urlscan.io logo urlscan.io
SecurityTrails logo

sso.andrewnet.net Open in urlscan Pro
2606:4700::6812:bd9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pv-toronto.as1003.net/
Effective URL: https://sso.andrewnet.net/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=hf-Jz7afVYOsBixJ89yq7eBnl0hoGdz85...
Submission: On February 17 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 6 domains to perform 24 HTTP transactions. The main IP is 2606:4700::6812:bd9, located in United States and belongs to CLOUDFLARENET, US. The main domain is sso.andrewnet.net.
TLS certificate: Issued by GTS CA 1P5 on February 2nd 2023. Valid for: 3 months.
This is the only time sso.andrewnet.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:300... 13335 (CLOUDFLAR...)
1 12 2606:4700::68... 13335 (CLOUDFLAR...)
9 18.164.116.109 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 99.84.37.111 16509 (AMAZON-02)
24 5
1    2606:4700::6812:1e21 (United States)

ASN13335 (CLOUDFLARENET, US)
pv-toronto.as1003.net
1    2606:4700::6812:1f21 (United States)

ASN13335 (CLOUDFLARENET, US)
pv-toronto.as1003.net
1    2606:4700:300a::6813:c21d (United States)

ASN13335 (CLOUDFLARENET, US)
andrewnet.cloudflareaccess.com
12    2606:4700::6812:bd9 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.andrewnet.net
sso.andrewnet.net
9    18.164.116.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-109.jfk50.r.cloudfront.net
ok12static.oktacdn.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    99.84.37.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-111.ewr52.r.cloudfront.net
login.okta.com
Apex Domain
Subdomains		 Transfer
12 andrewnet.net
cdn.andrewnet.net
sso.andrewnet.net
42 KB
9 oktacdn.com
ok12static.oktacdn.com — Cisco Umbrella Rank: 15304
737 KB
2 okta.com
login.okta.com — Cisco Umbrella Rank: 5491
97 KB
2 as1003.net
pv-toronto.as1003.net
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 929
6 KB
1 cloudflareaccess.com
andrewnet.cloudflareaccess.com
11 KB
24 6
Domain Requested by
11 sso.andrewnet.net 1 redirects andrewnet.cloudflareaccess.com
static.cloudflareinsights.com
sso.andrewnet.net
ok12static.oktacdn.com
9 ok12static.oktacdn.com sso.andrewnet.net
ok12static.oktacdn.com
2 login.okta.com ok12static.oktacdn.com
login.okta.com
2 pv-toronto.as1003.net 2 redirects
1 static.cloudflareinsights.com sso.andrewnet.net
1 cdn.andrewnet.net andrewnet.cloudflareaccess.com
1 andrewnet.cloudflareaccess.com
24 7

This site contains links to these domains. Also see Links.

Domain
www.andrewnet.net
Subject Issuer Validity Valid
ssl1075497.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2022-11-11 -
2023-09-07		 10 months crt.sh
cdn.andrewnet.net
Cloudflare Inc ECC CA-3		 2022-10-04 -
2023-10-04		 a year crt.sh
sso.andrewnet.net
GTS CA 1P5		 2023-02-02 -
2023-05-03		 3 months crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-01-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
accounts.okta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-13 -
2023-07-25		 a year crt.sh

This page contains 3 frames:

Primary Page: https://sso.andrewnet.net/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=hf-Jz7afVYOsBixJ89yq7eBnl0hoGdz85Mi3XCFSXtk
Frame ID: 334C80C38B7EDE3CC8A9A89829AE60D8
Requests: 19 HTTP requests in this frame

Frame: https://sso.andrewnet.net/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676592000
Frame ID: E0A146D8F73EB0F6C0E572D4E0A026DE
Requests: 3 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: B58D50F439E63BC824BB561E68F000D0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

andrewnet - Sign In

Page URL History Show full URLs

  1. http://pv-toronto.as1003.net/ HTTP 301
    https://pv-toronto.as1003.net/ HTTP 302
    https://andrewnet.cloudflareaccess.com/cdn-cgi/access/login/pv-toronto.as1003.net?kid=6273dd7d13684ace26b78a2276767... Page URL
  2. https://sso.andrewnet.net/oauth2/v1/authorize?client_id=0oa2g0504qXhcvW1x5d7&redirect_uri=https%3A%2F%... HTTP 302
    https://sso.andrewnet.net/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=hf-Jz7afVYOsB... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns

Page Statistics

24
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

5
IPs

1
Countries

892 kB
Transfer

2462 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pv-toronto.as1003.net/ HTTP 301
    https://pv-toronto.as1003.net/ HTTP 302
    https://andrewnet.cloudflareaccess.com/cdn-cgi/access/login/pv-toronto.as1003.net?kid=6273dd7d13684ace26b78a2276767e11433532c68aa8fdcaf1310dcbb6299897&redirect_url=%2F&meta=eyJraWQiOiIwMGVjNTcwZWUxZDhkM2M1MTcyYzNmZGVhNjJmZjYwODJjYzUwYjVmOTYyMWJlYWFlNTU3YWMyOGExOGU5YjEwIiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJzZXJ2aWNlX3Rva2VuX3N0YXR1cyI6ZmFsc2UsImlhdCI6MTY3NjYwMzA4Miwic2VydmljZV90b2tlbl9pZCI6IiIsImF1ZCI6IjYyNzNkZDdkMTM2ODRhY2UyNmI3OGEyMjc2NzY3ZTExNDMzNTMyYzY4YWE4ZmRjYWYxMzEwZGNiYjYyOTk4OTciLCJob3N0bmFtZSI6InB2LXRvcm9udG8uYXMxMDAzLm5ldCIsImFwcF9zZXNzaW9uX2hhc2giOiI1YWY5N2ZkZWUxN2ZmNmNmZjE0ZDJhMDRlNDU2N2JkNWZhMzQwN2RhMDkxMDcyN2NiYTIzZDBlZDZhMDkzZGZiIiwibmJmIjoxNjc2NjAzMDgyLCJpc193YXJwIjpmYWxzZSwiaXNfZ2F0ZXdheSI6ZmFsc2UsInR5cGUiOiJtZXRhIiwicmVkaXJlY3RfdXJsIjoiXC8iLCJtdGxzX2F1dGgiOnsiY2VydF9pc3N1ZXJfc2tpIjoiIiwiY2VydF9wcmVzZW50ZWQiOmZhbHNlLCJjZXJ0X3NlcmlhbCI6IiIsImNlcnRfaXNzdWVyX2RuIjoiIiwiYXV0aF9zdGF0dXMiOiJOT05FIn0sImF1dGhfc3RhdHVzIjoiTk9ORSJ9.vyNheBJDjNN6udG40OK8qRbfpiSWfm7DjM5xXR9WQ0u2VUbxZgScvFABB6cJrVrN9Ic8qMvDl7m916ZNvFlNde4foXBJiVCNdIAQEX8XwiTzJriOi3pEvgmUj4Tgm0wDawAOTB_P0P_JvkdDthxMWZEcsUAVj2Vg9ngyhfO5I_6asKr1IUUtppGcxMthahmUk73EOu3x14nFNvFS_m5ARZcdsJmg0TVd9akLIoAagr21lhSOegQtGG83-Rz_C5d_4_c1uNrm-DjIAMj3wkv8wxIo4_DHYfbH-bsjUxoPDItSOzwndJUVFdbqvGKV3LsZbmGoi4xy9HoKfb3KvWRPSw Page URL
  2. https://sso.andrewnet.net/oauth2/v1/authorize?client_id=0oa2g0504qXhcvW1x5d7&redirect_uri=https%3A%2F%2Fandrewnet.cloudflareaccess.com%2Fcdn-cgi%2Faccess%2Fcallback&response_type=code&scope=openid%20groups%20profile%20email&state=d7dd06c00e865a0f31a4d0ef742f4651880455463a2d1cf084802fb8c7f67308.JTdCJTIyaWF0JTIyJTNBMTY3NjYwMzA4MyUyQyUyMmF1dGhEb21haW4lMjIlM0ElMjJhbmRyZXduZXQuY2xvdWRmbGFyZWFjY2Vzcy5jb20lMjIlMkMlMjJob3N0bmFtZSUyMiUzQSUyMnB2LXRvcm9udG8uYXMxMDAzLm5ldCUyMiUyQyUyMnJlZGlyZWN0VVJMJTIyJTNBJTIyJTJGJTIyJTJDJTIyYXVkJTIyJTNBJTIyNjI3M2RkN2QxMzY4NGFjZTI2Yjc4YTIyNzY3NjdlMTE0MzM1MzJjNjhhYThmZGNhZjEzMTBkY2JiNjI5OTg5NyUyMiUyQyUyMmlzU2FtZVNpdGVOb25lQ29tcGF0aWJsZSUyMiUzQXRydWUlMkMlMjJpc0lEUFRlc3QlMjIlM0FmYWxzZSUyQyUyMmlzUmVmcmVzaCUyMiUzQWZhbHNlJTJDJTIybm9uY2UlMjIlM0ElMjJuSklISlFndUdPbkJEUER2aSUyMiUyQyUyMmlkcElkJTIyJTNBJTIyZTNlOTE2M2ItOGQ5MC00MDVmLTk4NzktZjJhNWEwNjc5NzFlJTIyJTJDJTIyc2VydmljZV90b2tlbl9pZCUyMiUzQSUyMiUyMiUyQyUyMnNlcnZpY2VfdG9rZW5fc3RhdHVzJTIyJTNBZmFsc2UlMkMlMjJhdXRoX3N0YXR1cyUyMiUzQSUyMk5PTkUlMjIlMkMlMjJpc193YXJwJTIyJTNBZmFsc2UlMkMlMjJpc19nYXRld2F5JTIyJTNBZmFsc2UlMkMlMjJtdGxzX2F1dGglMjIlM0ElN0IlMjJjZXJ0X2lzc3Vlcl9za2klMjIlM0ElMjIlMjIlMkMlMjJjZXJ0X3ByZXNlbnRlZCUyMiUzQWZhbHNlJTJDJTIyY2VydF9zZXJpYWwlMjIlM0ElMjIlMjIlMkMlMjJjZXJ0X2lzc3Vlcl9kbiUyMiUzQSUyMiUyMiUyQyUyMmF1dGhfc3RhdHVzJTIyJTNBJTIyTk9ORSUyMiU3RCUyQyUyMmFwcFNlc3Npb25IYXNoJTIyJTNBJTIyNWFmOTdmZGVlMTdmZjZjZmYxNGQyYTA0ZTQ1NjdiZDVmYTM0MDdkYTA5MTA3MjdjYmEyM2QwZWQ2YTA5M2RmYiUyMiU3RA%253D%253D HTTP 302
    https://sso.andrewnet.net/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=hf-Jz7afVYOsBixJ89yq7eBnl0hoGdz85Mi3XCFSXtk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://pv-toronto.as1003.net/ HTTP 301
  • https://pv-toronto.as1003.net/ HTTP 302
  • https://andrewnet.cloudflareaccess.com/cdn-cgi/access/login/pv-toronto.as1003.net?kid=6273dd7d13684ace26b78a2276767e11433532c68aa8fdcaf1310dcbb6299897&redirect_url=%2F&meta=eyJraWQiOiIwMGVjNTcwZWUxZDhkM2M1MTcyYzNmZGVhNjJmZjYwODJjYzUwYjVmOTYyMWJlYWFlNTU3YWMyOGExOGU5YjEwIiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJzZXJ2aWNlX3Rva2VuX3N0YXR1cyI6ZmFsc2UsImlhdCI6MTY3NjYwMzA4Miwic2VydmljZV90b2tlbl9pZCI6IiIsImF1ZCI6IjYyNzNkZDdkMTM2ODRhY2UyNmI3OGEyMjc2NzY3ZTExNDMzNTMyYzY4YWE4ZmRjYWYxMzEwZGNiYjYyOTk4OTciLCJob3N0bmFtZSI6InB2LXRvcm9udG8uYXMxMDAzLm5ldCIsImFwcF9zZXNzaW9uX2hhc2giOiI1YWY5N2ZkZWUxN2ZmNmNmZjE0ZDJhMDRlNDU2N2JkNWZhMzQwN2RhMDkxMDcyN2NiYTIzZDBlZDZhMDkzZGZiIiwibmJmIjoxNjc2NjAzMDgyLCJpc193YXJwIjpmYWxzZSwiaXNfZ2F0ZXdheSI6ZmFsc2UsInR5cGUiOiJtZXRhIiwicmVkaXJlY3RfdXJsIjoiXC8iLCJtdGxzX2F1dGgiOnsiY2VydF9pc3N1ZXJfc2tpIjoiIiwiY2VydF9wcmVzZW50ZWQiOmZhbHNlLCJjZXJ0X3NlcmlhbCI6IiIsImNlcnRfaXNzdWVyX2RuIjoiIiwiYXV0aF9zdGF0dXMiOiJOT05FIn0sImF1dGhfc3RhdHVzIjoiTk9ORSJ9.vyNheBJDjNN6udG40OK8qRbfpiSWfm7DjM5xXR9WQ0u2VUbxZgScvFABB6cJrVrN9Ic8qMvDl7m916ZNvFlNde4foXBJiVCNdIAQEX8XwiTzJriOi3pEvgmUj4Tgm0wDawAOTB_P0P_JvkdDthxMWZEcsUAVj2Vg9ngyhfO5I_6asKr1IUUtppGcxMthahmUk73EOu3x14nFNvFS_m5ARZcdsJmg0TVd9akLIoAagr21lhSOegQtGG83-Rz_C5d_4_c1uNrm-DjIAMj3wkv8wxIo4_DHYfbH-bsjUxoPDItSOzwndJUVFdbqvGKV3LsZbmGoi4xy9HoKfb3KvWRPSw

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
pv-toronto.as1003.net
andrewnet.cloudflareaccess.com/cdn-cgi/access/login/
Redirect Chain
  • http://pv-toronto.as1003.net/
  • https://pv-toronto.as1003.net/
  • https://andrewnet.cloudflareaccess.com/cdn-cgi/access/login/pv-toronto.as1003.net?kid=6273dd7d13684ace26b78a2276767e11433532c68aa8fdcaf1310dcbb6299897&redirect_url=%2F&meta=eyJraWQiOiIwMGVjNTcwZWUx...
29 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://andrewnet.cloudflareaccess.com/cdn-cgi/access/login/pv-toronto.as1003.net?kid=6273dd7d13684ace26b78a2276767e11433532c68aa8fdcaf1310dcbb6299897&redirect_url=%2F&meta=eyJraWQiOiIwMGVjNTcwZWUxZDhkM2M1MTcyYzNmZGVhNjJmZjYwODJjYzUwYjVmOTYyMWJlYWFlNTU3YWMyOGExOGU5YjEwIiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJzZXJ2aWNlX3Rva2VuX3N0YXR1cyI6ZmFsc2UsImlhdCI6MTY3NjYwMzA4Miwic2VydmljZV90b2tlbl9pZCI6IiIsImF1ZCI6IjYyNzNkZDdkMTM2ODRhY2UyNmI3OGEyMjc2NzY3ZTExNDMzNTMyYzY4YWE4ZmRjYWYxMzEwZGNiYjYyOTk4OTciLCJob3N0bmFtZSI6InB2LXRvcm9udG8uYXMxMDAzLm5ldCIsImFwcF9zZXNzaW9uX2hhc2giOiI1YWY5N2ZkZWUxN2ZmNmNmZjE0ZDJhMDRlNDU2N2JkNWZhMzQwN2RhMDkxMDcyN2NiYTIzZDBlZDZhMDkzZGZiIiwibmJmIjoxNjc2NjAzMDgyLCJpc193YXJwIjpmYWxzZSwiaXNfZ2F0ZXdheSI6ZmFsc2UsInR5cGUiOiJtZXRhIiwicmVkaXJlY3RfdXJsIjoiXC8iLCJtdGxzX2F1dGgiOnsiY2VydF9pc3N1ZXJfc2tpIjoiIiwiY2VydF9wcmVzZW50ZWQiOmZhbHNlLCJjZXJ0X3NlcmlhbCI6IiIsImNlcnRfaXNzdWVyX2RuIjoiIiwiYXV0aF9zdGF0dXMiOiJOT05FIn0sImF1dGhfc3RhdHVzIjoiTk9ORSJ9.vyNheBJDjNN6udG40OK8qRbfpiSWfm7DjM5xXR9WQ0u2VUbxZgScvFABB6cJrVrN9Ic8qMvDl7m916ZNvFlNde4foXBJiVCNdIAQEX8XwiTzJriOi3pEvgmUj4Tgm0wDawAOTB_P0P_JvkdDthxMWZEcsUAVj2Vg9ngyhfO5I_6asKr1IUUtppGcxMthahmUk73EOu3x14nFNvFS_m5ARZcdsJmg0TVd9akLIoAagr21lhSOegQtGG83-Rz_C5d_4_c1uNrm-DjIAMj3wkv8wxIo4_DHYfbH-bsjUxoPDItSOzwndJUVFdbqvGKV3LsZbmGoi4xy9HoKfb3KvWRPSw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300a::6813:c21d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; connect-src 'self' http://127.0.0.1:*; default-src https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
null
cf-access-domain
pv-toronto.as1003.net
cf-ray
79ab4c107e90d153-BUF
cf-version
1378-db14902
content-encoding
gzip
content-security-policy
frame-ancestors 'none'; connect-src 'self' http://127.0.0.1:*; default-src https: 'unsafe-inline'
content-type
text/html
date
Fri, 17 Feb 2023 03:04:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79ab4c0fea92d15b-BUF
date
Fri, 17 Feb 2023 03:04:42 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://andrewnet.cloudflareaccess.com/cdn-cgi/access/login/pv-toronto.as1003.net?kid=6273dd7d13684ace26b78a2276767e11433532c68aa8fdcaf1310dcbb6299897&redirect_url=%2F&meta=eyJraWQiOiIwMGVjNTcwZWUxZDhkM2M1MTcyYzNmZGVhNjJmZjYwODJjYzUwYjVmOTYyMWJlYWFlNTU3YWMyOGExOGU5YjEwIiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJzZXJ2aWNlX3Rva2VuX3N0YXR1cyI6ZmFsc2UsImlhdCI6MTY3NjYwMzA4Miwic2VydmljZV90b2tlbl9pZCI6IiIsImF1ZCI6IjYyNzNkZDdkMTM2ODRhY2UyNmI3OGEyMjc2NzY3ZTExNDMzNTMyYzY4YWE4ZmRjYWYxMzEwZGNiYjYyOTk4OTciLCJob3N0bmFtZSI6InB2LXRvcm9udG8uYXMxMDAzLm5ldCIsImFwcF9zZXNzaW9uX2hhc2giOiI1YWY5N2ZkZWUxN2ZmNmNmZjE0ZDJhMDRlNDU2N2JkNWZhMzQwN2RhMDkxMDcyN2NiYTIzZDBlZDZhMDkzZGZiIiwibmJmIjoxNjc2NjAzMDgyLCJpc193YXJwIjpmYWxzZSwiaXNfZ2F0ZXdheSI6ZmFsc2UsInR5cGUiOiJtZXRhIiwicmVkaXJlY3RfdXJsIjoiXC8iLCJtdGxzX2F1dGgiOnsiY2VydF9pc3N1ZXJfc2tpIjoiIiwiY2VydF9wcmVzZW50ZWQiOmZhbHNlLCJjZXJ0X3NlcmlhbCI6IiIsImNlcnRfaXNzdWVyX2RuIjoiIiwiYXV0aF9zdGF0dXMiOiJOT05FIn0sImF1dGhfc3RhdHVzIjoiTk9ORSJ9.vyNheBJDjNN6udG40OK8qRbfpiSWfm7DjM5xXR9WQ0u2VUbxZgScvFABB6cJrVrN9Ic8qMvDl7m916ZNvFlNde4foXBJiVCNdIAQEX8XwiTzJriOi3pEvgmUj4Tgm0wDawAOTB_P0P_JvkdDthxMWZEcsUAVj2Vg9ngyhfO5I_6asKr1IUUtppGcxMthahmUk73EOu3x14nFNvFS_m5ARZcdsJmg0TVd9akLIoAagr21lhSOegQtGG83-Rz_C5d_4_c1uNrm-DjIAMj3wkv8wxIo4_DHYfbH-bsjUxoPDItSOzwndJUVFdbqvGKV3LsZbmGoi4xy9HoKfb3KvWRPSw
server
cloudflare
vary
Accept-Encoding
andrewnet-vector.svg
cdn.andrewnet.net/images/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.andrewnet.net/images/assets/andrewnet-vector.svg
Requested by
Host: andrewnet.cloudflareaccess.com
URL: https://andrewnet.cloudflareaccess.com/cdn-cgi/access/login/pv-toronto.as1003.net?kid=6273dd7d13684ace26b78a2276767e11433532c68aa8fdcaf1310dcbb6299897&redirect_url=%2F&meta=eyJraWQiOiIwMGVjNTcwZWUxZDhkM2M1MTcyYzNmZGVhNjJmZjYwODJjYzUwYjVmOTYyMWJlYWFlNTU3YWMyOGExOGU5YjEwIiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJzZXJ2aWNlX3Rva2VuX3N0YXR1cyI6ZmFsc2UsImlhdCI6MTY3NjYwMzA4Miwic2VydmljZV90b2tlbl9pZCI6IiIsImF1ZCI6IjYyNzNkZDdkMTM2ODRhY2UyNmI3OGEyMjc2NzY3ZTExNDMzNTMyYzY4YWE4ZmRjYWYxMzEwZGNiYjYyOTk4OTciLCJob3N0bmFtZSI6InB2LXRvcm9udG8uYXMxMDAzLm5ldCIsImFwcF9zZXNzaW9uX2hhc2giOiI1YWY5N2ZkZWUxN2ZmNmNmZjE0ZDJhMDRlNDU2N2JkNWZhMzQwN2RhMDkxMDcyN2NiYTIzZDBlZDZhMDkzZGZiIiwibmJmIjoxNjc2NjAzMDgyLCJpc193YXJwIjpmYWxzZSwiaXNfZ2F0ZXdheSI6ZmFsc2UsInR5cGUiOiJtZXRhIiwicmVkaXJlY3RfdXJsIjoiXC8iLCJtdGxzX2F1dGgiOnsiY2VydF9pc3N1ZXJfc2tpIjoiIiwiY2VydF9wcmVzZW50ZWQiOmZhbHNlLCJjZXJ0X3NlcmlhbCI6IiIsImNlcnRfaXNzdWVyX2RuIjoiIiwiYXV0aF9zdGF0dXMiOiJOT05FIn0sImF1dGhfc3RhdHVzIjoiTk9ORSJ9.vyNheBJDjNN6udG40OK8qRbfpiSWfm7DjM5xXR9WQ0u2VUbxZgScvFABB6cJrVrN9Ic8qMvDl7m916ZNvFlNde4foXBJiVCNdIAQEX8XwiTzJriOi3pEvgmUj4Tgm0wDawAOTB_P0P_JvkdDthxMWZEcsUAVj2Vg9ngyhfO5I_6asKr1IUUtppGcxMthahmUk73EOu3x14nFNvFS_m5ARZcdsJmg0TVd9akLIoAagr21lhSOegQtGG83-Rz_C5d_4_c1uNrm-DjIAMj3wkv8wxIo4_DHYfbH-bsjUxoPDItSOzwndJUVFdbqvGKV3LsZbmGoi4xy9HoKfb3KvWRPSw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://andrewnet.cloudflareaccess.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 03:04:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
MISS
Last-Modified
Tue, 04 Oct 2022 04:04:36 GMT
Server
cloudflare
ETag
"557b5a502e44ec8bd26fb8919954e47b"
Vary
Accept-Encoding
Content-Type
application/octet-stream
Cache-Control
public, max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
79ab4c142bffd15b-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4723
Expires
Mon, 20 Mar 2023 03:04:43 GMT
Primary Request login.htm
sso.andrewnet.net/login/
Redirect Chain
  • https://sso.andrewnet.net/oauth2/v1/authorize?client_id=0oa2g0504qXhcvW1x5d7&redirect_uri=https%3A%2F%2Fandrewnet.cloudflareaccess.com%2Fcdn-cgi%2Faccess%2Fcallback&response_type=code&scope=openid%...
  • https://sso.andrewnet.net/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=hf-Jz7afVYOsBixJ89yq7eBnl0hoGdz85Mi3XCFSXtk
13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.andrewnet.net/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=hf-Jz7afVYOsBixJ89yq7eBnl0hoGdz85Mi3XCFSXtk
Requested by
Host: andrewnet.cloudflareaccess.com
URL: https://andrewnet.cloudflareaccess.com/cdn-cgi/access/login/pv-toronto.as1003.net?kid=6273dd7d13684ace26b78a2276767e11433532c68aa8fdcaf1310dcbb6299897&redirect_url=%2F&meta=eyJraWQiOiIwMGVjNTcwZWUxZDhkM2M1MTcyYzNmZGVhNjJmZjYwODJjYzUwYjVmOTYyMWJlYWFlNTU3YWMyOGExOGU5YjEwIiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJzZXJ2aWNlX3Rva2VuX3N0YXR1cyI6ZmFsc2UsImlhdCI6MTY3NjYwMzA4Miwic2VydmljZV90b2tlbl9pZCI6IiIsImF1ZCI6IjYyNzNkZDdkMTM2ODRhY2UyNmI3OGEyMjc2NzY3ZTExNDMzNTMyYzY4YWE4ZmRjYWYxMzEwZGNiYjYyOTk4OTciLCJob3N0bmFtZSI6InB2LXRvcm9udG8uYXMxMDAzLm5ldCIsImFwcF9zZXNzaW9uX2hhc2giOiI1YWY5N2ZkZWUxN2ZmNmNmZjE0ZDJhMDRlNDU2N2JkNWZhMzQwN2RhMDkxMDcyN2NiYTIzZDBlZDZhMDkzZGZiIiwibmJmIjoxNjc2NjAzMDgyLCJpc193YXJwIjpmYWxzZSwiaXNfZ2F0ZXdheSI6ZmFsc2UsInR5cGUiOiJtZXRhIiwicmVkaXJlY3RfdXJsIjoiXC8iLCJtdGxzX2F1dGgiOnsiY2VydF9pc3N1ZXJfc2tpIjoiIiwiY2VydF9wcmVzZW50ZWQiOmZhbHNlLCJjZXJ0X3NlcmlhbCI6IiIsImNlcnRfaXNzdWVyX2RuIjoiIiwiYXV0aF9zdGF0dXMiOiJOT05FIn0sImF1dGhfc3RhdHVzIjoiTk9ORSJ9.vyNheBJDjNN6udG40OK8qRbfpiSWfm7DjM5xXR9WQ0u2VUbxZgScvFABB6cJrVrN9Ic8qMvDl7m916ZNvFlNde4foXBJiVCNdIAQEX8XwiTzJriOi3pEvgmUj4Tgm0wDawAOTB_P0P_JvkdDthxMWZEcsUAVj2Vg9ngyhfO5I_6asKr1IUUtppGcxMthahmUk73EOu3x14nFNvFS_m5ARZcdsJmg0TVd9akLIoAagr21lhSOegQtGG83-Rz_C5d_4_c1uNrm-DjIAMj3wkv8wxIo4_DHYfbH-bsjUxoPDItSOzwndJUVFdbqvGKV3LsZbmGoi4xy9HoKfb3KvWRPSw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d38ae03bc6ac9ba2ed154a7d29e35d789a5bba732a8b396121c66426c8a12b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://andrewnet.cloudflareaccess.com/cdn-cgi/access/login/pv-toronto.as1003.net?kid=6273dd7d13684ace26b78a2276767e11433532c68aa8fdcaf1310dcbb6299897&redirect_url=%2F&meta=eyJraWQiOiIwMGVjNTcwZWUxZDhkM2M1MTcyYzNmZGVhNjJmZjYwODJjYzUwYjVmOTYyMWJlYWFlNTU3YWMyOGExOGU5YjEwIiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJzZXJ2aWNlX3Rva2VuX3N0YXR1cyI6ZmFsc2UsImlhdCI6MTY3NjYwMzA4Miwic2VydmljZV90b2tlbl9pZCI6IiIsImF1ZCI6IjYyNzNkZDdkMTM2ODRhY2UyNmI3OGEyMjc2NzY3ZTExNDMzNTMyYzY4YWE4ZmRjYWYxMzEwZGNiYjYyOTk4OTciLCJob3N0bmFtZSI6InB2LXRvcm9udG8uYXMxMDAzLm5ldCIsImFwcF9zZXNzaW9uX2hhc2giOiI1YWY5N2ZkZWUxN2ZmNmNmZjE0ZDJhMDRlNDU2N2JkNWZhMzQwN2RhMDkxMDcyN2NiYTIzZDBlZDZhMDkzZGZiIiwibmJmIjoxNjc2NjAzMDgyLCJpc193YXJwIjpmYWxzZSwiaXNfZ2F0ZXdheSI6ZmFsc2UsInR5cGUiOiJtZXRhIiwicmVkaXJlY3RfdXJsIjoiXC8iLCJtdGxzX2F1dGgiOnsiY2VydF9pc3N1ZXJfc2tpIjoiIiwiY2VydF9wcmVzZW50ZWQiOmZhbHNlLCJjZXJ0X3NlcmlhbCI6IiIsImNlcnRfaXNzdWVyX2RuIjoiIiwiYXV0aF9zdGF0dXMiOiJOT05FIn0sImF1dGhfc3RhdHVzIjoiTk9ORSJ9.vyNheBJDjNN6udG40OK8qRbfpiSWfm7DjM5xXR9WQ0u2VUbxZgScvFABB6cJrVrN9Ic8qMvDl7m916ZNvFlNde4foXBJiVCNdIAQEX8XwiTzJriOi3pEvgmUj4Tgm0wDawAOTB_P0P_JvkdDthxMWZEcsUAVj2Vg9ngyhfO5I_6asKr1IUUtppGcxMthahmUk73EOu3x14nFNvFS_m5ARZcdsJmg0TVd9akLIoAagr21lhSOegQtGG83-Rz_C5d_4_c1uNrm-DjIAMj3wkv8wxIo4_DHYfbH-bsjUxoPDItSOzwndJUVFdbqvGKV3LsZbmGoi4xy9HoKfb3KvWRPSw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
79ab4c18de46d157-BUF
content-encoding
br
content-language
en
content-security-policy
frame-ancestors 'self'
content-security-policy-report-only
frame-ancestors 'self'
content-type
text/html;charset=utf-8
date
Fri, 17 Feb 2023 03:04:44 GMT
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires
0
p3p
CP="HONK"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-okta-request-id
Y-7uy_M65N4tScOK7kDGwwAADes
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1676603143
x-robots-tag
noindex,nofollow
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
79ab4c142d84d157-BUF
content-language
en
content-length
0
date
Fri, 17 Feb 2023 03:04:43 GMT
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires
0
location
https://sso.andrewnet.net/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=hf-Jz7afVYOsBixJ89yq7eBnl0hoGdz85Mi3XCFSXtk
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-okta-request-id
Y-7uy0duvj1c2D4gZtQdTAAADEo
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1676603143
x-robots-tag
noindex,nofollow
x-xss-protection
0
okta-sign-in.min.js
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/js/ 		2 MB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/js/okta-sign-in.min.js
Requested by
Host: sso.andrewnet.net
URL: https://sso.andrewnet.net/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=hf-Jz7afVYOsBixJ89yq7eBnl0hoGdz85Mi3XCFSXtk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-109.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
9d75be9fa71d9de02417f044d50b1264dc564d453ee20efc7faa9d819a8ffdfb
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sso.andrewnet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 07:15:45 GMT
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
848939
x-cache
Hit from cloudfront
last-modified
Thu, 03 Feb 2022 20:32:13 GMT
server
nginx
etag
W/"3201febd49d61359da808444b6a8dd0e"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
lQVQReYhJh2Xily0fBANYyM3uwNjPZjMlvklODypZx_1xGuHszThIg==
expires
Wed, 07 Feb 2024 07:15:45 GMT
okta-sign-in.min.css
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/ 		211 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
Requested by
Host: sso.andrewnet.net
URL: https://sso.andrewnet.net/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=hf-Jz7afVYOsBixJ89yq7eBnl0hoGdz85Mi3XCFSXtk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-109.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
9088ba84bd8facb1ae216959655256308143f85f3608acb93880347b60f9a620
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sso.andrewnet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
date
Wed, 15 Feb 2023 13:51:30 GMT
x-amz-cf-pop
JFK50-P6
age
133994
x-cache
Hit from cloudfront
last-modified
Thu, 03 Feb 2022 20:32:03 GMT
server
nginx
etag
W/"32082203138e95c3496af212b9076cd4"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
1Jnw3FH29bpHa-YKl22RAzeyS-Gmbi2cPJivGEKOT5Yv5DV7qmCFlQ==
expires
Thu, 15 Feb 2024 13:51:30 GMT
custom-signin.241e0fb439244dc50c5929c0513a6765.css
ok12static.oktacdn.com/assets/loginpage/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok12static.oktacdn.com/assets/loginpage/css/custom-signin.241e0fb439244dc50c5929c0513a6765.css
Requested by
Host: sso.andrewnet.net
URL: https://sso.andrewnet.net/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=hf-Jz7afVYOsBixJ89yq7eBnl0hoGdz85Mi3XCFSXtk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-109.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sso.andrewnet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
date
Sat, 11 Feb 2023 18:04:56 GMT
x-amz-cf-pop
JFK50-P6
age
464388
x-cache
Hit from cloudfront
last-modified
Tue, 22 Mar 2022 21:07:17 GMT
server
nginx
etag
W/"241e0fb439244dc50c5929c0513a6765"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
bWG0ZryGv7yYzPHkwcc4tIWLN3gLbFc3e4wszxNLK5Pk3twbJFRPtw==
expires
Sun, 11 Feb 2024 18:04:56 GMT
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: sso.andrewnet.net
URL: https://sso.andrewnet.net/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=hf-Jz7afVYOsBixJ89yq7eBnl0hoGdz85Mi3XCFSXtk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://sso.andrewnet.net/
Origin
https://sso.andrewnet.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 03:04:44 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
79ab4c1f1ff0d15b-BUF
initLoginPage.pack.e3c1ead3b55da6c854c20649a1e437c8.js
ok12static.oktacdn.com/assets/js/mvc/loginpage/ 		205 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok12static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.e3c1ead3b55da6c854c20649a1e437c8.js
Requested by
Host:
URL: OktaUtil.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-109.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
f5d6a6e7d3648b0830cf9de5ef59d2167e2536885e4174b6ff8af73f6dd80978
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sso.andrewnet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:17:23 GMT
x-amz-meta-sha1sum
8d9f54b48d8e525e03f87987c5b3b3de22f15b92
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
791241
x-cache
Hit from cloudfront
last-modified
Tue, 07 Feb 2023 22:52:47 GMT
server
nginx
etag
W/"e3c1ead3b55da6c854c20649a1e437c8"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
T1eQUqQCp_CKpqRiNDs9TEc9u2vQCM_HjhPm9Ms-QLelWmrZGF_FXw==
expires
Wed, 07 Feb 2024 23:17:23 GMT
fs06fif58f0Tk7ah65d7
ok12static.oktacdn.com/fs/bco/7/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok12static.oktacdn.com/fs/bco/7/fs06fif58f0Tk7ah65d7
Requested by
Host: sso.andrewnet.net
URL: https://sso.andrewnet.net/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=hf-Jz7afVYOsBixJ89yq7eBnl0hoGdz85Mi3XCFSXtk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-109.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
c5a267a26a9d27875fe82a32d1e876239efef5e7e83d26b64e135ac568b64197
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sso.andrewnet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 18:29:27 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
1499717
x-cache
Hit from cloudfront
content-length
64311
last-modified
Thu, 08 Sep 2022 03:59:15 GMT
server
nginx
etag
"ef9fb6a49b84dacf5740f51d81ab7320"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
MHflQJ3xvm7lxHm_yIA0tzI2BslnFYmDVZ2QVFKcZUq9ZaA7358W1w==
expires
Tue, 30 Jan 2024 18:29:27 GMT
rum
sso.andrewnet.net/cdn-cgi/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sso.andrewnet.net/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sso.andrewnet.net/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=hf-Jz7afVYOsBixJ89yq7eBnl0hoGdz85Mi3XCFSXtk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type
application/json

Response headers

date
Fri, 17 Feb 2023 03:04:44 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://sso.andrewnet.net
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
79ab4c209875d15b-BUF
fs0l5syrqnrp2MRnI5d6
ok12static.oktacdn.com/fs/bco/1/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok12static.oktacdn.com/fs/bco/1/fs0l5syrqnrp2MRnI5d6
Requested by
Host: sso.andrewnet.net
URL: https://sso.andrewnet.net/signin/refresh-auth-state/008YoyhAodvTwsRdIV4Aows4dobmW81MvjKSxZbNHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-109.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
850b98a3ad0580fc28250748d43cd1dd7add674a5f60fd950124f7e519507453
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sso.andrewnet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 18:29:28 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
1499716
x-cache
Hit from cloudfront
content-length
4312
last-modified
Thu, 15 Apr 2021 00:12:55 GMT
server
nginx
etag
"e012c28fd371c04b85c8e28d9879b3f4"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
5fmJBJ2REbZ1p4YQUr_eDKNDLARQRJqKp30nFz0YevmTkXBz1W1KnQ==
expires
Tue, 30 Jan 2024 18:29:28 GMT
invisible.js
sso.andrewnet.net/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame E0A1 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.andrewnet.net/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676592000
Requested by
Host: andrewnet.cloudflareaccess.com
URL: https://andrewnet.cloudflareaccess.com/cdn-cgi/access/login/pv-toronto.as1003.net?kid=6273dd7d13684ace26b78a2276767e11433532c68aa8fdcaf1310dcbb6299897&redirect_url=%2F&meta=eyJraWQiOiIwMGVjNTcwZWUxZDhkM2M1MTcyYzNmZGVhNjJmZjYwODJjYzUwYjVmOTYyMWJlYWFlNTU3YWMyOGExOGU5YjEwIiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJzZXJ2aWNlX3Rva2VuX3N0YXR1cyI6ZmFsc2UsImlhdCI6MTY3NjYwMzA4Miwic2VydmljZV90b2tlbl9pZCI6IiIsImF1ZCI6IjYyNzNkZDdkMTM2ODRhY2UyNmI3OGEyMjc2NzY3ZTExNDMzNTMyYzY4YWE4ZmRjYWYxMzEwZGNiYjYyOTk4OTciLCJob3N0bmFtZSI6InB2LXRvcm9udG8uYXMxMDAzLm5ldCIsImFwcF9zZXNzaW9uX2hhc2giOiI1YWY5N2ZkZWUxN2ZmNmNmZjE0ZDJhMDRlNDU2N2JkNWZhMzQwN2RhMDkxMDcyN2NiYTIzZDBlZDZhMDkzZGZiIiwibmJmIjoxNjc2NjAzMDgyLCJpc193YXJwIjpmYWxzZSwiaXNfZ2F0ZXdheSI6ZmFsc2UsInR5cGUiOiJtZXRhIiwicmVkaXJlY3RfdXJsIjoiXC8iLCJtdGxzX2F1dGgiOnsiY2VydF9pc3N1ZXJfc2tpIjoiIiwiY2VydF9wcmVzZW50ZWQiOmZhbHNlLCJjZXJ0X3NlcmlhbCI6IiIsImNlcnRfaXNzdWVyX2RuIjoiIiwiYXV0aF9zdGF0dXMiOiJOT05FIn0sImF1dGhfc3RhdHVzIjoiTk9ORSJ9.vyNheBJDjNN6udG40OK8qRbfpiSWfm7DjM5xXR9WQ0u2VUbxZgScvFABB6cJrVrN9Ic8qMvDl7m916ZNvFlNde4foXBJiVCNdIAQEX8XwiTzJriOi3pEvgmUj4Tgm0wDawAOTB_P0P_JvkdDthxMWZEcsUAVj2Vg9ngyhfO5I_6asKr1IUUtppGcxMthahmUk73EOu3x14nFNvFS_m5ARZcdsJmg0TVd9akLIoAagr21lhSOegQtGG83-Rz_C5d_4_c1uNrm-DjIAMj3wkv8wxIo4_DHYfbH-bsjUxoPDItSOzwndJUVFdbqvGKV3LsZbmGoi4xy9HoKfb3KvWRPSw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e22154c6559a9f28efcd59d11ac740c232ad86918abe56dcb2cf94f47a255c1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 03:04:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79ab4c20a877d15b-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
s.js
sso.andrewnet.net/cdn-cgi/zaraz/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.andrewnet.net/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyYW5kcmV3bmV0JTIwLSUyMFNpZ24lMjBJbiUyMiUyQyUyMnglMjIlM0EwLjM4MTA0ODczNjQ4NTAwNzI2JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzc28uYW5kcmV3bmV0Lm5ldCUyRnNpZ25pbiUyRnJlZnJlc2gtYXV0aC1zdGF0ZSUyRjAwOFlveWhBb2R2VHdzUmRJVjRBb3dzNGRvYm1XODFNdmpLU3haYk5IdyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=
Requested by
Host: sso.andrewnet.net
URL: https://sso.andrewnet.net/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=hf-Jz7afVYOsBixJ89yq7eBnl0hoGdz85Mi3XCFSXtk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
847e38245451cc1cf615007a55170834dbbb56e5a8b986e789dd4195e815e5e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sso.andrewnet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 03:04:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
access-control-max-age
600
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://sso.andrewnet.net
content-type
text/javascript
access-control-allow-credentials
true
cf-ray
79ab4c20a879d15b-BUF
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
introspect
sso.andrewnet.net/api/v1/authn/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sso.andrewnet.net/api/v1/authn/introspect
Requested by
Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/js/okta-sign-in.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bfd11839b4a422cfbd079d9afec636d6521beec171430098456c295d546021f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://sso.andrewnet.net/signin/refresh-auth-state/008YoyhAodvTwsRdIV4Aows4dobmW81MvjKSxZbNHw
X-Okta-User-Agent-Extended
okta-auth-js/5.8.0 okta-signin-widget-5.16.1
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

x-okta-request-id
Y-7uzaY60qt2di4WF9gc1gAABgI
date
Fri, 17 Feb 2023 03:04:45 GMT
content-security-policy
frame-ancestors 'self'
x-rate-limit-limit
100
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-rate-limit-remaining
99
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
content-security-policy-report-only
default-src 'self' dev-85129703.okta.com sso.andrewnet.net *.oktacdn.com; connect-src 'self' dev-85129703.okta.com dev-85129703-admin.okta.com sso.andrewnet.net *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' dev-85129703.okta.com sso.andrewnet.net *.oktacdn.com; style-src 'unsafe-inline' 'self' dev-85129703.okta.com sso.andrewnet.net *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' dev-85129703.okta.com dev-85129703-admin.okta.com sso.andrewnet.net login.okta.com; img-src 'self' dev-85129703.okta.com sso.andrewnet.net *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' dev-85129703.okta.com sso.andrewnet.net data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
p3p
CP="HONK"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
pragma
no-cache
server
cloudflare
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
vary
Accept-Encoding
content-type
application/json
x-rate-limit-reset
1676603145
cache-control
no-cache, no-store
cf-ray
79ab4c20b87cd15b-BUF
expires
0
montserrat-light-webfont.woff
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/font/montserrat-light-webfont.woff
Requested by
Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-109.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
Origin
https://sso.andrewnet.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
date
Thu, 16 Feb 2023 15:57:27 GMT
via
1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
40067
x-cache
Hit from cloudfront
content-length
22112
last-modified
Thu, 03 Feb 2022 20:32:05 GMT
server
nginx
etag
"6225f3ca44b83090833064727a09cc95"
content-type
application/font-woff
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
VeBpi9yj8K8S0SOXwaIhizDsOc-G0iy_bMPqElO1168ISHpAHxlhqg==
expires
Fri, 16 Feb 2024 15:56:58 GMT
pica.js
sso.andrewnet.net/cdn-cgi/challenge-platform/h/g/scripts/ Frame E0A1 		27 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sso.andrewnet.net/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: sso.andrewnet.net
URL: https://sso.andrewnet.net/signin/refresh-auth-state/008YoyhAodvTwsRdIV4Aows4dobmW81MvjKSxZbNHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35ef999b4e1c9a76b1a41e4cd8fcfc278eaa5f3f0f399d22e027ac6aa992fdf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 03:04:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79ab4c2108a8d15b-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
iframe.html
login.okta.com/discovery/ Frame B58D 		451 B
891 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.e3c1ead3b55da6c854c20649a1e437c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-111.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d67465594c9edbd86287217a45088a591c8a8999b1961918bf29027a7a6cb4e8

Request headers

Referer
https://sso.andrewnet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
78690
Connection
keep-alive
Content-Length
451
Content-Type
text/html
Date
Thu, 16 Feb 2023 05:13:16 GMT
ETag
"5aec8e4a09ca9e4429869adb7327d7a6"
Last-Modified
Wed, 11 Jan 2023 16:48:04 GMT
Server
AmazonS3
Via
1.1 d5da196526ff04114ed874cd3c0f9622.cloudfront.net (CloudFront)
X-Amz-Cf-Id
XjFYfWNDVgpeiHX4sH15lwapUen9BaUIRa4ZVvi8o0TtQZoQ1deXLw==
X-Amz-Cf-Pop
EWR52-C4
X-Cache
Hit from cloudfront
checkbox-sign-in-widget.png
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-109.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
date
Wed, 15 Feb 2023 23:44:09 GMT
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
98436
x-cache
Hit from cloudfront
content-length
3141
last-modified
Thu, 03 Feb 2022 20:32:05 GMT
server
nginx
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
content-type
image/png
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
uzBmd4VZdCJNJbw3JPlOT6Iil-8nLl3Al8_gEPZjuIWeYIcsqskljw==
expires
Thu, 15 Feb 2024 23:44:09 GMT
montserrat-regular-webfont.woff
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/font/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/font/montserrat-regular-webfont.woff
Requested by
Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-109.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
Origin
https://sso.andrewnet.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
date
Wed, 15 Feb 2023 14:27:40 GMT
via
1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
131825
x-cache
Hit from cloudfront
content-length
21980
last-modified
Thu, 03 Feb 2022 20:32:05 GMT
server
nginx
etag
"8f2822b73b5f9c106c6f2e0db820bcbb"
content-type
application/font-woff
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
ooVCn3MFsJfoWHmJtQieDSi3NaZDHRTbwLAZQIXK8hYicCRJkS4yAQ==
expires
Thu, 15 Feb 2024 14:27:40 GMT
79ab4c18de46d157
sso.andrewnet.net/cdn-cgi/challenge-platform/h/g/cv/result/ Frame E0A1 		2 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sso.andrewnet.net/cdn-cgi/challenge-platform/h/g/cv/result/79ab4c18de46d157
Requested by
Host: sso.andrewnet.net
URL: https://sso.andrewnet.net/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676592000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Feb 2023 03:04:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
cf-ray
79ab4c252a43d15b-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
discoveryIframe-0981fb4600c1fc3b059a.min.js
login.okta.com/lib/ Frame B58D 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/lib/discoveryIframe-0981fb4600c1fc3b059a.min.js
Requested by
Host: login.okta.com
URL: https://login.okta.com/discovery/iframe.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-111.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28454da829c407f29184f4e00cce2ac8b1895ab99a27c1f05de1e5698f2e8836

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.okta.com/discovery/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Thu, 16 Feb 2023 08:55:17 GMT
Via
1.1 d5da196526ff04114ed874cd3c0f9622.cloudfront.net (CloudFront)
Last-Modified
Wed, 11 Jan 2023 16:48:05 GMT
Server
AmazonS3
X-Amz-Cf-Pop
EWR52-C4
Age
65368
ETag
"5fd54037e63e9d87082dd6c45007c55a"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Content-Length
98175
X-Amz-Cf-Id
S9zMAHvDT_4dFuZ91xeDpbL6s2EwgKqSVCjgIhk-GfV_zKKThAxM0w==
t
sso.andrewnet.net/cdn-cgi/zaraz/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sso.andrewnet.net/cdn-cgi/zaraz/t
Requested by
Host: sso.andrewnet.net
URL: https://sso.andrewnet.net/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyYW5kcmV3bmV0JTIwLSUyMFNpZ24lMjBJbiUyMiUyQyUyMnglMjIlM0EwLjM4MTA0ODczNjQ4NTAwNzI2JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzc28uYW5kcmV3bmV0Lm5ldCUyRnNpZ25pbiUyRnJlZnJlc2gtYXV0aC1zdGF0ZSUyRjAwOFlveWhBb2R2VHdzUmRJVjRBb3dzNGRvYm1XODFNdmpLU3haYk5IdyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://sso.andrewnet.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Feb 2023 03:04:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
access-control-max-age
600
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://sso.andrewnet.net
access-control-allow-credentials
true
cf-ray
79ab4c255a59d15b-BUF
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
t
sso.andrewnet.net/cdn-cgi/zaraz/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sso.andrewnet.net/cdn-cgi/zaraz/t
Requested by
Host: sso.andrewnet.net
URL: https://sso.andrewnet.net/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyYW5kcmV3bmV0JTIwLSUyMFNpZ24lMjBJbiUyMiUyQyUyMnglMjIlM0EwLjM4MTA0ODczNjQ4NTAwNzI2JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzc28uYW5kcmV3bmV0Lm5ldCUyRnNpZ25pbiUyRnJlZnJlc2gtYXV0aC1zdGF0ZSUyRjAwOFlveWhBb2R2VHdzUmRJVjRBb3dzNGRvYm1XODFNdmpLU3haYk5IdyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://sso.andrewnet.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Feb 2023 03:04:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
access-control-max-age
600
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://sso.andrewnet.net
access-control-allow-credentials
true
cf-ray
79ab4c256a5dd15b-BUF
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rum
sso.andrewnet.net/cdn-cgi/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sso.andrewnet.net/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sso.andrewnet.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type
application/json

Response headers

date
Fri, 17 Feb 2023 03:04:45 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://sso.andrewnet.net
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
79ab4c264ab4d15b-BUF

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange object| regeneratorRuntime function| setImmediate function| clearImmediate object| Backbone function| jQueryCourage object| u2f function| OktaSignIn object| zarazData object| zaraz function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil object| config object| oktaSignIn object| __cfBeacon function| defer function| deferscript object| dataLayer object| OktaLogin object| jQBrowser

8 Cookies

Domain/Path Name / Value
pv-toronto.as1003.net/ Name: CF_AppSession
Value: n94ddae0453acfe9c
andrewnet.cloudflareaccess.com/ Name: CF_Session
Value: nJIHJQguGOnBDPDvi
sso.andrewnet.net/ Name: t
Value: blue-dark
sso.andrewnet.net/ Name: DT
Value: DI1zD3KrgNoROWaX-jlowpu_Q
.andrewnet.net/ Name: _ga
Value: 9485c024-5cd7-4fa5-ae90-a78b984e8b6e
sso.andrewnet.net/ Name: JSESSIONID
Value: 52CFBE994A2FD69CCC46D2BC15C6EF09
sso.andrewnet.net/ Name: oktaStateToken
Value: 008YoyhAodvTwsRdIV4Aows4dobmW81MvjKSxZbNHw
.andrewnet.net/ Name: __cf_bm
Value: 4GOamoS3qVL6Bg8uLAYJS412djXSASfFhz2idlKAvhQ-1676603085-0-AY20kdYnaaDhmKN3CAhoyZZm1ZhX+UJ+wKtVC9H7lLqvt5kNTiMyPctgO4Nj+K5ikg1VjfzfDuol+/Ut7h0C/Lb56gmzUCu5qsLBMUHg5YxL+Z7xfTB0Fa+Sl7rs0eqIBrqXcU5t6iSkumh6pn6sgf+/hEEvtn5Kuxdp7UPVgOq3daMrPtbwt2WsSFBl7FpRww==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'; connect-src 'self' http://127.0.0.1:*; default-src https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andrewnet.cloudflareaccess.com
cdn.andrewnet.net
login.okta.com
ok12static.oktacdn.com
pv-toronto.as1003.net
sso.andrewnet.net
static.cloudflareinsights.com
18.164.116.109
2606:4700:300a::6813:c21d
2606:4700::6810:3965
2606:4700::6812:1e21
2606:4700::6812:1f21
2606:4700::6812:bd9
99.84.37.111
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28454da829c407f29184f4e00cce2ac8b1895ab99a27c1f05de1e5698f2e8836
2bfd11839b4a422cfbd079d9afec636d6521beec171430098456c295d546021f
35ef999b4e1c9a76b1a41e4cd8fcfc278eaa5f3f0f399d22e027ac6aa992fdf1
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
70d38ae03bc6ac9ba2ed154a7d29e35d789a5bba732a8b396121c66426c8a12b
847e38245451cc1cf615007a55170834dbbb56e5a8b986e789dd4195e815e5e6
850b98a3ad0580fc28250748d43cd1dd7add674a5f60fd950124f7e519507453
9088ba84bd8facb1ae216959655256308143f85f3608acb93880347b60f9a620
9d75be9fa71d9de02417f044d50b1264dc564d453ee20efc7faa9d819a8ffdfb
c5a267a26a9d27875fe82a32d1e876239efef5e7e83d26b64e135ac568b64197
d67465594c9edbd86287217a45088a591c8a8999b1961918bf29027a7a6cb4e8
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
e22154c6559a9f28efcd59d11ac740c232ad86918abe56dcb2cf94f47a255c1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5d6a6e7d3648b0830cf9de5ef59d2167e2536885e4174b6ff8af73f6dd80978
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace