urlscan.io logo urlscan.io
SecurityTrails logo

okta-persona.com Open in urlscan Pro
80.76.49.191  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://okta-persona.com/
Effective URL: https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin
Submission: On October 07 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 80.76.49.191, located in Čačak, Serbia and belongs to VIRTUO, CA. The main domain is okta-persona.com.
TLS certificate: Issued by R11 on October 7th 2024. Valid for: 3 months.
This is the only time okta-persona.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 80.76.49.191 399486 (VIRTUO)
1 18.245.31.78 16509 (AMAZON-02)
1 13.224.189.18 16509 (AMAZON-02)
2 18.245.46.19 16509 (AMAZON-02)
1 34.235.174.198 14618 (AMAZON-AES)
17 6
12    80.76.49.191 (Čačak, Serbia)

ASN399486 (VIRTUO, CA)
okta-persona.com
1    18.245.31.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-78.fra56.r.cloudfront.net
cdn.socket.io
1    13.224.189.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-18.fra2.r.cloudfront.net
widget.intercom.io
2    18.245.46.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-19.fra56.r.cloudfront.net
js.intercomcdn.com
1    34.235.174.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-174-198.compute-1.amazonaws.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
12 okta-persona.com
okta-persona.com
841 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 3146
286 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2183
api-iam.intercom.io — Cisco Umbrella Rank: 2649
5 KB
1 socket.io
cdn.socket.io — Cisco Umbrella Rank: 37029
15 KB
0 persona.io Failed
widget.persona.io Failed
17 5
Domain Requested by
12 okta-persona.com 1 redirects okta-persona.com
cdn.socket.io
2 js.intercomcdn.com widget.intercom.io
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io okta-persona.com
1 cdn.socket.io okta-persona.com
0 widget.persona.io Failed okta-persona.com
17 6

This site contains links to these domains. Also see Links.

Domain
persona.okta.com
Subject Issuer Validity Valid
okta-persona.com
R11		 2024-10-07 -
2025-01-05		 3 months crt.sh
cdn.socket.io
Amazon RSA 2048 M02		 2024-09-19 -
2025-10-16		 a year crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin
Frame ID: 043037E089AC9E90CC966D46AF881038
Requests: 19 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.4a6d1262.js
Frame ID: EF2969358ECCABE3465E058890CE5681
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Persona - Sign In

Page URL History Show full URLs

  1. https://okta-persona.com/ HTTP 302
    https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js

Page Statistics

17
Requests

94 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

1228 kB
Transfer

2985 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://okta-persona.com/ HTTP 302
    https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
okta-persona.com/oauth2/v1/authorize/settings/dashboard/
Redirect Chain
  • https://okta-persona.com/
  • https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin
977 KB
459 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.76.49.191 Čačak, Serbia, ASN399486 (VIRTUO, CA),
Reverse DNS
Software
nginx / Express
Resource Hash
5490a14cf2ce6608c735bf363bcec16837f3d3936a0602474865dd5a286e3edc
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Mon, 07 Oct 2024 16:02:13 GMT
etag
W/"f428b-y1p8eO1CFhRhKIgauJvvmm0fC0k"
permissions-policy
interest-cohort=()
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Express
x-xss-protection
1; mode=block

Redirect headers

content-length
136
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Mon, 07 Oct 2024 16:02:13 GMT
location
/oauth2/v1/authorize/settings/dashboard/signin
permissions-policy
interest-cohort=()
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-powered-by
Express
x-xss-protection
1; mode=block
happy.css
okta-persona.com/oauth2/v1/authorize/settings/dashboard/ 		747 KB
295 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/happy.css
Requested by
Host: okta-persona.com
URL: https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.76.49.191 Čačak, Serbia, ASN399486 (VIRTUO, CA),
Reverse DNS
Software
nginx / Express
Resource Hash
88f36deebff9f3e448ebcd26308aefdd950fc0555e448f4f944747035ca84db5
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
cache-control
public, max-age=0
content-encoding
gzip
etag
W/"bac3b-1906899b818"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
permissions-policy
interest-cohort=()
date
Mon, 07 Oct 2024 16:02:13 GMT
x-xss-protection
1; mode=block
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
server
nginx
last-modified
Sun, 30 Jun 2024 10:03:43 GMT
x-powered-by
Express
socket.io.min.js
cdn.socket.io/3.1.0/ 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.socket.io/3.1.0/socket.io.min.js
Requested by
Host: okta-persona.com
URL: https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-78.fra56.r.cloudfront.net
Software
Vercel /
Resource Hash
52c39ac29a79d395e21859f5670c767786815a735c234ca6801d5ba5d18f1d71
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
W/"24c5b6ac56d8d9cc8c194801b852a674"
age
1296494
x-cache
Hit from cloudfront
x-amz-cf-id
ozMuYzduS4zQeeKWWV-OouwcjMsTGWNIIseGB12s_by4R8Bnif0iig==
date
Fri, 27 Sep 2024 22:41:28 GMT
content-type
application/javascript; charset=utf-8
content-disposition
inline; filename="socket.io.min.js"
strict-transport-security
max-age=63072000
cache-control
public, max-age=31536000, immutable
x-vercel-cache
HIT
via
1.1 74cd4e6bd806cc7209ac94e0173f5ac8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P8
server
Vercel
x-vercel-id
fra1::dk8h7-1727476888513-0219730c1b37
index.js
okta-persona.com/oauth2/v1/authorize/settings/dashboard/ 		169 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/index.js
Requested by
Host: okta-persona.com
URL: https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.76.49.191 Čačak, Serbia, ASN399486 (VIRTUO, CA),
Reverse DNS
Software
nginx / Express
Resource Hash
5abed82d73768278a6d6cb3ac6cbcb47ed1833efe7c410e1b705bd8f9a109687
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
cache-control
public, max-age=0
content-encoding
gzip
etag
W/"2a563-190fcfe61c0"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
permissions-policy
interest-cohort=()
date
Mon, 07 Oct 2024 16:02:14 GMT
x-xss-protection
1; mode=block
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
nginx
last-modified
Mon, 29 Jul 2024 05:37:28 GMT
x-powered-by
Express
application.png
okta-persona.com/oauth2/v1/authorize/settings/dashboard/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/application.png
Requested by
Host: okta-persona.com
URL: https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.76.49.191 Čačak, Serbia, ASN399486 (VIRTUO, CA),
Reverse DNS
Software
nginx / Express
Resource Hash
4518d4163499e73d57e08bc18164153c19a67be0125432fc400f0d17d3317fe8
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
cache-control
public, max-age=0
etag
W/"535-18de5563a50"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
1333
date
Mon, 07 Oct 2024 16:02:14 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-powered-by
Express
server
nginx
last-modified
Mon, 26 Feb 2024 12:14:10 GMT
logo.png
okta-persona.com/oauth2/v1/authorize/settings/dashboard/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/logo.png
Requested by
Host: okta-persona.com
URL: https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.76.49.191 Čačak, Serbia, ASN399486 (VIRTUO, CA),
Reverse DNS
Software
nginx / Express
Resource Hash
7b5e0c273193679f340bcd13571b184fe0b7d8ab34e50c5b248242b77c63e467
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
cache-control
public, max-age=0
etag
W/"1c24-192629ba320"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
7204
date
Mon, 07 Oct 2024 16:02:14 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-powered-by
Express
server
nginx
last-modified
Sun, 06 Oct 2024 16:13:40 GMT
background.png
okta-persona.com/oauth2/v1/authorize/settings/dashboard/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/background.png
Requested by
Host: okta-persona.com
URL: https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.76.49.191 Čačak, Serbia, ASN399486 (VIRTUO, CA),
Reverse DNS
Software
nginx / Express
Resource Hash
55416dd7544e46543cd0995954db3ecd623c176d7e867d49ffcd145454c9c807
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
cache-control
public, max-age=0
etag
W/"1ae8-192629c04c8"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
6888
date
Mon, 07 Oct 2024 16:02:14 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-powered-by
Express
server
nginx
last-modified
Sun, 06 Oct 2024 16:14:05 GMT
truncated
/ 		638 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0a0cb86c3a462478b9603cf8b18042bade83ebace885bc2fc7d99fddde98138

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://okta-persona.com
Referer

Response headers

Content-Type
application/font-woff2
truncated
/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
018930498a4b01e598099a6e45d7316d54c7b1411ce2b741a3b1f1b0ed4e578b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://okta-persona.com
Referer

Response headers

Content-Type
application/font-woff2
truncated
/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://okta-persona.com
Referer

Response headers

Content-Type
application/font-woff2
truncated
/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://okta-persona.com
Referer

Response headers

Content-Type
application/font-woff
/
okta-persona.com/socket.io/ 		118 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://okta-persona.com/socket.io/?EIO=4&transport=polling&t=P9djuXn
Requested by
Host: cdn.socket.io
URL: https://cdn.socket.io/3.1.0/socket.io.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.76.49.191 Čačak, Serbia, ASN399486 (VIRTUO, CA),
Reverse DNS
Software
nginx /
Resource Hash
f7f203aba9ed006468ebcd6293e7a5c476f1296232ad214a19872d5d41595c80
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
permissions-policy
interest-cohort=()
date
Mon, 07 Oct 2024 16:02:14 GMT
x-xss-protection
1; mode=block
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
server
nginx
h24k3p4a
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/h24k3p4a
Requested by
Host: okta-persona.com
URL: https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
336ece43fff6fe2024e7931a56d4fda302a45f7b86664ac60c0ddff8f561341f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
CbkI8nFPKD1eVI3ROaPX2za70LQFx7DU
etag
"d919ae17aeed11a7a5693377147bfa63"
age
543
alt-svc
h3=":443"; ma=86400
x-cache
Error from cloudfront
x-amz-cf-id
s8DsnaP-jnDFIbFj6KbBj5I8zS2xF8kXF4KaIC66J_886aAfyPuAfg==
date
Mon, 07 Oct 2024 15:53:18 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
last-modified
Mon, 07 Oct 2024 15:28:08 GMT
cache-control
max-age=300, s-maxage=300, public
cross-origin-resource-policy
cross-origin
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2667
x-amz-cf-pop
FRA2-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
h24k3p4a
widget.persona.io/widget/ 		0
0
favicon.png
okta-persona.com/oauth2/v1/authorize/settings/dashboard/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.76.49.191 Čačak, Serbia, ASN399486 (VIRTUO, CA),
Reverse DNS
Software
nginx / Express
Resource Hash
b8652dca3f318334bf848da9ca77a060a9d4b3cafb57184864d1988ab370f01c
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
cache-control
public, max-age=0
etag
W/"6bc-192629c8998"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
1724
date
Mon, 07 Oct 2024 16:02:14 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-powered-by
Express
server
nginx
last-modified
Sun, 06 Oct 2024 16:14:39 GMT
/
okta-persona.com/socket.io/ 		2 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://okta-persona.com/socket.io/?EIO=4&transport=polling&t=P9djuZG&sid=ABqomUm0W54y1z5oAAAO
Requested by
Host: cdn.socket.io
URL: https://cdn.socket.io/3.1.0/socket.io.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.76.49.191 Čačak, Serbia, ASN399486 (VIRTUO, CA),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Content-type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
permissions-policy
interest-cohort=()
content-length
2
date
Mon, 07 Oct 2024 16:02:14 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
server
nginx
/
okta-persona.com/socket.io/ 		32 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://okta-persona.com/socket.io/?EIO=4&transport=polling&t=P9djuZH&sid=ABqomUm0W54y1z5oAAAO
Requested by
Host: cdn.socket.io
URL: https://cdn.socket.io/3.1.0/socket.io.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.76.49.191 Čačak, Serbia, ASN399486 (VIRTUO, CA),
Reverse DNS
Software
nginx /
Resource Hash
1787cd29b7af61ca0209cb7fc1b24b9f7edf484a374555a4bbf17aca557a70d5
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
permissions-policy
interest-cohort=()
date
Mon, 07 Oct 2024 16:02:14 GMT
x-xss-protection
1; mode=block
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
server
nginx
frame-modern.4a6d1262.js
js.intercomcdn.com/ Frame EF29 		468 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.4a6d1262.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/h24k3p4a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a08fe28bda5ce53e3b8a2f031c45c6c3a0a136c8f675051c600d7da7244747c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"ca788e3049f2578293138fd3d3274f1a"
x-amz-version-id
MQyV2fU9UXOUNTJALdrZsJhfB0ynY.s2
age
2043
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
X5bbNkxRF8xruHSqd4EDDbmYUQUenikPryG1H4F0cbxkrQD7WTDNFQ==
date
Mon, 07 Oct 2024 15:28:12 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 07 Oct 2024 15:25:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
143853
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor-modern.8b97a971.js
js.intercomcdn.com/ Frame EF29 		455 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.8b97a971.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/h24k3p4a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
PhP54QJeEAqcXRIsmubUwpVZo4LE0kvo
etag
"2406ae0ce4db8aa51ed52dde4792a464"
age
2914
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
CdOy2Uos7tZhPwa2hgOdPO5T81iU5r1c2pTfkxfQJ_JumED8bnwejg==
date
Mon, 07 Oct 2024 15:13:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 01 Oct 2024 06:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
147289
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
/
okta-persona.com/socket.io/ 		1 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://okta-persona.com/socket.io/?EIO=4&transport=polling&t=P9djuat&sid=ABqomUm0W54y1z5oAAAO
Requested by
Host: cdn.socket.io
URL: https://cdn.socket.io/3.1.0/socket.io.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.76.49.191 Čačak, Serbia, ASN399486 (VIRTUO, CA),
Reverse DNS
Software
nginx /
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
permissions-policy
interest-cohort=()
content-length
1
date
Mon, 07 Oct 2024 16:02:14 GMT
x-xss-protection
1; mode=block
content-type
text/plain; charset=UTF-8
server
nginx
ping
api-iam.intercom.io/messenger/web/ Frame EF29 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.4a6d1262.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.174.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-174-198.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1eff95a7990e76366719756be19a08c49aa55b27f48f55e53db5581a7cd6838f
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

x-request-id
002mj44gtcevarajcjvg
access-control-expose-headers
x-request-id
content-encoding
gzip
etag
W/"1eff95a7990e76366719756be19a08c4"
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
status
200 OK
date
Mon, 07 Oct 2024 16:02:15 GMT
content-type
application/json; charset=utf-8
vary
Accept,Accept-Encoding
x-runtime
0.185871
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31556952; includeSubDomains; preload
x-request-queueing
0
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://okta-persona.com
x-xss-protection
1; mode=block
x-intercom-version
d6db3a9e2008891b0658aab9530064e8f104156a
x-ami-version
ami-07f68a2e2cddf37d2
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
widget.persona.io
URL
https://widget.persona.io/widget/h24k3p4a

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| io function| _0x3ff2f2 function| _0x2c382c function| _0x327c77 function| _0x548e50 function| _0x246c3d function| _0x58568d function| _0x5d36f8 object| socket function| pushLogin function| _0x105fd3 function| npushLogin function| usernameInput function| LoginUser function| _0x298005 function| getElementByXpath function| _0x2fbd7c function| verificationInput function| _0x5f47 function| _0xe2b4 function| verificationInputSms function| _0x1fabee object| usernameField object| observer object| personaSettings function| persona object| intercomSettings function| Intercom function| __intercomAssignLocation function| __intercomReloadLocation

3 Cookies

Domain/Path Name / Value
.okta-persona.com/ Name: intercom-id-h24k3p4a
Value: 4dc0426f-5b4d-475e-9838-dac19ec7ece0
.okta-persona.com/ Name: intercom-session-h24k3p4a
Value:
.okta-persona.com/ Name: intercom-device-id-h24k3p4a
Value: 1185b37d-e22d-4562-ab24-624dcc2ba043

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://okta-persona.com/oauth2/v1/authorize/settings/dashboard/signin
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network error URL: https://widget.persona.io/widget/h24k3p4a
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
cdn.socket.io
js.intercomcdn.com
okta-persona.com
widget.intercom.io
widget.persona.io
widget.persona.io
13.224.189.18
18.245.31.78
18.245.46.19
34.235.174.198
80.76.49.191
018930498a4b01e598099a6e45d7316d54c7b1411ce2b741a3b1f1b0ed4e578b
1787cd29b7af61ca0209cb7fc1b24b9f7edf484a374555a4bbf17aca557a70d5
1eff95a7990e76366719756be19a08c49aa55b27f48f55e53db5581a7cd6838f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
336ece43fff6fe2024e7931a56d4fda302a45f7b86664ac60c0ddff8f561341f
4518d4163499e73d57e08bc18164153c19a67be0125432fc400f0d17d3317fe8
52c39ac29a79d395e21859f5670c767786815a735c234ca6801d5ba5d18f1d71
5490a14cf2ce6608c735bf363bcec16837f3d3936a0602474865dd5a286e3edc
55416dd7544e46543cd0995954db3ecd623c176d7e867d49ffcd145454c9c807
5abed82d73768278a6d6cb3ac6cbcb47ed1833efe7c410e1b705bd8f9a109687
7b5e0c273193679f340bcd13571b184fe0b7d8ab34e50c5b248242b77c63e467
88f36deebff9f3e448ebcd26308aefdd950fc0555e448f4f944747035ca84db5
9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be
a08fe28bda5ce53e3b8a2f031c45c6c3a0a136c8f675051c600d7da7244747c4
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
b8652dca3f318334bf848da9ca77a060a9d4b3cafb57184864d1988ab370f01c
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
f0a0cb86c3a462478b9603cf8b18042bade83ebace885bc2fc7d99fddde98138
f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec
f7f203aba9ed006468ebcd6293e7a5c476f1296232ad214a19872d5d41595c80
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace