login.omnicomgroup.com Open in urlscan Pro
35.170.167.171 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://training.omnicomgroup.com/
Effective URL:
https://login.omnicomgroup.com/Init.aspx
Submission: On January 21 via manual (January 21st 2021, 9:42:43 am UTC) from US

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 25 HTTP transactions. The main IP is 35.170.167.171, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is login.omnicomgroup.com.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on November 6th 2020. Valid for: a year.

This is the only time login.omnicomgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	35.170.167.171 35.170.167.171	14618 (AMAZON-AES) (AMAZON-AES)
1 2	18.209.113.163 18.209.113.163	14618 (AMAZON-AES) (AMAZON-AES)
4	65.9.67.114 65.9.67.114	16509 (AMAZON-02) (AMAZON-02)
6	65.9.67.112 65.9.67.112	16509 (AMAZON-02) (AMAZON-02)
25	4

15 35.170.167.171 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-167-171.compute-1.amazonaws.com

training.omnicomgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.omnicomgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.209.113.163 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-113-163.compute-1.amazonaws.com

omnicomgroup.okta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.67.114 (Seattle, United States)

ASN16509 (AMAZON-02, US)

ok4static.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.67.112 (Seattle, United States)

ASN16509 (AMAZON-02, US)

ok1static.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	omnicomgroup.com 1 redirects training.omnicomgroup.com login.omnicomgroup.com	2 MB
10	oktacdn.com ok4static.oktacdn.com ok1static.oktacdn.com	883 KB
2	okta.com 1 redirects omnicomgroup.okta.com	10 KB
25	3

	Domain	Requested by
14	login.omnicomgroup.com	login.omnicomgroup.com
6	ok1static.oktacdn.com	login.omnicomgroup.com ok1static.oktacdn.com
4	ok4static.oktacdn.com	omnicomgroup.okta.com
2	omnicomgroup.okta.com	1 redirects
1	training.omnicomgroup.com	1 redirects
25	5

This site contains no links.

Subject Issuer	Validity	Valid
*.okta.com DigiCert SHA2 High Assurance Server CA	`2019-05-28` - `2021-05-28`	2 years	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-15` - `2022-01-15`	a year	crt.sh
*.omnicomgroup.com Trusted Secure Certificate Authority 5	`2020-11-06` - `2021-11-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.omnicomgroup.com/Init.aspx
Frame ID: AEB9C04483604F16E7D1B84DCCC97AFB
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://training.omnicomgroup.com/ HTTP 301
https://omnicomgroup.okta.com/home/terranovasecurity/0oadzr4ml3Qxrunsh1t7/aln1ggwzczz4UYD3u1d8 HTTP 302
https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2... Page URL
https://login.omnicomgroup.com/Init.aspx Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

4
IPs

1
Countries

2546 kB
Transfer

3750 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://training.omnicomgroup.com/ HTTP 301
https://omnicomgroup.okta.com/home/terranovasecurity/0oadzr4ml3Qxrunsh1t7/aln1ggwzczz4UYD3u1d8 HTTP 302
https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8 Page URL
https://login.omnicomgroup.com/Init.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://training.omnicomgroup.com/ HTTP 301
https://omnicomgroup.okta.com/home/terranovasecurity/0oadzr4ml3Qxrunsh1t7/aln1ggwzczz4UYD3u1d8 HTTP 302
https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

https://training.omnicomgroup.com/
https://omnicomgroup.okta.com/home/terranovasecurity/0oadzr4ml3Qxrunsh1t7/aln1ggwzczz4UYD3u1d8
https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8

17 KB
9 KB

166ms
166ms

Document
text/html

18.209.113.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.209.113.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-209-113-163.compute-1.amazonaws.com

Software

nginx /

Resource Hash

554a24765444292b2317c4472345d8cf75327aa2aa568f482077d24b1f5935f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: omnicomgroup.okta.com
:scheme: https
:path: /login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:42:19 GMT
content-type: text/html;charset=utf-8
server: nginx
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
vary: Accept-Encoding
x-okta-request-id: YAlMewk1lJ35PAPp2Fmw7QAACOg
x-xss-protection: 0
p3p: CP="HONK"
x-rate-limit-limit: 850
x-rate-limit-remaining: 800
x-rate-limit-reset: 1611222186
content-security-policy-report-only: default-src 'self' *.oktacdn.com omnicomgroup.okta.com; connect-src 'self' *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com omnicomgroup.okta.com omnicomgroup-admin.okta.com omnicomgroup.kerberos.okta.com omnicomgroup.mtls.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' *.oktacdn.com; style-src 'unsafe-inline' 'self' *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' login.okta.com omnicomgroup.okta.com omnicomgroup-admin.okta.com; img-src 'self' *.oktacdn.com omnicomgroup.okta.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src data: 'self' *.oktacdn.com fonts.gstatic.com; report-uri https://okta.report-uri.com/r/d/csp/reportOnly; report-to csp-report
report-to: {"group":"csp-report","max_age":31536000,"endpoints":[{"url":"https://okta.report-uri.com/r/d/csp/reportOnly"}],"include_subdomains":true}
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
cache-control: no-cache, no-store
pragma: no-cache
expires: 0
x-content-type-options: nosniff
content-language: en
strict-transport-security: max-age=315360000; includeSubDomains
x-robots-tag: none
content-encoding: gzip
set-cookie: sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ JSESSIONID=CEC1D4B75FEF25F052B21C2B65891EE2; Path=/; Secure; HttpOnly t=sea; Path=/ DT=DI0C3K3duEuQFWB6YYJ2-Pclg;Version=1;Path=/;Max-Age=63072000;Secure;Expires=Sat, 21 Jan 2023 09:42:19 GMT;SameSite=None sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/

Redirect headers

date: Thu, 21 Jan 2021 09:42:19 GMT
content-length: 0
location: https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8
server: nginx
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-okta-request-id: YAlMezQ@a1b8SeifW5W6awAADks
x-xss-protection: 0
p3p: CP="HONK"
content-language: en
strict-transport-security: max-age=315360000; includeSubDomains
x-robots-tag: none
set-cookie: sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/

GET
H2 200 jquery-1.12.4.cde246884d9601b57ecdf303e95e31d8.js Show response
ok4static.oktacdn.com/assets/js/ 287 KB
101 KB 99ms
34ms Script
application/javascript 65.9.67.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok4static.oktacdn.com/assets/js/jquery-1.12.4.cde246884d9601b57ecdf303e95e31d8.js

Requested by

Host: omnicomgroup.okta.com
URL: https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.67.114 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4a4a9875283ce14328c0269b2e4ac32e2bfb58fbe004638b0600da943c568c28

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Origin: https://omnicomgroup.okta.com
Referer: https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 03 Jan 2021 01:38:50 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1584209
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 23 Jun 2020 22:52:47 GMT
server: nginx
etag: W/"cde246884d9601b57ecdf303e95e31d8"
strict-transport-security: max-age=315360000; includeSubDomains
content-type: application/javascript
via: 1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: -oCBluCDbwGvkAB9r2KqiZmv0dfyNbjxaIehn65Kw9IWBy91WKFoPQ==
expires: Mon, 03 Jan 2022 01:38:50 GMT

GET
H2 200 interstitial.a54a1edc95056b8486c088d765565d49.css
ok4static.oktacdn.com/assets/css/sections/ 6 KB
2 KB 87ms
22ms Stylesheet
text/css 65.9.67.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok4static.oktacdn.com/assets/css/sections/interstitial.a54a1edc95056b8486c088d765565d49.css

Requested by

Host: omnicomgroup.okta.com
URL: https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.67.114 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b03ab66644aac3f5586848ac6289288a8bf2d4c84a0ab66f3bbf6765775b055f

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 21:01:45 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 996034
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 04 Jun 2019 23:38:42 GMT
server: nginx
etag: W/"a54a1edc95056b8486c088d765565d49"
strict-transport-security: max-age=315360000; includeSubDomains
content-type: text/css
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc1.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: o2RNGT7pxaphcqo5DzWt9mZ2rEOQPaXpF31rs_MRSPOQ8VszPeTt3Q==
expires: Sun, 09 Jan 2022 21:01:45 GMT

GET
H2 200 new_interstitial.c41c3b6f3a84458aca9a5919f238fbe3.gif
ok4static.oktacdn.com/assets/img/ui/indicators/ 354 KB
355 KB 26ms
26ms Image
image/gif 65.9.67.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok4static.oktacdn.com/assets/img/ui/indicators/new_interstitial.c41c3b6f3a84458aca9a5919f238fbe3.gif

Requested by

Host: omnicomgroup.okta.com
URL: https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.67.114 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc1.cloudfront.net (CloudFront)
etag: "c41c3b6f3a84458aca9a5919f238fbe3"
age: 1039193
x-cache: Hit from cloudfront
content-length: 362138
last-modified: Tue, 15 Jan 2019 21:45:58 GMT
server: nginx
date: Sat, 09 Jan 2021 09:04:38 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: CaLSO40XKgYpC6v9EnoaZIoensFwbiyI-KSIWoELyIg5zRgpLDlpDA==
expires: Sun, 09 Jan 2022 09:02:26 GMT

GET
H2 200 interstitial.474dce61acfac4a4d016921943cf2a68.js Show response
ok4static.oktacdn.com/assets/js/app/sso/ 678 B
1 KB 33ms
32ms Script
application/javascript 65.9.67.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok4static.oktacdn.com/assets/js/app/sso/interstitial.474dce61acfac4a4d016921943cf2a68.js

Requested by

Host: omnicomgroup.okta.com
URL: https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.67.114 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Origin: https://omnicomgroup.okta.com
Referer: https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
etag: "474dce61acfac4a4d016921943cf2a68"
age: 1637519
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 15 Jan 2019 21:46:12 GMT
server: nginx
date: Sat, 02 Jan 2021 10:50:20 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: hVQ-9HqpcZZjFfwfdSp5crzUlr3mjDBazCSi18d6itniNc5CBBcsiA==
expires: Sun, 02 Jan 2022 10:50:20 GMT

POST
H2 200 Primary Request Init.aspx Show response
login.omnicomgroup.com/ 232 KB
232 KB 120ms
111ms Document
text/html 35.170.167.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://login.omnicomgroup.com/Init.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.170.167.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-167-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 00a5980ec40bed3be9c279020f2b20409ccf6ce9c7054a1ae98953989ed067ac

Request headers

:method: POST
:authority: login.omnicomgroup.com
:scheme: https
:path: /Init.aspx
content-length: 4133
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://omnicomgroup.okta.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://omnicomgroup.okta.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omnicomgroup.okta.com/login/login.htm?fromURI=%2Fhome%2Fterranovasecurity%2F0oadzr4ml3Qxrunsh1t7%2Faln1ggwzczz4UYD3u1d8

Response headers

cache-control: private
content-type: text/html; charset=utf-8
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=pwaefvjb54kszfmuf21k4xal; path=/; HttpOnly; SameSite=Lax ASP.NET_SessionId=pwaefvjb54kszfmuf21k4xal; path=/; HttpOnly; SameSite=Lax __AntiXsrfToken=09d8a7053a4d42f9b0e7d831c6584abc; path=/; HttpOnly
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Thu, 21 Jan 2021 09:42:21 GMT
content-length: 237416

GET
H2 200 modernizr Show response
login.omnicomgroup.com/bundles/ 11 KB
11 KB 328ms
325ms Script
text/javascript 35.170.167.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://login.omnicomgroup.com/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by: Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.170.167.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-167-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba

Request headers

Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:42:21 GMT
last-modified: Thu, 21 Jan 2021 09:42:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 10999
expires: Fri, 21 Jan 2022 09:42:22 GMT

GET
H2 200 css
login.omnicomgroup.com/Content/ 95 KB
95 KB 248ms
245ms Stylesheet
text/css 35.170.167.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://login.omnicomgroup.com/Content/css?v=ZOsx2VX974jiXkn8O9NO4w6zzGGMKnOn23ymCb9UFHg1
Requested by: Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.170.167.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-167-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9b11fc03b28380e01f14e1a78bcc6145836744d3d0363236153a7d08e883e1f5

Request headers

Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:42:21 GMT
last-modified: Thu, 21 Jan 2021 09:42:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
content-length: 97059
expires: Fri, 21 Jan 2022 09:42:22 GMT

GET
H2 200 okta-sign-in.min.js Show response
ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/js/ 999 KB
332 KB 111ms
46ms Script
application/javascript 65.9.67.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/js/okta-sign-in.min.js

Requested by

Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.67.112 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7dd55c3138dc877b6d9965b2c298bd0c05758da75bb89cd908b489574cf9f6ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 06:01:57 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 99621
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 16 Jan 2019 05:15:34 GMT
server: nginx
etag: W/"166634ae5c5bdcd8b23fc11784f3c7d3"
strict-transport-security: max-age=315360000; includeSubDomains
content-type: application/javascript
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: XM3-AcHLmIk1r4HVybsRIaVo0U2fHFp9B2MkXUCEvA4v7Iz5Uvno8Q==
expires: Thu, 20 Jan 2022 06:01:57 GMT

GET
H2 200 okta-sign-in.min.css
ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/css/ 151 KB
28 KB 98ms
33ms Stylesheet
text/css 65.9.67.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/css/okta-sign-in.min.css

Requested by

Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.67.112 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2e7072c51e585616c6e465d24733e2acaf0384ce7dbe7ecdd3080ed5e976c271

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 21:36:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 389141
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 16 Jan 2019 05:15:35 GMT
server: nginx
etag: W/"f928fe8787c3e4b308e0cf95a1a38948"
strict-transport-security: max-age=315360000; includeSubDomains
content-type: text/css
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: wdWNw0pxLktBa9_nSm9SUw95kf_8i2GdipVb2hk99BnwjB0cvFTYWw==
expires: Sun, 16 Jan 2022 21:36:38 GMT

GET
H2 200 okta-theme.css
ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/css/ 32 KB
5 KB 104ms
40ms Stylesheet
text/css 65.9.67.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/css/okta-theme.css

Requested by

Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.67.112 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c6d1565f1eb123287e39ec37bd9cc4800dcf1f9c55da35877d51e9a2d4ee10fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 07:10:51 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1132288
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 16 Jan 2019 05:15:35 GMT
server: nginx
etag: W/"efc32794bc9600b7c3b637d109f78896"
strict-transport-security: max-age=315360000; includeSubDomains
content-type: text/css
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: -YiGSYki5AVzw95kfLA24m347VI96qxe-3_hGkoJ6oYvDQMwHh60PA==
expires: Sat, 08 Jan 2022 07:10:51 GMT

GET
H2 200 omnicom.css
login.omnicomgroup.com/Content/ 913 B
1004 B 327ms
325ms Stylesheet
text/css 35.170.167.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://login.omnicomgroup.com/Content/omnicom.css
Requested by: Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.170.167.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-167-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 80fbf0c7e9bc08c74b052476a73cdc90ef2b985a438e0d6eb996e1c943d6fdf2

Request headers

Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:42:21 GMT
last-modified: Tue, 19 Feb 2019 13:09:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "458dda6954c8d41:0"
content-type: text/css
accept-ranges: bytes
content-length: 913

GET
H2 200 MsAjaxJs Show response
login.omnicomgroup.com/bundles/ 142 KB
142 KB 328ms
326ms Script
text/javascript 35.170.167.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://login.omnicomgroup.com/bundles/MsAjaxJs?v=c42ygB2U07n37m_Sfa8ZbLGVu4Rr2gsBo7MvUEnJeZ81
Requested by: Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.170.167.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-167-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cecb80eac95ee1446e0f325f7d74313bfd444e08254a0fdb0a5584e4c5a99a39

Request headers

Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:42:21 GMT
last-modified: Thu, 21 Jan 2021 09:42:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 145422
expires: Fri, 21 Jan 2022 09:42:22 GMT

GET
H2 200 jquery-1.12.1.min.js Show response
login.omnicomgroup.com/Scripts/ 95 KB
33 KB 330ms
327ms Script
application/javascript 35.170.167.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://login.omnicomgroup.com/Scripts/jquery-1.12.1.min.js
Requested by: Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.170.167.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-167-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Request headers

Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:42:21 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2016 17:25:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "089e984bf15d21:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 33937

GET
H2 200 bootstrap.min.js Show response
login.omnicomgroup.com/Scripts/ 28 KB
8 KB 331ms
329ms Script
application/javascript 35.170.167.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://login.omnicomgroup.com/Scripts/bootstrap.min.js
Requested by: Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.170.167.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-167-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 77784729456d5b714cbf56ab897545efe66fc38f7cdc45ef04d9143c477913df

Request headers

Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:42:21 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2016 17:25:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "089e984bf15d21:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 7681

GET
H2 200 respond.min.js Show response
login.omnicomgroup.com/Scripts/ 5 KB
2 KB 673ms
671ms Script
application/javascript 35.170.167.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://login.omnicomgroup.com/Scripts/respond.min.js
Requested by: Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.170.167.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-167-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e0fefc9b3527b5a7d233834041ff09c1572cd80f9b24894e65a64e332fead136

Request headers

Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:42:21 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2016 17:25:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "089e984bf15d21:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2468

GET
H2 200 WebFormsJs Show response
login.omnicomgroup.com/bundles/ 60 KB
60 KB 675ms
673ms Script
text/javascript 35.170.167.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://login.omnicomgroup.com/bundles/WebFormsJs?v=AAyiAYwMfvmwjNSBfIMrBAqfU5exDukMVhrRuZ-PDU01
Requested by: Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.170.167.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-167-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f0a85621c4a7a9b244a63c9483badf5ae06c9b614ad5790d85d11aa9490785f2

Request headers

Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:42:21 GMT
last-modified: Thu, 21 Jan 2021 09:42:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 61401
expires: Fri, 21 Jan 2022 09:42:22 GMT

GET
H2 200 jquery.qtip.js Show response
login.omnicomgroup.com/Scripts/ 143 KB
33 KB 678ms
677ms Script
application/javascript 35.170.167.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://login.omnicomgroup.com/Scripts/jquery.qtip.js
Requested by: Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.170.167.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-167-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 72da7a0dbd98e470a525552a7e9ea6569acfec01384a4d70def042175eaf2620

Request headers

Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:42:21 GMT
content-encoding: gzip
last-modified: Thu, 15 Dec 2016 22:48:58 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "029bb6b2557d21:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 33627

GET
H2 200 OMCCOMG.png
login.omnicomgroup.com/Content/Images/ 17 KB
17 KB 283ms
283ms Image
image/png 35.170.167.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.omnicomgroup.com/Content/Images/OMCCOMG.png
Requested by: Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.170.167.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-167-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4ec1004cd59fd4acfb6e34077ba75a957e0a71f6140c6fdfcb61081071542cd0

Request headers

Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:42:22 GMT
last-modified: Wed, 23 Jan 2019 12:48:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "61fa5ee19b3d41:0"
content-type: image/png
accept-ranges: bytes
content-length: 17161

GET
H2 200 GCS.jpg
login.omnicomgroup.com/Content/Images/ 1019 KB
1020 KB 280ms
279ms Image
image/jpeg 35.170.167.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.omnicomgroup.com/Content/Images/GCS.jpg
Requested by: Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Content/omnicom.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.170.167.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-167-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 737fd67952e077eb381f546dd089ec90dccf3cdeb6663a4d721c163c50e34d8e

Request headers

Referer: https://login.omnicomgroup.com/Content/omnicom.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:42:22 GMT
last-modified: Tue, 19 Feb 2019 12:57:22 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "ce9d90a752c8d41:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 1043348

GET
H2 200 montserrat-light-webfont.woff
ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/font/ 22 KB
22 KB 80ms
35ms Font
application/font-woff 65.9.67.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/font/montserrat-light-webfont.woff

Requested by

Host: ok1static.oktacdn.com
URL: https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.67.112 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Origin: https://login.omnicomgroup.com
Referer: https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/css/okta-sign-in.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 12:40:18 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
age: 594122
x-cache: Hit from cloudfront
content-length: 22112
last-modified: Wed, 16 Jan 2019 05:15:24 GMT
server: nginx
etag: "6225f3ca44b83090833064727a09cc95"
strict-transport-security: max-age=315360000; includeSubDomains
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/font-woff
x-amz-cf-id: CCDTMQeXfipvda3ffTZPqf-2MrLbs84w5gFFMWT8n9seSRJx6-FOBQ==
expires: Fri, 14 Jan 2022 12:40:18 GMT

GET
H2 200 montserrat-regular-webfont.woff
ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/font/ 21 KB
22 KB 89ms
44ms Font
application/font-woff 65.9.67.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/font/montserrat-regular-webfont.woff

Requested by

Host: ok1static.oktacdn.com
URL: https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.67.112 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Origin: https://login.omnicomgroup.com
Referer: https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/css/okta-sign-in.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 03 Jan 2021 21:15:26 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
age: 1513614
x-cache: Hit from cloudfront
content-length: 21980
last-modified: Wed, 16 Jan 2019 05:15:24 GMT
server: nginx
etag: "8f2822b73b5f9c106c6f2e0db820bcbb"
strict-transport-security: max-age=315360000; includeSubDomains
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/font-woff
x-amz-cf-id: dKpQDXXJs-Hy1wGBkOS2RlB2SN5lyykkCywhbBhhFVJ-nZu1_aEGAA==
expires: Mon, 03 Jan 2022 21:15:26 GMT

GET
H2 404 okticon.b07d286fda59f29c9b14971da3a28f7f.woff
login.omnicomgroup.com/font/ 0
0 937ms
937ms Font
text/html 35.170.167.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://login.omnicomgroup.com/font/okticon.b07d286fda59f29c9b14971da3a28f7f.woff
Requested by: Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.170.167.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-167-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Origin: https://login.omnicomgroup.com
Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:42:22 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 1245
content-type: text/html

GET
H2 404 okticon.dc6e3b1ee45b972dc81e275e6ad93eca.ttf
login.omnicomgroup.com/font/ 0
0 100ms
99ms Font
text/html 35.170.167.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://login.omnicomgroup.com/font/okticon.dc6e3b1ee45b972dc81e275e6ad93eca.ttf
Requested by: Host: login.omnicomgroup.com
URL: https://login.omnicomgroup.com/Init.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.170.167.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-167-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Origin: https://login.omnicomgroup.com
Referer: https://login.omnicomgroup.com/Init.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:42:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 1245
content-type: text/html

GET
H2 200 okticon.woff
ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/font/ 13 KB
14 KB 27ms
26ms Font
application/font-woff 65.9.67.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/font/okticon.woff

Requested by

Host: ok1static.oktacdn.com
URL: https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.67.112 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

40e8d11cf0189585f0323b71ae7257664099ffd982346d92e47e9bb1c72f4ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Origin: https://login.omnicomgroup.com
Referer: https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/css/okta-sign-in.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 09:29:15 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
age: 951186
x-cache: Hit from cloudfront
content-length: 13660
last-modified: Wed, 16 Jan 2019 05:15:24 GMT
server: nginx
etag: "243cd7ee2a2a856732c4f08f01c10f2c"
strict-transport-security: max-age=315360000; includeSubDomains
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/font-woff
x-amz-cf-id: 3KTBw0ZFBZOXH30W7fMjL0aTp5Gmok_xAT_WFvH9SpbKXC-E7QUo7w==
expires: Mon, 10 Jan 2022 09:29:15 GMT

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.omnicomgroup.com/	1969-12-31 23:59:59	Name: __AntiXsrfToken Value: 09d8a7053a4d42f9b0e7d831c6584abc
			login.omnicomgroup.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: pwaefvjb54kszfmuf21k4xal

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.omnicomgroup.com
ok1static.oktacdn.com
ok4static.oktacdn.com
omnicomgroup.okta.com
training.omnicomgroup.com
18.209.113.163
35.170.167.171
65.9.67.112
65.9.67.114
00a5980ec40bed3be9c279020f2b20409ccf6ce9c7054a1ae98953989ed067ac
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
2e7072c51e585616c6e465d24733e2acaf0384ce7dbe7ecdd3080ed5e976c271
40e8d11cf0189585f0323b71ae7257664099ffd982346d92e47e9bb1c72f4ec7
4a4a9875283ce14328c0269b2e4ac32e2bfb58fbe004638b0600da943c568c28
4ec1004cd59fd4acfb6e34077ba75a957e0a71f6140c6fdfcb61081071542cd0
554a24765444292b2317c4472345d8cf75327aa2aa568f482077d24b1f5935f5
72da7a0dbd98e470a525552a7e9ea6569acfec01384a4d70def042175eaf2620
737fd67952e077eb381f546dd089ec90dccf3cdeb6663a4d721c163c50e34d8e
77784729456d5b714cbf56ab897545efe66fc38f7cdc45ef04d9143c477913df
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
7dd55c3138dc877b6d9965b2c298bd0c05758da75bb89cd908b489574cf9f6ff
80fbf0c7e9bc08c74b052476a73cdc90ef2b985a438e0d6eb996e1c943d6fdf2
9b11fc03b28380e01f14e1a78bcc6145836744d3d0363236153a7d08e883e1f5
b03ab66644aac3f5586848ac6289288a8bf2d4c84a0ab66f3bbf6765775b055f
c6d1565f1eb123287e39ec37bd9cc4800dcf1f9c55da35877d51e9a2d4ee10fd
cecb80eac95ee1446e0f325f7d74313bfd444e08254a0fdb0a5584e4c5a99a39
e0fefc9b3527b5a7d233834041ff09c1572cd80f9b24894e65a64e332fead136
f0a85621c4a7a9b244a63c9483badf5ae06c9b614ad5790d85d11aa9490785f2
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

login.omnicomgroup.com Open in urlscan Pro 35.170.167.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

0 %IPv6

3 Domains

5 Subdomains

4 IPs

1 Countries

2546 kBTransfer

3750 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

login.omnicomgroup.com Open in urlscan Pro
35.170.167.171 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

4
IPs

1
Countries

2546 kB
Transfer

3750 kB
Size

2
Cookies

25 HTTP transactions
0 data transactions