f34a.chunk.css Requested by Host: staging.authz.thoughtworks.net URL: https://staging.authz.thoughtworks.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.227.193 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 193.227.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 94fdb458c8b577a5c4acc238025b2ee09d4f85ffffd8320b0ba42bf2f054a483 Security Headers Name Value Content-Security-Policy font-src 'self' fonts.googleapis.com fonts.gstatic.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;script-src 'self' 'unsafe-inline' *.okta.com Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers :path /static/css/main.7151f34a.chunk.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority staging.authz.thoughtworks.net :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 03 Jun 2021 03:23:18 GMT alt-svc clear referrer-policy no-referrer server Google Frontend etag "DA4q9g" x-frame-options SAMEORIGIN content-type text/css via 1.1 google x-cloud-trace-context ba7d9d29b875d82e883f9de177a1fc40 cache-control public, max-age=600 permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=() content-security-policy font-src 'self' fonts.googleapis.com fonts.gstatic.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;script-src 'self' 'unsafe-inline' *.okta.com expires Thu, 03 Jun 2021 03:33:18 GMT
GET H2	200	2.ec39810f.chunk.js Show response staging.authz.thoughtworks.net/static/js/	866 KB 309 KB	876ms 875ms	Script application/javascript	34.117.227.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://staging.authz.thoughtworks.net/static/js/2.ec39810f.chunk.js Requested by Host: staging.authz.thoughtworks.net URL: https://staging.authz.thoughtworks.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.227.193 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 193.227.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 457070ef5f4f4db0fdddfd1b2e560f1d488073e1ec875101b626d6b6363d49d1 Security Headers Name Value Content-Security-Policy font-src 'self' fonts.googleapis.com fonts.gstatic.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;script-src 'self' 'unsafe-inline' *.okta.com Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers :path /static/js/2.ec39810f.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority staging.authz.thoughtworks.net :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 03 Jun 2021 03:23:16 GMT alt-svc clear referrer-policy no-referrer server Google Frontend etag "DA4q9g" x-frame-options SAMEORIGIN content-type application/javascript via 1.1 google x-cloud-trace-context 1ff800c233e2c47ce6cf44cd9438e904 cache-control public, max-age=600 permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=() content-security-policy font-src 'self' fonts.googleapis.com fonts.gstatic.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;script-src 'self' 'unsafe-inline' *.okta.com expires Thu, 03 Jun 2021 03:33:16 GMT
GET H2	200	main.9b7c0097.chunk.js Show response staging.authz.thoughtworks.net/static/js/	52 KB 16 KB	1822ms 1821ms	Script application/javascript	34.117.227.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://staging.authz.thoughtworks.net/static/js/main.9b7c0097.chunk.js Requested by Host: staging.authz.thoughtworks.net URL: https://staging.authz.thoughtworks.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.227.193 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 193.227.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 8f9d89ae8110b4c5b381a04988256e00d91c96592cf7d55d7d498143f9c1369b Security Headers Name Value Content-Security-Policy font-src 'self' fonts.googleapis.com fonts.gstatic.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;script-src 'self' 'unsafe-inline' *.okta.com Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers :path /static/js/main.9b7c0097.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority staging.authz.thoughtworks.net :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 03 Jun 2021 03:23:17 GMT alt-svc clear referrer-policy no-referrer server Google Frontend etag "DA4q9g" x-frame-options SAMEORIGIN content-type application/javascript via 1.1 google x-cloud-trace-context ba7d9d29b875d82e883f9de177a1fc40 cache-control public, max-age=600 permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=() content-security-policy font-src 'self' fonts.googleapis.com fonts.gstatic.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;script-src 'self' 'unsafe-inline' *.okta.com expires Thu, 03 Jun 2021 03:33:17 GMT
GET H2	200	openid-configuration Show response dev-82148223.okta.com/oauth2/default/.well-known/	2 KB 3 KB	564ms 208ms	Fetch application/json	44.234.52.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dev-82148223.okta.com/oauth2/default/.well-known/openid-configuration Requested by Host: staging.authz.thoughtworks.net URL: https://staging.authz.thoughtworks.net/static/js/2.ec39810f.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.234.52.10 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-52-10.us-west-2.compute.amazonaws.com Software nginx / Resource Hash c7eb66e4b9c8e86b7036f2896ba36a762d025111d7e6e2be0544f838f76e5846 Security Headers Name Value Content-Security-Policy default-src 'self' dev-82148223.okta.com *.oktacdn.com; connect-src 'self' dev-82148223.okta.com dev-82148223-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' dev-82148223.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' dev-82148223.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' dev-82148223.okta.com dev-82148223-admin.okta.com login.okta.com; img-src 'self' dev-82148223.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' dev-82148223.okta.com data: *.oktacdn.com fonts.gstatic.com Strict-Transport-Security max-age=315360000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept application/json Referer X-Okta-User-Agent-Extended @okta/okta-react/4.1.0 okta-auth-js/4.9.2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers x-okta-request-id YLhLKEPlZN6ohOKwTAyqOQAADp8 date Thu, 03 Jun 2021 03:23:20 GMT x-content-type-options nosniff p3p CP="HONK" vary Origin x-xss-protection 0 server nginx expect-ct report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0 strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin https://staging.authz.thoughtworks.net cache-control max-age=86400, must-revalidate access-control-allow-credentials true content-security-policy default-src 'self' dev-82148223.okta.com *.oktacdn.com; connect-src 'self' dev-82148223.okta.com dev-82148223-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' dev-82148223.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' dev-82148223.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' dev-82148223.okta.com dev-82148223-admin.okta.com login.okta.com; img-src 'self' dev-82148223.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' dev-82148223.okta.com data: *.oktacdn.com fonts.gstatic.com content-type application/json expires Fri, 04 Jun 2021 03:23:20 GMT
OPTIONS H2	200	openid-configuration dev-82148223.okta.com/oauth2/default/.well-known/	0 0	570ms 184ms	Preflight application/octet-stream	44.234.52.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dev-82148223.okta.com/oauth2/default/.well-known/openid-configuration Protocol H2 Server 44.234.52.10 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-52-10.us-west-2.compute.amazonaws.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type,x-okta-user-agent-extended Origin https://staging.authz.thoughtworks.net User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers date Thu, 03 Jun 2021 03:23:19 GMT content-type application/octet-stream content-length 0 server nginx public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin https://staging.authz.thoughtworks.net access-control-allow-credentials true access-control-allow-methods GET, OPTIONS access-control-allow-headers content-type,x-okta-user-agent-extended vary Origin access-control-max-age 3600 x-okta-request-id YLhLJ8zKbEbIyUpioHtV9gAABfE strict-transport-security max-age=315360000; includeSubDomains
GET H2	400	Primary Request authorize Show response dev-82148223.okta.com/oauth2/default/v1/	7 KB 9 KB	212ms 211ms	Document text/html	44.234.52.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dev-82148223.okta.com/oauth2/default/v1/authorize?client_id=0oa6uecxcQRYXhTY35d6&code_challenge=BGOK-6Uh6xPf8CXcjO9Lu-Aa_5n1k-CaBNO_7oXzy_U&code_challenge_method=S256&nonce=AJwIwDKECSsbZNliTl5I3WuDky4jlvn9oghxiDWkjDjXdL3K7F4S1gJSsP2B59EP&redirect_uri=https%3A%2F%2Fstaging.authz.thoughtworks.net%2Flogin%2Fcallback&response_type=code&state=vMHMeH1b8VkZc5HobKtvi1AGu91RyFYWZIsEG6FBAMI0hJi4DUblbViKdu9FyIer&scope=openid%20profile%20email Requested by Host: staging.authz.thoughtworks.net URL: https://staging.authz.thoughtworks.net/static/js/2.ec39810f.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.234.52.10 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-52-10.us-west-2.compute.amazonaws.com Software nginx / Resource Hash f3a28191c1079701516c96b0b668619b7f004136228d374d803c19e0544325fe Security Headers Name Value Content-Security-Policy default-src 'self' dev-82148223.okta.com *.oktacdn.com; connect-src 'self' dev-82148223.okta.com dev-82148223-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' dev-82148223.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' dev-82148223.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' dev-82148223.okta.com dev-82148223-admin.okta.com login.okta.com; img-src 'self' dev-82148223.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' dev-82148223.okta.com data: *.oktacdn.com fonts.gstatic.com; report-uri https://okta.report-uri.com/r/d/csp/enforce; report-to csp-enforce Strict-Transport-Security max-age=315360000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority dev-82148223.okta.com :scheme https :path /oauth2/default/v1/authorize?client_id=0oa6uecxcQRYXhTY35d6&code_challenge=BGOK-6Uh6xPf8CXcjO9Lu-Aa_5n1k-CaBNO_7oXzy_U&code_challenge_method=S256&nonce=AJwIwDKECSsbZNliTl5I3WuDky4jlvn9oghxiDWkjDjXdL3K7F4S1gJSsP2B59EP&redirect_uri=https%3A%2F%2Fstaging.authz.thoughtworks.net%2Flogin%2Fcallback&response_type=code&state=vMHMeH1b8VkZc5HobKtvi1AGu91RyFYWZIsEG6FBAMI0hJi4DUblbViKdu9FyIer&scope=openid%20profile%20email pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 03:23:20 GMT content-type text/html;charset=utf-8 content-length 7414 server nginx public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-okta-request-id YLhLKM8qNDUSeuF-190NwAAADPQ x-xss-protection 0 p3p CP="HONK" x-rate-limit-limit 60 x-rate-limit-remaining 59 x-rate-limit-reset 1622690660 content-security-policy default-src 'self' dev-82148223.okta.com *.oktacdn.com; connect-src 'self' dev-82148223.okta.com dev-82148223-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' dev-82148223.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' dev-82148223.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' dev-82148223.okta.com dev-82148223-admin.okta.com login.okta.com; img-src 'self' dev-82148223.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' dev-82148223.okta.com data: *.oktacdn.com fonts.gstatic.com; report-uri https://okta.report-uri.com/r/d/csp/enforce; report-to csp-enforce report-to {"group":"csp-enforce","max_age":31536000,"endpoints":[{"url":"https://okta.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true} expect-ct report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0 referrer-policy no-referrer cache-control no-cache, no-store pragma no-cache expires 0 x-content-type-options nosniff content-language en strict-transport-security max-age=315360000; includeSubDomains set-cookie sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ JSESSIONID=BAB557803E1462BD8CA55E98C9309477; Path=/; Secure; HttpOnly t=default; Path=/ DT=DI0H80LF_0MTdOaa2iLK9yHeQ;Version=1;Path=/;Max-Age=63072000;Secure;Expires=Sat, 03 Jun 2023 03:23:20 GMT;SameSite=None sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
GET H2	200	saasure-min.d2c8ca64d2eaf7275e3019e8fbbbedf0.css ok12static.oktacdn.com/assets/css/	72 KB 18 KB	134ms 57ms	Stylesheet text/css	13.225.87.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok12static.oktacdn.com/assets/css/saasure-min.d2c8ca64d2eaf7275e3019e8fbbbedf0.css Requested by Host: dev-82148223.okta.com URL: https://dev-82148223.okta.com/oauth2/default/v1/authorize?client_id=0oa6uecxcQRYXhTY35d6&code_challenge=BGOK-6Uh6xPf8CXcjO9Lu-Aa_5n1k-CaBNO_7oXzy_U&code_challenge_method=S256&nonce=AJwIwDKECSsbZNliTl5I3WuDky4jlvn9oghxiDWkjDjXdL3K7F4S1gJSsP2B59EP&redirect_uri=https%3A%2F%2Fstaging.authz.thoughtworks.net%2Flogin%2Fcallback&response_type=code&state=vMHMeH1b8VkZc5HobKtvi1AGu91RyFYWZIsEG6FBAMI0hJi4DUblbViKdu9FyIer&scope=openid%20profile%20email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-124.fra2.r.cloudfront.net Software nginx / Resource Hash 92dfbedd3e053b64eaea6aab8279e87a810c589a69b8f83fb1152092dbccbe5f Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 30 May 2021 20:12:01 GMT content-encoding gzip vary Accept-Encoding age 285079 x-cache Hit from cloudfront access-control-allow-origin * last-modified Tue, 06 Oct 2020 20:30:27 GMT server nginx etag W/"d2c8ca64d2eaf7275e3019e8fbbbedf0" strict-transport-security max-age=315360000; includeSubDomains content-type text/css via 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA2-C2 x-amz-cf-id NmT5PDzXfKtTMre_MVENPAECXnQvAy_K2dVO_nVe0vHN7so4ypfJaQ== expires Mon, 30 May 2022 20:12:01 GMT
GET H2	200	courage.1a9de3abd62ba4fb791eb0dea0fd81ec.css ok12static.oktacdn.com/assets/css/courage/	235 KB 41 KB	115ms 39ms	Stylesheet text/css	13.225.87.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok12static.oktacdn.com/assets/css/courage/courage.1a9de3abd62ba4fb791eb0dea0fd81ec.css Requested by Host: dev-82148223.okta.com URL: https://dev-82148223.okta.com/oauth2/default/v1/authorize?client_id=0oa6uecxcQRYXhTY35d6&code_challenge=BGOK-6Uh6xPf8CXcjO9Lu-Aa_5n1k-CaBNO_7oXzy_U&code_challenge_method=S256&nonce=AJwIwDKECSsbZNliTl5I3WuDky4jlvn9oghxiDWkjDjXdL3K7F4S1gJSsP2B59EP&redirect_uri=https%3A%2F%2Fstaging.authz.thoughtworks.net%2Flogin%2Fcallback&response_type=code&state=vMHMeH1b8VkZc5HobKtvi1AGu91RyFYWZIsEG6FBAMI0hJi4DUblbViKdu9FyIer&scope=openid%20profile%20email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-124.fra2.r.cloudfront.net Software nginx / Resource Hash dfd7f36c5c3c3523e5edb71ee4571f4eea2d7762e173a24773ebb56c5d7cfd0f Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 06:47:26 GMT content-encoding gzip vary Accept-Encoding age 678954 x-cache Hit from cloudfront access-control-allow-origin * last-modified Wed, 26 May 2021 05:24:16 GMT server nginx etag W/"1a9de3abd62ba4fb791eb0dea0fd81ec" strict-transport-security max-age=315360000; includeSubDomains content-type text/css via 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA2-C2 x-amz-cf-id dCo4iOXWvXOZ2z5GSlHWGObOsWkhzNRgnCC-zZa5i4n8BVrp-vLtYQ== expires Thu, 26 May 2022 06:47:26 GMT
GET H2	200	admin-overrides.120cd3ea90d03fb5cabc2e04cb8d9ff3.css ok12static.oktacdn.com/assets/css/	131 KB 33 KB	137ms 61ms	Stylesheet text/css	13.225.87.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok12static.oktacdn.com/assets/css/admin-overrides.120cd3ea90d03fb5cabc2e04cb8d9ff3.css Requested by Host: dev-82148223.okta.com URL: https://dev-82148223.okta.com/oauth2/default/v1/authorize?client_id=0oa6uecxcQRYXhTY35d6&code_challenge=BGOK-6Uh6xPf8CXcjO9Lu-Aa_5n1k-CaBNO_7oXzy_U&code_challenge_method=S256&nonce=AJwIwDKECSsbZNliTl5I3WuDky4jlvn9oghxiDWkjDjXdL3K7F4S1gJSsP2B59EP&redirect_uri=https%3A%2F%2Fstaging.authz.thoughtworks.net%2Flogin%2Fcallback&response_type=code&state=vMHMeH1b8VkZc5HobKtvi1AGu91RyFYWZIsEG6FBAMI0hJi4DUblbViKdu9FyIer&scope=openid%20profile%20email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-124.fra2.r.cloudfront.net Software nginx / Resource Hash 8bc549c4577d4621d66486c8250561184f0400ab0136555801d3b6b922266738 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 22:49:23 GMT content-encoding gzip vary Accept-Encoding age 1312437 x-cache Hit from cloudfront access-control-allow-origin * last-modified Tue, 18 May 2021 22:06:38 GMT server nginx etag W/"120cd3ea90d03fb5cabc2e04cb8d9ff3" strict-transport-security max-age=315360000; includeSubDomains content-type text/css via 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA2-C2 x-amz-cf-id 261Nc83f7FNrk9NEBRMF3YoHr2NqvAt6uhTWHVH5JE7u44QSAgWCDg== expires Wed, 18 May 2022 22:49:23 GMT
GET H2	200	errors.b2abd427f382d7a7c6648d7d71a06a7f.css ok12static.oktacdn.com/assets/css/sections/	1 KB 1 KB	141ms 65ms	Stylesheet text/css	13.225.87.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok12static.oktacdn.com/assets/css/sections/errors.b2abd427f382d7a7c6648d7d71a06a7f.css Requested by Host: dev-82148223.okta.com URL: https://dev-82148223.okta.com/oauth2/default/v1/authorize?client_id=0oa6uecxcQRYXhTY35d6&code_challenge=BGOK-6Uh6xPf8CXcjO9Lu-Aa_5n1k-CaBNO_7oXzy_U&code_challenge_method=S256&nonce=AJwIwDKECSsbZNliTl5I3WuDky4jlvn9oghxiDWkjDjXdL3K7F4S1gJSsP2B59EP&redirect_uri=https%3A%2F%2Fstaging.authz.thoughtworks.net%2Flogin%2Fcallback&response_type=code&state=vMHMeH1b8VkZc5HobKtvi1AGu91RyFYWZIsEG6FBAMI0hJi4DUblbViKdu9FyIer&scope=openid%20profile%20email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-124.fra2.r.cloudfront.net Software nginx / Resource Hash c187860889eeacf19e543dd3258614159accf09256e1cf4646cad7d5d6ec3f8f Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 02:33:52 GMT content-encoding gzip vary Accept-Encoding age 694167 x-cache Hit from cloudfront access-control-allow-origin * last-modified Mon, 17 Aug 2020 19:13:29 GMT server nginx etag W/"b2abd427f382d7a7c6648d7d71a06a7f" strict-transport-security max-age=315360000; includeSubDomains content-type text/css via 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA2-C2 x-amz-cf-id Dj9tZl77qvPhdspdE522b3d4hkYTFzqNmSNY61v-olRTm7DzhT-INQ== expires Thu, 26 May 2022 02:33:52 GMT
GET H2	200	saasure.jqueryui.min.3ccb655e12d2e4ba072d7b5a8fbf66fc.js Show response ok12static.oktacdn.com/assets/js/	626 KB 218 KB	103ms 27ms	Script application/javascript	13.225.87.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok12static.oktacdn.com/assets/js/saasure.jqueryui.min.3ccb655e12d2e4ba072d7b5a8fbf66fc.js Requested by Host: dev-82148223.okta.com URL: https://dev-82148223.okta.com/oauth2/default/v1/authorize?client_id=0oa6uecxcQRYXhTY35d6&code_challenge=BGOK-6Uh6xPf8CXcjO9Lu-Aa_5n1k-CaBNO_7oXzy_U&code_challenge_method=S256&nonce=AJwIwDKECSsbZNliTl5I3WuDky4jlvn9oghxiDWkjDjXdL3K7F4S1gJSsP2B59EP&redirect_uri=https%3A%2F%2Fstaging.authz.thoughtworks.net%2Flogin%2Fcallback&response_type=code&state=vMHMeH1b8VkZc5HobKtvi1AGu91RyFYWZIsEG6FBAMI0hJi4DUblbViKdu9FyIer&scope=openid%20profile%20email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-124.fra2.r.cloudfront.net Software nginx / Resource Hash 4396d15e1e85dc844bc50eaf916b5276b1a6de8f2856412c40efa612106e357a Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Origin https://dev-82148223.okta.com Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 29 May 2021 03:37:22 GMT content-encoding gzip vary Accept-Encoding age 431158 x-cache Hit from cloudfront access-control-allow-origin * last-modified Thu, 06 May 2021 01:35:19 GMT server nginx etag W/"3ccb655e12d2e4ba072d7b5a8fbf66fc" strict-transport-security max-age=315360000; includeSubDomains content-type application/javascript via 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA2-C2 x-amz-cf-id aLlNgIeHAOR3TchDQaoh8qpJbDUiR20NCb_xYpCzl25wuLrJAjJQUg== expires Sun, 29 May 2022 03:37:22 GMT
GET H2	200	okta-logo.00b28e552573899e15fa6e77278759d5.png ok12static.oktacdn.com/assets/img/logos/	2 KB 3 KB	26ms 26ms	Image image/png	13.225.87.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ok12static.oktacdn.com/assets/img/logos/okta-logo.00b28e552573899e15fa6e77278759d5.png Requested by Host: dev-82148223.okta.com URL: https://dev-82148223.okta.com/oauth2/default/v1/authorize?client_id=0oa6uecxcQRYXhTY35d6&code_challenge=BGOK-6Uh6xPf8CXcjO9Lu-Aa_5n1k-CaBNO_7oXzy_U&code_challenge_method=S256&nonce=AJwIwDKECSsbZNliTl5I3WuDky4jlvn9oghxiDWkjDjXdL3K7F4S1gJSsP2B59EP&redirect_uri=https%3A%2F%2Fstaging.authz.thoughtworks.net%2Flogin%2Fcallback&response_type=code&state=vMHMeH1b8VkZc5HobKtvi1AGu91RyFYWZIsEG6FBAMI0hJi4DUblbViKdu9FyIer&scope=openid%20profile%20email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-124.fra2.r.cloudfront.net Software nginx / Resource Hash 07561b0527818d05bb073cae9d055895924a96bcea0721ac7a0dcb3c3f708af0 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 30 May 2021 09:34:29 GMT via 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront) age 323331 x-cache Hit from cloudfront content-length 2207 last-modified Mon, 17 Aug 2020 19:10:08 GMT server nginx etag "00b28e552573899e15fa6e77278759d5" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type image/png x-amz-cf-id R1jKaeFvMcUjhr0QmkuvUhrfmFqgIENmM3wQGE7sQTMWXxz76TMrpQ== expires Mon, 30 May 2022 09:34:29 GMT
GET H2	200	http-error-400.eb5f0061069e5c149eddccc91c97eafc.png ok12static.oktacdn.com/assets/img/ui/	4 KB 5 KB	31ms 31ms	Image image/png	13.225.87.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ok12static.oktacdn.com/assets/img/ui/http-error-400.eb5f0061069e5c149eddccc91c97eafc.png Requested by Host: dev-82148223.okta.com URL: https://dev-82148223.okta.com/oauth2/default/v1/authorize?client_id=0oa6uecxcQRYXhTY35d6&code_challenge=BGOK-6Uh6xPf8CXcjO9Lu-Aa_5n1k-CaBNO_7oXzy_U&code_challenge_method=S256&nonce=AJwIwDKECSsbZNliTl5I3WuDky4jlvn9oghxiDWkjDjXdL3K7F4S1gJSsP2B59EP&redirect_uri=https%3A%2F%2Fstaging.authz.thoughtworks.net%2Flogin%2Fcallback&response_type=code&state=vMHMeH1b8VkZc5HobKtvi1AGu91RyFYWZIsEG6FBAMI0hJi4DUblbViKdu9FyIer&scope=openid%20profile%20email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-124.fra2.r.cloudfront.net Software nginx / Resource Hash 28a14867c0b4ee79dff5c37e1e6645ba9cf5ccc359f571ccb22f4edcf679bccf Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 00:09:12 GMT via 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront) age 1048448 x-cache Hit from cloudfront content-length 4446 last-modified Mon, 17 Aug 2020 19:17:30 GMT server nginx etag "eb5f0061069e5c149eddccc91c97eafc" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type image/png x-amz-cf-id 0WbyQnz1OvQG6FDVC1JhEG1MTCtJ7PQ8lJ66fzBINy_kT7GCHuAyqA== expires Sun, 22 May 2022 00:09:12 GMT
GET H2	200	proximanova-reg-webfont.d99a7377dabb55772ca9f986b0a04b57.woff2 ok12static.oktacdn.com/assets/font/	20 KB 21 KB	26ms 25ms	Font application/font-woff2	13.225.87.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok12static.oktacdn.com/assets/font/proximanova-reg-webfont.d99a7377dabb55772ca9f986b0a04b57.woff2 Requested by Host: ok12static.oktacdn.com URL: https://ok12static.oktacdn.com/assets/css/courage/courage.1a9de3abd62ba4fb791eb0dea0fd81ec.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-124.fra2.r.cloudfront.net Software nginx / Resource Hash affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Origin https://dev-82148223.okta.com Referer https://ok12static.oktacdn.com/assets/css/courage/courage.1a9de3abd62ba4fb791eb0dea0fd81ec.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=315360000; includeSubDomains via 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront) etag "d99a7377dabb55772ca9f986b0a04b57" age 296884 x-cache Hit from cloudfront content-length 20416 last-modified Mon, 17 Aug 2020 19:12:21 GMT server nginx date Sun, 30 May 2021 16:55:16 GMT content-type application/font-woff2 access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id DCxfJGhW2StrXjMz5CPcb8cvQahCvBKOUgxvBumCYG2vfiy8sZMI1w== expires Mon, 30 May 2022 16:55:16 GMT
GET H2	200	proximanova-light-webfont.3bf194f33d52c87ea38f13e04fd41950.woff2 ok12static.oktacdn.com/assets/font/	20 KB 20 KB	32ms 31ms	Font application/font-woff2	13.225.87.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok12static.oktacdn.com/assets/font/proximanova-light-webfont.3bf194f33d52c87ea38f13e04fd41950.woff2 Requested by Host: ok12static.oktacdn.com URL: https://ok12static.oktacdn.com/assets/css/courage/courage.1a9de3abd62ba4fb791eb0dea0fd81ec.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-124.fra2.r.cloudfront.net Software nginx / Resource Hash 018930498a4b01e598099a6e45d7316d54c7b1411ce2b741a3b1f1b0ed4e578b Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Origin https://dev-82148223.okta.com Referer https://ok12static.oktacdn.com/assets/css/courage/courage.1a9de3abd62ba4fb791eb0dea0fd81ec.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 21:35:32 GMT via 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront) age 1576068 x-cache Hit from cloudfront content-length 20052 last-modified Mon, 17 Aug 2020 19:12:21 GMT server nginx etag "3bf194f33d52c87ea38f13e04fd41950" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type application/font-woff2 x-amz-cf-id EcTML2Ch7u2SEDOiJMRQKN5qY9y4zIhDFn4JtoAAUNnXJwnDlch7-w== expires Sun, 15 May 2022 21:35:32 GMT

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| okta function| oldval function| OktaWayPoint object| webFontConfig object| AjaxForm object| JobManager object| ModalDialog object| Utils object| Preferences object| OktaMetrics function| $ function| jQuery object| BROWSER object| jQuery1124043060865716351104 function| _ object| webfont object| WebFont object| saasure object| hashChangeHandler object| mixpanel function| trackAdminHelpEvent function| showBadBrowserIfNotSeen

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dev-82148223.okta.com/	1970-01-20 12:16:02	Name: DT Value: DI0H80LF_0MTdOaa2iLK9yHeQ
			dev-82148223.okta.com/	1969-12-31 23:59:59	Name: t Value: default
			dev-82148223.okta.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: BAB557803E1462BD8CA55E98C9309477

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://staging.authz.thoughtworks.net/static/js/2.ec39810f.chunk.js(Line 2) Message: [okta-auth-sdk] WARN: This browser doesn't support localStorage. Switching to sessionStorage.
console-api	warning	URL: https://staging.authz.thoughtworks.net/static/js/2.ec39810f.chunk.js(Line 2) Message: [okta-auth-sdk] WARN: This browser doesn't support localStorage. Switching to sessionStorage.
console-api	error	URL: https://dev-82148223.okta.com/oauth2/default/v1/authorize?client_id=0oa6uecxcQRYXhTY35d6&code_challenge=BGOK-6Uh6xPf8CXcjO9Lu-Aa_5n1k-CaBNO_7oXzy_U&code_challenge_method=S256&nonce=AJwIwDKECSsbZNliTl5I3WuDky4jlvn9oghxiDWkjDjXdL3K7F4S1gJSsP2B59EP&redirect_uri=https%3A%2F%2Fstaging.authz.thoughtworks.net%2Flogin%2Fcallback&response_type=code&state=vMHMeH1b8VkZc5HobKtvi1AGu91RyFYWZIsEG6FBAMI0hJi4DUblbViKdu9FyIer&scope=openid%20profile%20email(Line 108) Message: error.errorCode: invalid_request, error.description: The 'redirect_uri' parameter must be a Login redirect URI in the client app settings: https://dev-82148223-admin.okta.com/admin/app/oidc_client/instance/0oa6uecxcQRYXhTY35d6#tab-general

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	font-src 'self' fonts.googleapis.com fonts.gstatic.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;script-src 'self' 'unsafe-inline' *.okta.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dev-82148223.okta.com
fonts.googleapis.com
ok12static.oktacdn.com
staging.authz.thoughtworks.net
13.225.87.124
2a00:1450:4001:830::200a
34.117.227.193
44.234.52.10
018930498a4b01e598099a6e45d7316d54c7b1411ce2b741a3b1f1b0ed4e578b
07561b0527818d05bb073cae9d055895924a96bcea0721ac7a0dcb3c3f708af0
26402835141f3e40df8d23d8440ea800d82abbbecfdeebc7abf90f30a266451c
28a14867c0b4ee79dff5c37e1e6645ba9cf5ccc359f571ccb22f4edcf679bccf
4396d15e1e85dc844bc50eaf916b5276b1a6de8f2856412c40efa612106e357a
457070ef5f4f4db0fdddfd1b2e560f1d488073e1ec875101b626d6b6363d49d1
58f2f4015c2c98ceb09180a902c74fa8ff3380877f22c3a8160d86c7a3bfbe6b
8bc549c4577d4621d66486c8250561184f0400ab0136555801d3b6b922266738
8f9d89ae8110b4c5b381a04988256e00d91c96592cf7d55d7d498143f9c1369b
92dfbedd3e053b64eaea6aab8279e87a810c589a69b8f83fb1152092dbccbe5f
94fdb458c8b577a5c4acc238025b2ee09d4f85ffffd8320b0ba42bf2f054a483
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
b47a2ad4a4df16b0b44c78e9c92dff29f4b6b6e3419f7d22347b79acc6fb3c21
c187860889eeacf19e543dd3258614159accf09256e1cf4646cad7d5d6ec3f8f
c7eb66e4b9c8e86b7036f2896ba36a762d025111d7e6e2be0544f838f76e5846
dfd7f36c5c3c3523e5edb71ee4571f4eea2d7762e173a24773ebb56c5d7cfd0f
eb217346388bedfadec150d025b4c1fc85551d7e602ea42419d06d58c8611228
f3a28191c1079701516c96b0b668619b7f004136228d374d803c19e0544325fe