login.tx.group Open in urlscan Pro
35.71.153.225 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://alertmanager.aws-prod.unitycms.io/
Effective URL:
https://login.tx.group/oauth2/v1/authorize?client_id=0oa6k312pdPnpQHdp0i7&redirect_uri=https%3A%2F%2Falertmanager.aws-p...
Submission: On September 22 via automatic, source certstream-suspicious (September 22nd 2024, 12:36:22 am UTC) — Scanned from CA

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 35.71.153.225, located in United States and belongs to AMAZON-02, US. The main domain is login.tx.group.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on December 18th 2023. Valid for: a year.

This is the only time login.tx.group was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.29.39.251 52.29.39.251	16509 (AMAZON-02) (AMAZON-02)
3	35.71.153.225 35.71.153.225	16509 (AMAZON-02) (AMAZON-02)
9	52.85.61.54 52.85.61.54	16509 (AMAZON-02) (AMAZON-02)
1	108.139.29.91 108.139.29.91	16509 (AMAZON-02) (AMAZON-02)
13	3

1 52.29.39.251 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-39-251.eu-central-1.compute.amazonaws.com

alertmanager.aws-prod.unitycms.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.153.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: a977293749abcbf39.awsglobalaccelerator.com

login.tx.group	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.85.61.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-54.ewr53.r.cloudfront.net

eu1static.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-91.jfk50.r.cloudfront.net

login.okta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	oktacdn.com eu1static.oktacdn.com — Cisco Umbrella Rank: 63675	715 KB
3	tx.group login.tx.group	38 KB
1	okta.com login.okta.com — Cisco Umbrella Rank: 3655
1	unitycms.io 1 redirects alertmanager.aws-prod.unitycms.io	624 B
13	4

	Domain	Requested by
9	eu1static.oktacdn.com	login.tx.group eu1static.oktacdn.com
3	login.tx.group	eu1static.oktacdn.com
1	login.okta.com	eu1static.oktacdn.com
1	alertmanager.aws-prod.unitycms.io	1 redirects
13	4

This site contains no links.

Subject Issuer	Validity	Valid
login.tx.group GeoTrust TLS RSA CA G1	`2023-12-18` - `2024-12-17`	a year	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-15` - `2025-01-02`	a year	crt.sh
accounts.okta.com Amazon RSA 2048 M02	`2024-07-17` - `2025-08-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://login.tx.group/oauth2/v1/authorize?client_id=0oa6k312pdPnpQHdp0i7&redirect_uri=https%3A%2F%2Falertmanager.aws-prod.unitycms.io%2Foauth2%2Fidpresponse&response_type=code&scope=openid&state=Av8i59dGHtmZeHvaJkBhMXtynkiud8G87sLtcx4kF%2B2O423pdoI%2BvTdI1GZ6QVjdyufHIPw5f2M4BewFBqc5RBwPxA6yOdOQAAEo20Dak53Go3DRw4AewkYORVqpfbDzahOlh8nWvEwYI1SBstnRhiVKamWmhPC4USeW%2FRNLqXtOotLZFXVgZkwvng5KteY9kdHYbPmxfLRmsRKiX2Gk9YT%2F9lfYBIOKxumrXbx7akCaMsfS8g%3D%3D
Frame ID: 61D1AE2172C5DECBE3662D868612BDC5
Requests: 12 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: A1BA06D002E5C7EA8E6977E486EFE61A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TX Group AG - Sign In

Page URL History Show full URLs

https://alertmanager.aws-prod.unitycms.io/ HTTP 302
https://login.tx.group/oauth2/v1/authorize?client_id=0oa6k312pdPnpQHdp0i7&redirect_uri=https%3A%2F%... Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

753 kB
Transfer

2265 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://alertmanager.aws-prod.unitycms.io/ HTTP 302
https://login.tx.group/oauth2/v1/authorize?client_id=0oa6k312pdPnpQHdp0i7&redirect_uri=https%3A%2F%2Falertmanager.aws-prod.unitycms.io%2Foauth2%2Fidpresponse&response_type=code&scope=openid&state=Av8i59dGHtmZeHvaJkBhMXtynkiud8G87sLtcx4kF%2B2O423pdoI%2BvTdI1GZ6QVjdyufHIPw5f2M4BewFBqc5RBwPxA6yOdOQAAEo20Dak53Go3DRw4AewkYORVqpfbDzahOlh8nWvEwYI1SBstnRhiVKamWmhPC4USeW%2FRNLqXtOotLZFXVgZkwvng5KteY9kdHYbPmxfLRmsRKiX2Gk9YT%2F9lfYBIOKxumrXbx7akCaMsfS8g%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request authorize Show response
login.tx.group/oauth2/v1/
Redirect Chain

https://alertmanager.aws-prod.unitycms.io/
https://login.tx.group/oauth2/v1/authorize?client_id=0oa6k312pdPnpQHdp0i7&redirect_uri=https%3A%2F%2Falertmanager.aws-prod.unitycms.io%2Foauth2%2Fidpresponse&response_type=code&scope=openid&state=A...

23 KB
11 KB

738ms
194ms

Document
text/html

35.71.153.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.tx.group/oauth2/v1/authorize?client_id=0oa6k312pdPnpQHdp0i7&redirect_uri=https%3A%2F%2Falertmanager.aws-prod.unitycms.io%2Foauth2%2Fidpresponse&response_type=code&scope=openid&state=Av8i59dGHtmZeHvaJkBhMXtynkiud8G87sLtcx4kF%2B2O423pdoI%2BvTdI1GZ6QVjdyufHIPw5f2M4BewFBqc5RBwPxA6yOdOQAAEo20Dak53Go3DRw4AewkYORVqpfbDzahOlh8nWvEwYI1SBstnRhiVKamWmhPC4USeW%2FRNLqXtOotLZFXVgZkwvng5KteY9kdHYbPmxfLRmsRKiX2Gk9YT%2F9lfYBIOKxumrXbx7akCaMsfS8g%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.153.225 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a977293749abcbf39.awsglobalaccelerator.com

Software

nginx /

Resource Hash

bde36aa79f56ea57f98bd874e7d6d63bfcef9d4f9e1682ba482a399cc8795d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Sun, 22 Sep 2024 00:36:17 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex,nofollow
accept-ch: Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store
content-language: en
content-security-policy-report-only: default-src 'self' tamedia.okta-emea.com login.tx.group *.oktacdn.com; connect-src 'self' tamedia.okta-emea.com tamedia-admin.okta-emea.com login.tx.group *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta-emea.com tamedia.kerberos.okta-emea.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' tamedia.okta-emea.com login.tx.group *.oktacdn.com; style-src 'unsafe-inline' 'self' tamedia.okta-emea.com login.tx.group *.oktacdn.com; frame-src 'self' tamedia.okta-emea.com tamedia-admin.okta-emea.com login.tx.group login.okta.com com-okta-authenticator:; img-src 'self' tamedia.okta-emea.com login.tx.group *.oktacdn.com https://eu1static.oktacdn.com/fs/bcg/4/gfs6k33p5yPaZlBSG0i7 *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' tamedia.okta-emea.com login.tx.group data: *.oktacdn.com fonts.gstatic.com
expires: 0
p3p: CP="HONK"
pragma: no-cache
referrer-policy: no-referrer
x-content-type-options: nosniff
x-okta-request-id: Zu9mgaisRdXUIc3miDSAAwAADnI
x-rate-limit-limit: 2000
x-rate-limit-remaining: 1996
x-rate-limit-reset: 1726965428
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

content-length: 110
content-type: text/html
date: Sun, 22 Sep 2024 00:36:16 GMT
location: https://login.tx.group/oauth2/v1/authorize?client_id=0oa6k312pdPnpQHdp0i7&redirect_uri=https%3A%2F%2Falertmanager.aws-prod.unitycms.io%2Foauth2%2Fidpresponse&response_type=code&scope=openid&state=Av8i59dGHtmZeHvaJkBhMXtynkiud8G87sLtcx4kF%2B2O423pdoI%2BvTdI1GZ6QVjdyufHIPw5f2M4BewFBqc5RBwPxA6yOdOQAAEo20Dak53Go3DRw4AewkYORVqpfbDzahOlh8nWvEwYI1SBstnRhiVKamWmhPC4USeW%2FRNLqXtOotLZFXVgZkwvng5KteY9kdHYbPmxfLRmsRKiX2Gk9YT%2F9lfYBIOKxumrXbx7akCaMsfS8g%3D%3D
server: awselb/2.0

GET
H2 200 okta-sign-in.min.js Show response
eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/js/ 2 MB
505 KB 208ms
71ms Script
application/javascript 52.85.61.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/js/okta-sign-in.min.js

Requested by

Host: login.tx.group
URL: https://login.tx.group/oauth2/v1/authorize?client_id=0oa6k312pdPnpQHdp0i7&redirect_uri=https%3A%2F%2Falertmanager.aws-prod.unitycms.io%2Foauth2%2Fidpresponse&response_type=code&scope=openid&state=Av8i59dGHtmZeHvaJkBhMXtynkiud8G87sLtcx4kF%2B2O423pdoI%2BvTdI1GZ6QVjdyufHIPw5f2M4BewFBqc5RBwPxA6yOdOQAAEo20Dak53Go3DRw4AewkYORVqpfbDzahOlh8nWvEwYI1SBstnRhiVKamWmhPC4USeW%2FRNLqXtOotLZFXVgZkwvng5KteY9kdHYbPmxfLRmsRKiX2Gk9YT%2F9lfYBIOKxumrXbx7akCaMsfS8g%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-54.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

9d75be9fa71d9de02417f044d50b1264dc564d453ee20efc7faa9d819a8ffdfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://login.tx.group
Referer

Response headers

content-encoding: gzip
etag: W/"3201febd49d61359da808444b6a8dd0e"
age: 1793182
expires: Mon, 01 Sep 2025 06:29:55 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: cWMokKYukY0UyYoZm4meSzaFBFNjR9WL6kJhe1fIvI_g_-i2dA_S7Q==
date: Sun, 01 Sep 2024 06:29:55 GMT
content-type: application/javascript
last-modified: Wed, 02 Feb 2022 18:36:38 GMT
vary: Accept-Encoding
strict-transport-security: max-age=315360000; includeSubDomains
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-P1
server: nginx

GET
H2 200 okta-sign-in.min.css
eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/ 211 KB
37 KB 169ms
32ms Stylesheet
text/css 52.85.61.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-54.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

9088ba84bd8facb1ae216959655256308143f85f3608acb93880347b60f9a620

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://login.tx.group
Referer

Response headers

content-encoding: gzip
etag: W/"32082203138e95c3496af212b9076cd4"
age: 930584
expires: Thu, 11 Sep 2025 06:06:33 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: vaz2kBc4o3-2H0hQj4qiKCWVCp2OyLBZHMDjSJP6G9imC3DveuAaHg==
date: Wed, 11 Sep 2024 06:06:33 GMT
content-type: text/css
last-modified: Wed, 02 Feb 2022 18:36:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=315360000; includeSubDomains
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-P1
server: nginx

GET
H2 200 custom-signin.a91af2abfd04662e499bd3e151150dbf.css
eu1static.oktacdn.com/assets/loginpage/css/ 6 KB
2 KB 169ms
33ms Stylesheet
text/css 52.85.61.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu1static.oktacdn.com/assets/loginpage/css/custom-signin.a91af2abfd04662e499bd3e151150dbf.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-54.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

a1566688dd7e6e7cdce8dd2634ac42a7d939f0f9ee471a8d79b9a9e7f956e4d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://login.tx.group
Referer

Response headers

content-encoding: gzip
etag: W/"a91af2abfd04662e499bd3e151150dbf"
age: 155983
expires: Sat, 20 Sep 2025 05:16:34 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: dVben76oIzTuA7AHDiZMgFv4-nkvM58kS9dnaenryC4LaRea9K-ksw==
date: Fri, 20 Sep 2024 05:16:34 GMT
content-type: text/css
last-modified: Mon, 05 Aug 2024 19:38:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=315360000; includeSubDomains
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-meta-sha1sum: 411f2a1669354e6e50ec0fe8def6481fd6ca8daf
x-amz-cf-pop: EWR53-P1
server: nginx

GET
H2 200 fs0al3gc5vpYq03tn0i7
eu1static.oktacdn.com/fs/bco/1/ 1 KB
2 KB 170ms
35ms Image
image/png 52.85.61.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu1static.oktacdn.com/fs/bco/1/fs0al3gc5vpYq03tn0i7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-54.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

21bdbd8b86041724b51a97bb093acbcfed7111b9f29cf99df3a8bf1249d24eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

etag: "64f7fdf003bb996386f5b93459bb032f"
age: 1710593
expires: Tue, 02 Sep 2025 05:26:24 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 4YauvkxiJAjlM5DLdhZafQRhHxQ3lsCQTGHza5qhoPuq_M8ml3rH8w==
date: Mon, 02 Sep 2024 05:26:24 GMT
content-type: image/png
last-modified: Wed, 21 Jun 2023 21:38:54 GMT
strict-transport-security: max-age=315360000; includeSubDomains
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1321
x-amz-cf-pop: EWR53-P1
server: nginx

GET
H2 200 initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js Show response
eu1static.oktacdn.com/assets/js/mvc/loginpage/ 204 KB
76 KB 38ms
38ms Script
application/javascript 52.85.61.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu1static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js

Requested by

Host:
URL: OktaUtil.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-54.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://login.tx.group
Referer

Response headers

content-encoding: gzip
etag: W/"58de3be0c9b511a0fdfd7ea4f69b56fc"
age: 1618168
expires: Wed, 03 Sep 2025 07:06:50 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: oUuyyYRfkzwjMctZINj020Pdhjvjs9oljdppqSXBiMyTEFALlMr1IA==
date: Tue, 03 Sep 2024 07:06:51 GMT
content-type: application/javascript
last-modified: Mon, 06 Nov 2023 19:29:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=315360000; includeSubDomains
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-meta-sha1sum: 91eca02abf11239ec4af7a30b1da6e2610f1b9a6
x-amz-cf-pop: EWR53-P1
server: nginx

GET
H2 200 fs0al3gc5yYy5l3x70i7
eu1static.oktacdn.com/fs/bco/7/ 45 KB
46 KB 40ms
40ms Image
image/png 52.85.61.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu1static.oktacdn.com/fs/bco/7/fs0al3gc5yYy5l3x70i7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-54.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

58c93f6a3b6a56b7ac5191966587c97cf998ac4e8dae319e0a7b64e72978e809

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.tx.group/

Response headers

etag: "9cd196bc2ac671de39a64a33f07e5b3f"
age: 1532139
expires: Thu, 04 Sep 2025 07:00:39 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 7i3ikMrgByFaH_0TjTJf2gOv8S29-mC07qUCxbO7Qgt14QIpd7Ssyg==
date: Wed, 04 Sep 2024 07:00:39 GMT
content-type: image/png
last-modified: Wed, 21 Jun 2023 21:38:54 GMT
strict-transport-security: max-age=315360000; includeSubDomains
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 46138
x-amz-cf-pop: EWR53-P1
server: nginx

POST
H/1.1 200
OK introspect Show response
login.tx.group/idp/idx/ 19 KB
21 KB 167ms
165ms XHR
application/ion+json 35.71.153.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.tx.group/idp/idx/introspect

Requested by

Host: eu1static.oktacdn.com
URL: https://eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/js/okta-sign-in.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.153.225 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a977293749abcbf39.awsglobalaccelerator.com

Software

nginx /

Resource Hash

5336e9ddc4c9fe800bde2a8f9401af6314458db7edda4a2eac57519c2fae3cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

x-okta-user-agent-extended: okta-signin-widget-5.16.1
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/ion+json; okta-version=1.0.0
content-type: application/ion+json; okta-version=1.0.0

Response headers

X-Robots-Tag: noindex,nofollow
x-rate-limit-limit: 2000
x-content-type-options: nosniff
expires: 0
p3p: CP="HONK"
Keep-Alive: timeout=5, max=99
Date: Sun, 22 Sep 2024 00:36:18 GMT
Content-Type: application/ion+json;okta-version=1.0.0
x-rate-limit-remaining: 1999
vary: Origin
x-okta-request-id: Zu9mgqisRdXUIc3miDSABgAADnI
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=315360000; includeSubDomains
cache-control: no-cache, no-store
x-rate-limit-reset: 1726965438
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version
Connection: Keep-Alive
access-control-allow-credentials: true
content-security-policy-report-only: default-src 'self' tamedia.okta-emea.com login.tx.group *.oktacdn.com; connect-src 'self' tamedia.okta-emea.com tamedia-admin.okta-emea.com login.tx.group *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta-emea.com tamedia.kerberos.okta-emea.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' tamedia.okta-emea.com login.tx.group *.oktacdn.com; style-src 'unsafe-inline' 'self' tamedia.okta-emea.com login.tx.group *.oktacdn.com; frame-src 'self' tamedia.okta-emea.com tamedia-admin.okta-emea.com login.tx.group login.okta.com com-okta-authenticator:; img-src 'self' tamedia.okta-emea.com login.tx.group *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' tamedia.okta-emea.com login.tx.group data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: https://login.tx.group
x-xss-protection: 0
Server: nginx

GET
H/1.1 200
OK iframe.html
login.okta.com/discovery/ Frame A1BA 0
0 384ms
34ms Document
text/html 108.139.29.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.okta.com/discovery/iframe.html

Requested by

Host: eu1static.oktacdn.com
URL: https://eu1static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-91.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Age: 48024
Connection: keep-alive
Content-Length: 451
Content-Type: text/html
Date: Sat, 21 Sep 2024 12:57:26 GMT
ETag: "090e4f7730dbde0bff2ffa4dc330a6a3"
Last-Modified: Thu, 29 Aug 2024 22:15:28 GMT
Server: AmazonS3
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Tx6hVHWLxfgzbAumQPMHWHttm6WEDHVqfEEAAPdGiQB8iceon8E-vA==
X-Amz-Cf-Pop: JFK50-P2
X-Cache: Hit from cloudfront

GET
H2 200 checkbox-sign-in-widget.png
eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/img/ui/forms/ 3 KB
4 KB 36ms
35ms Image
image/png 52.85.61.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/img/ui/forms/checkbox-sign-in-widget.png

Requested by

Host: eu1static.oktacdn.com
URL: https://eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-54.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css

Response headers

etag: "7846b2f8c6d0a7ca69fdd3d3c294e92d"
age: 378903
expires: Wed, 17 Sep 2025 15:21:14 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: KM6TtfZ5TPQ-2Jozit2Qhg0zCkk9VqDH8VNSZJbUA7nGRFm8dyJscA==
date: Tue, 17 Sep 2024 15:21:14 GMT
content-type: image/png
last-modified: Wed, 02 Feb 2022 18:36:30 GMT
strict-transport-security: max-age=315360000; includeSubDomains
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3141
x-amz-cf-pop: EWR53-P1
server: nginx

GET
H2 200 montserrat-light-webfont.woff
eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/font/ 22 KB
22 KB 35ms
34ms Font
application/font-woff 52.85.61.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/font/montserrat-light-webfont.woff

Requested by

Host: eu1static.oktacdn.com
URL: https://eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-54.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://login.tx.group
Referer: https://eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css

Response headers

etag: "6225f3ca44b83090833064727a09cc95"
age: 483230
expires: Tue, 16 Sep 2025 10:22:28 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 1WwWtx6mPhRVETi-mtiy0i16LpWWGIDgNRY-FMT26sKzY4xJ21Bqxg==
date: Mon, 16 Sep 2024 10:22:28 GMT
content-type: application/font-woff
last-modified: Wed, 02 Feb 2022 18:36:29 GMT
strict-transport-security: max-age=315360000; includeSubDomains
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22112
x-amz-cf-pop: EWR53-P1
server: nginx

GET
H2 200 montserrat-regular-webfont.woff
eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/font/ 21 KB
22 KB 36ms
35ms Font
application/font-woff 52.85.61.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/font/montserrat-regular-webfont.woff

Requested by

Host: eu1static.oktacdn.com
URL: https://eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-54.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://login.tx.group
Referer: https://eu1static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css

Response headers

etag: "8f2822b73b5f9c106c6f2e0db820bcbb"
age: 930582
expires: Thu, 11 Sep 2025 06:06:36 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: SUuheI07u_qBFaCe_nYGOuPg9XLxnAKh1vWxzUha8FF1MiN1BmRvVA==
date: Wed, 11 Sep 2024 06:06:36 GMT
content-type: application/font-woff
last-modified: Wed, 02 Feb 2022 18:36:29 GMT
strict-transport-security: max-age=315360000; includeSubDomains
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21980
x-amz-cf-pop: EWR53-P1
server: nginx

GET
H/1.1 200
OK favicon.ico
login.tx.group/ 5 KB
6 KB 121ms
120ms Other
image/x-icon 35.71.153.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.tx.group/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.153.225 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a977293749abcbf39.awsglobalaccelerator.com

Software

nginx /

Resource Hash

f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security: max-age=315360000; includeSubDomains
X-Robots-Tag: noindex,nofollow
etag: W/"5430-1726868278000"
Connection: Keep-Alive
x-content-type-options: nosniff
accept-ranges: bytes
Content-Length: 5430
Keep-Alive: timeout=5, max=98
Date: Sun, 22 Sep 2024 00:36:18 GMT
Content-Type: image/x-icon
last-modified: Fri, 20 Sep 2024 21:37:58 GMT
Server: nginx

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
alertmanager.aws-prod.unitycms.io/	1970-01-20 23:42:46	Name: AWSALBAuthNonce Value: TIWcZnonc5swimXn
login.tx.group/	1969-12-31 23:59:59	Name: t Value: slate
login.tx.group/	1970-01-21 09:18:45	Name: DT Value: DI1aRe3TRICSQCFNLI81pevMQ
login.tx.group/	1969-12-31 23:59:59	Name: JSESSIONID Value: 9D687E7A3A2840AE3A1DDEE13FF2D850

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alertmanager.aws-prod.unitycms.io
eu1static.oktacdn.com
login.okta.com
login.tx.group
108.139.29.91
35.71.153.225
52.29.39.251
52.85.61.54
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
21bdbd8b86041724b51a97bb093acbcfed7111b9f29cf99df3a8bf1249d24eae
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
5336e9ddc4c9fe800bde2a8f9401af6314458db7edda4a2eac57519c2fae3cb1
58c93f6a3b6a56b7ac5191966587c97cf998ac4e8dae319e0a7b64e72978e809
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
9088ba84bd8facb1ae216959655256308143f85f3608acb93880347b60f9a620
9d75be9fa71d9de02417f044d50b1264dc564d453ee20efc7faa9d819a8ffdfb
a1566688dd7e6e7cdce8dd2634ac42a7d939f0f9ee471a8d79b9a9e7f956e4d0
bde36aa79f56ea57f98bd874e7d6d63bfcef9d4f9e1682ba482a399cc8795d08
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

login.tx.group Open in urlscan Pro 35.71.153.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

753 kBTransfer

2265 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

login.tx.group Open in urlscan Pro
35.71.153.225 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

753 kB
Transfer

2265 kB
Size

4
Cookies

13 HTTP transactions
0 data transactions