urlscan.io logo urlscan.io
SecurityTrails logo

nike-qa.oktapreview.com Open in urlscan Pro
15.197.141.255  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Effective URL: https://nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/v1/authorize?client_id=nike.osd.now&code_challenge=YFVhEal2df_fxONY8...
Submission: On February 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 15.197.141.255, located in United States and belongs to AMAZON-02, US. The main domain is nike-qa.oktapreview.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 9th 2024. Valid for: a year.
This is the only time nike-qa.oktapreview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 3.225.180.202 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.36.213.229 396982 (GOOGLE-CL...)
7 15.197.141.255 16509 (AMAZON-02)
7 104.17.208.240 13335 (CLOUDFLAR...)
27 6
9    3.225.180.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-180-202.compute-1.amazonaws.com
now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com
cdn.pendo.io
7    15.197.141.255 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab7bfd6a9b7fa1eec.awsglobalaccelerator.com
nike-qa.oktapreview.com
7    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn8kmid7u3fhr7sqa-niketechpmo.siteintercept.qualtrics.com
siteintercept.qualtrics.com
Apex Domain
Subdomains		 Transfer
9 nikecloud.com
now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
6 MB
7 qualtrics.com
zn8kmid7u3fhr7sqa-niketechpmo.siteintercept.qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 901
90 KB
7 oktapreview.com
nike-qa.oktapreview.com
710 KB
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 764
142 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 314
54 KB
27 5
Domain Requested by
9 now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
7 nike-qa.oktapreview.com now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
nike-qa.oktapreview.com
6 siteintercept.qualtrics.com zn8kmid7u3fhr7sqa-niketechpmo.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1 zn8kmid7u3fhr7sqa-niketechpmo.siteintercept.qualtrics.com now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
1 cdn.pendo.io now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
1 cdn.jsdelivr.net now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
27 6

This site contains no links.

Subject Issuer Validity Valid
now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
Amazon RSA 2048 M02		 2024-02-08 -
2025-03-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
cdn.pendo.io
GTS CA 1D4		 2024-02-01 -
2024-05-01		 3 months crt.sh
*.oktapreview.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-09 -
2025-02-08		 a year crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-03-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/v1/authorize?client_id=nike.osd.now&code_challenge=YFVhEal2df_fxONY8G6bPc_4O_uPqP-FcjDlishR4Uw&code_challenge_method=S256&nonce=x24NbXU3DJZM1qKeXXMY3P5x8snHsbDoV5GNA64uRTHQqTNtrIUUMspMPNBjakFR&redirect_uri=https%3A%2F%2Fnow-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com%2Fcallback&response_type=code&state=ywaFz7qycx40absBpMtjINtlf4prOKdNp0c3Z4w1wHh5BwXZZABP87aFvAYsko45&scope=openid%20email%20profile
Frame ID: CE6E52B6BCEE30B22A4C4AB2184E9666
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nike (QA) - Preview - Schlechte Anfrage

Page URL History Show full URLs

  1. https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/ Page URL
  2. https://nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/v1/authorize?client_id=nike.osd.now&code_challen... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

27
Requests

93 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

7741 kB
Transfer

8486 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/ Page URL
  2. https://nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/v1/authorize?client_id=nike.osd.now&code_challenge=YFVhEal2df_fxONY8G6bPc_4O_uPqP-FcjDlishR4Uw&code_challenge_method=S256&nonce=x24NbXU3DJZM1qKeXXMY3P5x8snHsbDoV5GNA64uRTHQqTNtrIUUMspMPNBjakFR&redirect_uri=https%3A%2F%2Fnow-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com%2Fcallback&response_type=code&state=ywaFz7qycx40absBpMtjINtlf4prOKdNp0c3Z4w1wHh5BwXZZABP87aFvAYsko45&scope=openid%20email%20profile Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.180.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-180-202.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5181100ac07bda2a73d24732f1c4d9fa1af02821195052271fb83fb8f33f22d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
35006
apigw-requestid
S2dNxjhgIAMEJ8w=
content-length
3084
content-type
text/html
date
Fri, 09 Feb 2024 04:23:26 GMT
etag
"9f8b12ebb4fa39d95294d41fd9ceaf18"
last-modified
Thu, 08 Feb 2024 17:38:27 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 f7c749b4d9ba39d7629c0f2f434dfc76.cloudfront.net (CloudFront)
x-amz-cf-id
lopo_G4_kYpF9YY7kAvxA3INIK3ZCEryjXV9YnqT2-GyPNSjAoC8HQ==
x-amz-cf-pop
IAD55-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
VTjUxsFya1EQ.zjuBjEgZOw8LR1Q35Gt
x-cache
Hit from cloudfront
x-frame-options
DENY
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 		339 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
URL: https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
41672
x-jsd-version
7.4.47
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220025-FRA, cache-lga21923-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"54a02-OVjZUfBzAil15Q3gxxGhe/obcD8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Heyn%2BgE4kTqOgUPEG12LueL5rtSvQNY9YGEEhiPDGHPZRX%2BZ5vZhqVSs7N%2F3I4KHiA0CgH5%2FEF4F7mP5kP1KIQuGBoXXz9YKwRu5xTJFkh%2FmZjitkE7oXHQ9gil%2Fg6GdNY5oVwOlChNDLKIFnPY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
85295645cc403642-FRA
now-ncss.min.css
now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/css/ 		77 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/css/now-ncss.min.css
Requested by
Host: now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
URL: https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.180.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-180-202.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f459dc2d2ca5c7a9d363b76207651625135dee302ab801db35aa479718c78b78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:26 GMT
x-amz-version-id
015peOx2CtKe3T4BdWd.irzvkyr8OTLx
via
1.1 2174e600dd54879ba9f49d0337eeb2dc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAD55-P1
age
33867
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
78830
apigw-requestid
S2dNzh01IAMEJkw=
last-modified
Thu, 08 Feb 2024 17:38:27 GMT
server
AmazonS3
etag
"5f1a415d8e785229824792d4d2baeb8a"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
_SwVZh6s-Hvwam8lUZxO8pN4I7thZhFJkmiKj4KbLCVUNSeW7nMDFw==
styles.css
now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/css/ 		91 B
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/css/styles.css
Requested by
Host: now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
URL: https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.180.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-180-202.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e32c1a1831e99d6d369b4de57e77828c0247d3df47375300ac46a64a80d4caac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:26 GMT
x-amz-version-id
LHnaEIPk8EN8htguvl_W5ihRO7tKOrkp
via
1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAD55-P1
age
33867
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
91
apigw-requestid
S2dNzhi0oAMEJ5Q=
last-modified
Thu, 08 Feb 2024 17:38:27 GMT
server
AmazonS3
etag
"527f6966e90491ccf604c3967766765d"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
xxTic6OmxE96k_-allnLzegORj69Nh8nIaVia8WXJMOvHv4v9B6ZpQ==
newrelic.min.js
now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/js/newrelic.min.js
Requested by
Host: now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
URL: https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.180.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-180-202.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5181100ac07bda2a73d24732f1c4d9fa1af02821195052271fb83fb8f33f22d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:26 GMT
x-amz-version-id
VTjUxsFya1EQ.zjuBjEgZOw8LR1Q35Gt
via
1.1 a770e75e0ebdb44f23f7a7ef20bbbffa.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAD55-P1
age
33782
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
3084
apigw-requestid
S2dNzingIAMEJ1g=
last-modified
Thu, 08 Feb 2024 17:38:27 GMT
server
AmazonS3
etag
"9f8b12ebb4fa39d95294d41fd9ceaf18"
x-frame-options
DENY
content-type
text/html
accept-ranges
bytes
x-amz-cf-id
9Jzcofe6Uo0ZHgyyU8uGsLqAiIFcVH6tBc5Kj7luOZUs6NJEuKPnvA==
chunk-vendors.65dd828d.js
now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/js/ 		4 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/js/chunk-vendors.65dd828d.js
Requested by
Host: now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
URL: https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.180.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-180-202.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0a3839281035d0bbf440b0de1f63ef5a2aec19e241ed6965c7b8d40caf1838ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Origin
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:26 GMT
x-amz-version-id
fYJDD3kjcvlERA1XxpllHWFv2DoQVaXi
via
1.1 dd8234c537f24852341189e294a7180a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAD55-P1
age
33781
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4004461
apigw-requestid
S2dNzgjBIAMEJxw=
last-modified
Thu, 08 Feb 2024 17:38:31 GMT
server
AmazonS3
etag
"1deb3deae7232b5a7f9f429609d08063"
x-frame-options
DENY
content-type
application/x-javascript
accept-ranges
bytes
x-amz-cf-id
6kb2mZoCBWUERR2RRsS6J0dZcWgVlGrPk4BILmDFmWRaiVjHzEC3SA==
app.3b851103.js
now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/js/ 		595 KB
596 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/js/app.3b851103.js
Requested by
Host: now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
URL: https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.180.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-180-202.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f1237215568f56b315ebe53e62d8ed1c2bc2e7c0f129ab3b39fb1cefddcf762d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Origin
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:26 GMT
x-amz-version-id
Y9GQJQTnwZ0yu5u5aB3wxppYw2sUCKUE
via
1.1 f7c749b4d9ba39d7629c0f2f434dfc76.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAD55-P1
age
33781
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
609179
apigw-requestid
S2dNzj27IAMEJhw=
last-modified
Thu, 08 Feb 2024 17:38:31 GMT
server
AmazonS3
etag
"91fc7e51ead0910f1ff301ba38f383a8"
x-frame-options
DENY
content-type
application/x-javascript
accept-ranges
bytes
x-amz-cf-id
_u3m01V5Z-bB9FfvizQ2ncdvDM3H2MNilQOGcfdzavCxmM4x9j2Y3w==
chunk-vendors.e1863e34.css
now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/css/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/css/chunk-vendors.e1863e34.css
Requested by
Host: now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
URL: https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.180.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-180-202.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
85b86afca078d7cbbb6e94a6653b1cc29c1133887507ab15220a9ac782a5e36e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:26 GMT
x-amz-version-id
oMH9kWZCumgKZGVzcmhHl46RQKgncuk5
via
1.1 8bf94e29f889f8d0076c4502ae008b58.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAD55-P1
age
33866
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1419340
apigw-requestid
S2dNziCFIAMEJ3Q=
last-modified
Thu, 08 Feb 2024 17:38:27 GMT
server
AmazonS3
etag
"0b4778b2ede6189652a24d91749e0be3"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
0NAcL70CedWWZlwOCzL2PmzqxfvYNQxTaAL05sTq0IwQwnqXsLTHcw==
app.54a14c4a.css
now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/css/ 		52 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/css/app.54a14c4a.css
Requested by
Host: now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
URL: https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.180.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-180-202.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bcb012317c5981f99456838510d3a68bbd6258887a4f610e243e5710c7683d4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:26 GMT
x-amz-version-id
72e0DaLXQt6KZkeg29MCNRNVRrpaRBf9
via
1.1 8b1ca38f6b0e2c14ce8c202175f971a6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAD55-P1
age
33867
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
52931
apigw-requestid
S2dNzhhcoAMEJiQ=
last-modified
Thu, 08 Feb 2024 17:38:27 GMT
server
AmazonS3
etag
"5f19a3ebdd22b407aaf9c9308e81208e"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
s31x15qJyyYXaIjnzQnm7nX7bKX03FT-l5vmHq76SQO8rqVAypCykw==
pendo.js
cdn.pendo.io/agent/static/39feecfd-bdc7-4a0f-6309-27e69fc9d930/ 		430 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/39feecfd-bdc7-4a0f-6309-27e69fc9d930/pendo.js
Requested by
Host: now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
URL: https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
229.213.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a29f432423a1ef43ab6c64e0e93c12913b8eb35338b752f3d636a52d30201f1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:27 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
x-guploader-uploadid
ABPtcPrTPr9yQrX7owXYaESjfpLBtDMqKvDHkg_EE4p39Fs1WiWDtyZ1yH6OZGMB0HMTrrdRNaP388-8gA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145268
last-modified
Thu, 08 Feb 2024 19:15:38 GMT
server
UploadServer
etag
"e7f28e7df4fe3d327e484a12d83ce577"
vary
Accept-Encoding
x-goog-generation
1707419738651750
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=gGctqQ==, md5=5/KOffT+PTJ+SEoS2Dzldw==
access-control-expose-headers
*
cache-control
public,max-age=450
x-goog-stored-content-length
145268
accept-ranges
bytes
HelveticaNeue-01.a059cd32.ttf
now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/fonts/ 		556 KB
557 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/fonts/HelveticaNeue-01.a059cd32.ttf
Requested by
Host: now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
URL: https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/css/app.54a14c4a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.180.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-180-202.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3981fe60f06501b3f691f2382b2d301fc958da391937995c6304a28c1ccebafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/css/app.54a14c4a.css
Origin
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:28 GMT
x-amz-version-id
iAL.VcBqk0wk90KpnNGJSmQAT5_k9Ux2
via
1.1 b6caa49e59026d07a8e0859900a10572.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAD55-P1
age
56632
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
568916
apigw-requestid
S2dOIi7XoAMEJBQ=
last-modified
Wed, 31 Jan 2024 14:14:31 GMT
server
AmazonS3
etag
"704296a1703d25d7285a8025b4cf7e7b"
x-frame-options
DENY
content-type
application/octet-stream
accept-ranges
bytes
x-amz-cf-id
gebhF4qKSM4h63sc_2RIBNgFmNn8d_yysqF6o0nn3cTVBMh1jwnwmA==
truncated
/ 		152 KB
152 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577

Request headers

Referer
Origin
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
font/woff2
openid-configuration
nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/.well-known/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/.well-known/openid-configuration
Requested by
Host: now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
URL: https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/js/chunk-vendors.65dd828d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.141.255 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab7bfd6a9b7fa1eec.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' nike-qa.oktapreview.com *.oktacdn.com; connect-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com nike-qa.kerberos.oktapreview.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike-qa.oktapreview.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike-qa.oktapreview.com *.oktacdn.com; frame-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com login.okta.com; img-src 'self' nike-qa.oktapreview.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike-qa.oktapreview.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
X-Okta-User-Agent-Extended
okta-auth-js/7.4.2 @okta/okta-vue/5.6.0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

x-okta-request-id
7182afc57c7996538d93745f12e6d5d5
date
Fri, 09 Feb 2024 04:23:28 GMT
content-security-policy
default-src 'self' nike-qa.oktapreview.com *.oktacdn.com; connect-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com nike-qa.kerberos.oktapreview.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike-qa.oktapreview.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike-qa.oktapreview.com *.oktacdn.com; frame-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com login.okta.com; img-src 'self' nike-qa.oktapreview.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike-qa.oktapreview.com data: *.oktacdn.com fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=315360000; includeSubDomains
content-security-policy-report-only
default-src 'self' nike-qa.oktapreview.com *.oktacdn.com; connect-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com nike-qa.kerberos.oktapreview.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike-qa.oktapreview.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike-qa.oktapreview.com *.oktacdn.com; frame-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com login.okta.com; img-src 'self' nike-qa.oktapreview.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike-qa.oktapreview.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
p3p
CP="HONK"
x-xss-protection
0
server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin, Origin
content-type
application/json
access-control-allow-origin
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
cache-control
max-age=86400, must-revalidate
access-control-allow-credentials
true
expires
Sat, 10 Feb 2024 04:23:22 GMT
openid-configuration
nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/.well-known/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/.well-known/openid-configuration
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.141.255 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab7bfd6a9b7fa1eec.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
GET
Origin
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-okta-user-agent-extended
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
access-control-max-age
3600
content-length
0
content-type
application/octet-stream
date
Fri, 09 Feb 2024 04:23:28 GMT
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
vary
Origin
x-okta-request-id
d181344ba9408cd3fe7bdb3012340c9f
/
zn8kmid7u3fhr7sqa-niketechpmo.siteintercept.qualtrics.com/SIE/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn8kmid7u3fhr7sqa-niketechpmo.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8kMiD7u3fHR7Sqa
Requested by
Host: now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
URL: https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0441b8022303140527cca96ca7d6010a50efbf2292d0fccc9fd772f0c6595f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
154944
cf-polished
origSize=9155
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"23c3-BLnbgtfFqry1MQINWhEOmiE7Zng"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
852956551d9c1c40-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
12.d0a6cbdbbd5630600180.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.d0a6cbdbbd5630600180.chunk.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
Requested by
Host: zn8kmid7u3fhr7sqa-niketechpmo.siteintercept.qualtrics.com
URL: https://zn8kmid7u3fhr7sqa-niketechpmo.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8kMiD7u3fHR7Sqa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67bd21fec363c179f12ffc04b71f3c43fad9e3674b0c43e6d06f363cea89ecc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
107223
cf-polished
origSize=75119
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 18:34:21 GMT
cf-bgj
minify
server
cloudflare
etag
W/"1256f-18d3273b7c8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
852956554dc21c40-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_8kMiD7u3fHR7Sqa&Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.d0a6cbdbbd5630600180.chunk.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 09 Feb 2024 04:23:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
25ce8ab227286aa1
cf-ray
852956558e291c40-FRA
timing-allow-origin
*
Primary Request authorize
nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/v1/ 		3 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/v1/authorize?client_id=nike.osd.now&code_challenge=YFVhEal2df_fxONY8G6bPc_4O_uPqP-FcjDlishR4Uw&code_challenge_method=S256&nonce=x24NbXU3DJZM1qKeXXMY3P5x8snHsbDoV5GNA64uRTHQqTNtrIUUMspMPNBjakFR&redirect_uri=https%3A%2F%2Fnow-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com%2Fcallback&response_type=code&state=ywaFz7qycx40absBpMtjINtlf4prOKdNp0c3Z4w1wHh5BwXZZABP87aFvAYsko45&scope=openid%20email%20profile
Requested by
Host: now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
URL: https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/js/chunk-vendors.65dd828d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.141.255 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab7bfd6a9b7fa1eec.awsglobalaccelerator.com
Software
nginx /
Resource Hash
adb4715aa507ed44f697aba7206bdeaf01f6aa2225d8e3c6465ed7a37e092f9c
Security Headers
Name Value
Content-Security-Policy default-src 'self' nike-qa.oktapreview.com *.oktacdn.com; connect-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com nike-qa.kerberos.oktapreview.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike-qa.oktapreview.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike-qa.oktapreview.com *.oktacdn.com; frame-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com login.okta.com; img-src 'self' nike-qa.oktapreview.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike-qa.oktapreview.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store
content-language
de
content-length
3447
content-security-policy
default-src 'self' nike-qa.oktapreview.com *.oktacdn.com; connect-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com nike-qa.kerberos.oktapreview.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike-qa.oktapreview.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike-qa.oktapreview.com *.oktacdn.com; frame-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com login.okta.com; img-src 'self' nike-qa.oktapreview.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike-qa.oktapreview.com data: *.oktacdn.com fonts.gstatic.com
content-type
text/html;charset=utf-8
date
Fri, 09 Feb 2024 04:23:29 GMT
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
x-content-type-options
nosniff
x-okta-request-id
84306828243dc0101cef84acb4f1d64b
x-rate-limit-limit
20000
x-rate-limit-remaining
19995
x-rate-limit-reset
1707452636
x-xss-protection
0
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=niketechpmo
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.d0a6cbdbbd5630600180.chunk.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
107223
cf-polished
origSize=103878
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 18:34:21 GMT
cf-bgj
minify
server
cloudflare
etag
W/"195c6-18d3273b7c8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
852956571f8a1c40-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
7.cf1c493dffb2d169972c.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/7.cf1c493dffb2d169972c.chunk.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=niketechpmo
Requested by
Host: zn8kmid7u3fhr7sqa-niketechpmo.siteintercept.qualtrics.com
URL: https://zn8kmid7u3fhr7sqa-niketechpmo.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8kMiD7u3fHR7Sqa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
107223
cf-polished
origSize=2904
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 18:34:21 GMT
cf-bgj
minify
server
cloudflare
etag
W/"b58-18d3273b7c8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
852956575fab1c40-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
1.be767510a0dcd247d2ba.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.be767510a0dcd247d2ba.chunk.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=niketechpmo
Requested by
Host: zn8kmid7u3fhr7sqa-niketechpmo.siteintercept.qualtrics.com
URL: https://zn8kmid7u3fhr7sqa-niketechpmo.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8kMiD7u3fHR7Sqa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
107223
cf-polished
origSize=29694
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 18:34:21 GMT
cf-bgj
minify
server
cloudflare
etag
W/"73fe-18d3273b7c8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
852956575fad1c40-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
FeedbackButtonModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=niketechpmo
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.d0a6cbdbbd5630600180.chunk.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
107221
cf-polished
origSize=65278
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 18:34:21 GMT
cf-bgj
minify
server
cloudflare
etag
W/"fefe-18d3273b7c8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
852956575fae1c40-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		0
0
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		0
0
errors-v2.css
nike-qa.oktapreview.com/assets/css/sections/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nike-qa.oktapreview.com/assets/css/sections/errors-v2.css
Requested by
Host: nike-qa.oktapreview.com
URL: https://nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/v1/authorize?client_id=nike.osd.now&code_challenge=YFVhEal2df_fxONY8G6bPc_4O_uPqP-FcjDlishR4Uw&code_challenge_method=S256&nonce=x24NbXU3DJZM1qKeXXMY3P5x8snHsbDoV5GNA64uRTHQqTNtrIUUMspMPNBjakFR&redirect_uri=https%3A%2F%2Fnow-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com%2Fcallback&response_type=code&state=ywaFz7qycx40absBpMtjINtlf4prOKdNp0c3Z4w1wHh5BwXZZABP87aFvAYsko45&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.141.255 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab7bfd6a9b7fa1eec.awsglobalaccelerator.com
Software
nginx /
Resource Hash
07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:29 GMT
x-amz-meta-sha1sum
a0af4ecf251187b0203ff095d16f850cc57a38c1
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Thu, 27 Oct 2022 02:12:48 GMT
server
nginx
etag
W/"80127ba5c47706686501006723ba83da"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
expires
Sat, 08 Feb 2025 04:23:29 GMT
style-sheet
nike-qa.oktapreview.com/api/internal/brand/theme/ 		341 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nike-qa.oktapreview.com/api/internal/brand/theme/style-sheet?touch-point=ERROR_PAGE&v=43dff4eb61a65f4f97dfc180776e02d13b3acb259b69662414091c035c781ffaecf3a59d10c67150a2909055ec9b7b40
Requested by
Host: nike-qa.oktapreview.com
URL: https://nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/v1/authorize?client_id=nike.osd.now&code_challenge=YFVhEal2df_fxONY8G6bPc_4O_uPqP-FcjDlishR4Uw&code_challenge_method=S256&nonce=x24NbXU3DJZM1qKeXXMY3P5x8snHsbDoV5GNA64uRTHQqTNtrIUUMspMPNBjakFR&redirect_uri=https%3A%2F%2Fnow-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com%2Fcallback&response_type=code&state=ywaFz7qycx40absBpMtjINtlf4prOKdNp0c3Z4w1wHh5BwXZZABP87aFvAYsko45&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.141.255 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab7bfd6a9b7fa1eec.awsglobalaccelerator.com
Software
nginx /
Resource Hash
f7ccbf90b79df0fb9645a4d4b5165d6183fec5057f3f0ffb583644b0a5274520
Security Headers
Name Value
Content-Security-Policy default-src 'self' nike-qa.oktapreview.com *.oktacdn.com; connect-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com nike-qa.kerberos.oktapreview.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike-qa.oktapreview.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike-qa.oktapreview.com *.oktacdn.com; frame-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com login.okta.com; img-src 'self' nike-qa.oktapreview.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike-qa.oktapreview.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-okta-request-id
4ec7fba8e5e0f60aa2711662e1ff3070
date
Fri, 09 Feb 2024 04:23:29 GMT
content-security-policy
default-src 'self' nike-qa.oktapreview.com *.oktacdn.com; connect-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com nike-qa.kerberos.oktapreview.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike-qa.oktapreview.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike-qa.oktapreview.com *.oktacdn.com; frame-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com login.okta.com; img-src 'self' nike-qa.oktapreview.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike-qa.oktapreview.com data: *.oktacdn.com fonts.gstatic.com
x-rate-limit-limit
24000
x-content-type-options
nosniff
content-encoding
gzip
x-rate-limit-remaining
23999
strict-transport-security
max-age=315360000; includeSubDomains
content-security-policy-report-only
default-src 'self' nike-qa.oktapreview.com *.oktacdn.com; connect-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com nike-qa.kerberos.oktapreview.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike-qa.oktapreview.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike-qa.oktapreview.com *.oktacdn.com; frame-src 'self' nike-qa.oktapreview.com nike-qa-admin.oktapreview.com login.okta.com; img-src 'self' nike-qa.oktapreview.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike-qa.oktapreview.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'; report-uri https://oktacsp.report-uri.com/r/t/csp/reportOnly; report-to csp
p3p
CP="HONK"
x-xss-protection
0
server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Accept-Encoding
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://oktacsp.report-uri.com/a/t/g"}],"include_subdomains":true}
content-type
text/css
x-rate-limit-reset
1707452669
cache-control
max-age=31536000, must-revalidate
expires
Sat, 08 Feb 2025 04:23:29 GMT
fs08bh5c01kxonz2a0h7
nike-qa.oktapreview.com/fs/bco/1/ 		500 B
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nike-qa.oktapreview.com/fs/bco/1/fs08bh5c01kxonz2a0h7
Requested by
Host: nike-qa.oktapreview.com
URL: https://nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/v1/authorize?client_id=nike.osd.now&code_challenge=YFVhEal2df_fxONY8G6bPc_4O_uPqP-FcjDlishR4Uw&code_challenge_method=S256&nonce=x24NbXU3DJZM1qKeXXMY3P5x8snHsbDoV5GNA64uRTHQqTNtrIUUMspMPNBjakFR&redirect_uri=https%3A%2F%2Fnow-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com%2Fcallback&response_type=code&state=ywaFz7qycx40absBpMtjINtlf4prOKdNp0c3Z4w1wHh5BwXZZABP87aFvAYsko45&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.141.255 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab7bfd6a9b7fa1eec.awsglobalaccelerator.com
Software
nginx /
Resource Hash
fcfadab6eba8bf7c5420608740e9410f32bd976ff064954ecfe9b62c76e0c5e2
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:29 GMT
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Wed, 17 Apr 2019 01:37:18 GMT
server
nginx
etag
"d17cc02a893a80ade12487e5c3cd620b"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-length
500
expires
Sat, 08 Feb 2025 04:23:29 GMT
fs08iabi7l1fZKe1J0h7
nike-qa.oktapreview.com/fs/bco/7/ 		696 KB
697 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nike-qa.oktapreview.com/fs/bco/7/fs08iabi7l1fZKe1J0h7
Requested by
Host: nike-qa.oktapreview.com
URL: https://nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/v1/authorize?client_id=nike.osd.now&code_challenge=YFVhEal2df_fxONY8G6bPc_4O_uPqP-FcjDlishR4Uw&code_challenge_method=S256&nonce=x24NbXU3DJZM1qKeXXMY3P5x8snHsbDoV5GNA64uRTHQqTNtrIUUMspMPNBjakFR&redirect_uri=https%3A%2F%2Fnow-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com%2Fcallback&response_type=code&state=ywaFz7qycx40absBpMtjINtlf4prOKdNp0c3Z4w1wHh5BwXZZABP87aFvAYsko45&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.141.255 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab7bfd6a9b7fa1eec.awsglobalaccelerator.com
Software
nginx /
Resource Hash
4b426bfde283bd191876b3047fb3f6378cb6aaff0b81625ddcea399e6965ca0b
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/v1/authorize?client_id=nike.osd.now&code_challenge=YFVhEal2df_fxONY8G6bPc_4O_uPqP-FcjDlishR4Uw&code_challenge_method=S256&nonce=x24NbXU3DJZM1qKeXXMY3P5x8snHsbDoV5GNA64uRTHQqTNtrIUUMspMPNBjakFR&redirect_uri=https%3A%2F%2Fnow-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com%2Fcallback&response_type=code&state=ywaFz7qycx40absBpMtjINtlf4prOKdNp0c3Z4w1wHh5BwXZZABP87aFvAYsko45&scope=openid%20email%20profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 04:23:29 GMT
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Wed, 17 Apr 2019 15:50:14 GMT
server
nginx
etag
"99cb173a963b6fcbba18ff8559c9de3b"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-length
712276
expires
Sat, 08 Feb 2025 04:23:29 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
siteintercept.qualtrics.com
URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_ahpz2oQ1g0BMoTA&Version=12&Q_ORIGIN=https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com&Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21
Domain
siteintercept.qualtrics.com
URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_0PLXzAdRkkV5vCe&Version=5&Q_InterceptID=SI_ahpz2oQ1g0BMoTA&Q_ORIGIN=https://now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com&Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
nike-qa.oktapreview.com/ Name: t
Value: slate
nike-qa.oktapreview.com/ Name: DT
Value: DI15FZacWqjS7a7ngJY13lRZA
nike-qa.oktapreview.com/ Name: JSESSIONID
Value: 33F1EBDA62FEFFA57C77AC686A26D536

1 Console Messages

Source Level URL
Text
network error URL: https://nike-qa.oktapreview.com/oauth2/ausa0mcornpZLi0C40h7/v1/authorize?client_id=nike.osd.now&code_challenge=YFVhEal2df_fxONY8G6bPc_4O_uPqP-FcjDlishR4Uw&code_challenge_method=S256&nonce=x24NbXU3DJZM1qKeXXMY3P5x8snHsbDoV5GNA64uRTHQqTNtrIUUMspMPNBjakFR&redirect_uri=https%3A%2F%2Fnow-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com%2Fcallback&response_type=code&state=ywaFz7qycx40absBpMtjINtlf4prOKdNp0c3Z4w1wHh5BwXZZABP87aFvAYsko45&scope=openid%20email%20profile
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.pendo.io
nike-qa.oktapreview.com
now-iam-ui-gateway-dev.mp-ordermgmt-test.nikecloud.com
siteintercept.qualtrics.com
zn8kmid7u3fhr7sqa-niketechpmo.siteintercept.qualtrics.com
siteintercept.qualtrics.com
104.17.208.240
15.197.141.255
2606:4700::6810:5814
3.225.180.202
34.36.213.229
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
0441b8022303140527cca96ca7d6010a50efbf2292d0fccc9fd772f0c6595f6e
07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1
0a3839281035d0bbf440b0de1f63ef5a2aec19e241ed6965c7b8d40caf1838ca
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577
3981fe60f06501b3f691f2382b2d301fc958da391937995c6304a28c1ccebafb
4b426bfde283bd191876b3047fb3f6378cb6aaff0b81625ddcea399e6965ca0b
5181100ac07bda2a73d24732f1c4d9fa1af02821195052271fb83fb8f33f22d5
67bd21fec363c179f12ffc04b71f3c43fad9e3674b0c43e6d06f363cea89ecc6
85b86afca078d7cbbb6e94a6653b1cc29c1133887507ab15220a9ac782a5e36e
a29f432423a1ef43ab6c64e0e93c12913b8eb35338b752f3d636a52d30201f1f
adb4715aa507ed44f697aba7206bdeaf01f6aa2225d8e3c6465ed7a37e092f9c
bcb012317c5981f99456838510d3a68bbd6258887a4f610e243e5710c7683d4a
e32c1a1831e99d6d369b4de57e77828c0247d3df47375300ac46a64a80d4caac
f1237215568f56b315ebe53e62d8ed1c2bc2e7c0f129ab3b39fb1cefddcf762d
f459dc2d2ca5c7a9d363b76207651625135dee302ab801db35aa479718c78b78
f7ccbf90b79df0fb9645a4d4b5165d6183fec5057f3f0ffb583644b0a5274520
fcfadab6eba8bf7c5420608740e9410f32bd976ff064954ecfe9b62c76e0c5e2