urlscan.io logo urlscan.io
SecurityTrails logo

nike.okta.com Open in urlscan Pro
15.197.253.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dpom-prod11.partner.nike-cloud.com/
Effective URL: https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/authorize?client_id=NIKE.GSM.DPOM-UI&code_challenge=X3bzLbYXBchbd...
Submission: On March 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 15 HTTP transactions. The main IP is 15.197.253.65, located in United States and belongs to AMAZON-02, US. The main domain is nike.okta.com. The Cisco Umbrella rank of the primary domain is 295683.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 22nd 2023. Valid for: a year.
This is the only time nike.okta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2620:1ec:46::40 8075 (MICROSOFT...)
1 104.126.112.137 16625 (AKAMAI-AS)
5 15.197.253.65 16509 (AMAZON-02)
1 20.9.155.150 8075 (MICROSOFT...)
2 18.164.124.91 16509 (AMAZON-02)
15 6
5    2620:1ec:46::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dpom-prod11.partner.nike-cloud.com
1    104.126.112.137 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-137.deploy.static.akamaitechnologies.com
www.nike.com
5    15.197.253.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: a904c371d9946c759.awsglobalaccelerator.com
nike.okta.com
1    20.9.155.150 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
westus2-0.in.applicationinsights.azure.com
2    18.164.124.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-91.jfk50.r.cloudfront.net
ok4static.oktacdn.com
Apex Domain
Subdomains		 Transfer
5 okta.com
nike.okta.com — Cisco Umbrella Rank: 295683
12 KB
5 nike-cloud.com
dpom-prod11.partner.nike-cloud.com
3 MB
2 oktacdn.com
ok4static.oktacdn.com — Cisco Umbrella Rank: 20480
664 KB
1 azure.com
westus2-0.in.applicationinsights.azure.com — Cisco Umbrella Rank: 37176
1 nike.com
www.nike.com — Cisco Umbrella Rank: 15198
7 KB
15 5
Domain Requested by
5 nike.okta.com dpom-prod11.partner.nike-cloud.com
nike.okta.com
5 dpom-prod11.partner.nike-cloud.com dpom-prod11.partner.nike-cloud.com
2 ok4static.oktacdn.com nike.okta.com
1 westus2-0.in.applicationinsights.azure.com dpom-prod11.partner.nike-cloud.com
1 www.nike.com dpom-prod11.partner.nike-cloud.com
15 5

This site contains no links.

Subject Issuer Validity Valid
dpom-prod11.partner.nike-cloud.com
Entrust Certification Authority - L1K		 2024-03-12 -
2025-03-12		 a year crt.sh
www.nike.com
DigiCert SHA2 Extended Validation Server CA		 2024-01-06 -
2025-01-08		 a year crt.sh
*.okta.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-22 -
2024-04-12		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-02-01 -
2025-01-26		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-15 -
2025-01-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/authorize?client_id=NIKE.GSM.DPOM-UI&code_challenge=X3bzLbYXBchbd3aEpPwp7L23sk1JLwDQsAcG4WUWo_g&code_challenge_method=S256&nonce=GjVBRUa1ffAKlczkldTI7wPXeVlGotjnt6YNCtERu6J5YPFsQGWwbDoCczVUIBVH&redirect_uri=https%3A%2F%2Fdpom-prod11.partner.nike-cloud.com%2F&response_type=code&state=90sHi8Pgits2KxeKWvaUJH5zCcaEa0nhUWhqIKQG75UdLc8ifGb1Y99N0CzkZetA&scope=openid%20email%20profile%20legacy_username%20iam.okta.factoryaffiliations.read%20iam.okta.factorygroups.read
Frame ID: CAA3A127B2241303D004CED7455E8D78
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nike, Inc - Bad Request

Page URL History Show full URLs

  1. https://dpom-prod11.partner.nike-cloud.com/ Page URL
  2. https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/authorize?client_id=NIKE.GSM.DPOM-UI&code_cha... Page URL

Page Statistics

15
Requests

93 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

3621 kB
Transfer

3683 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dpom-prod11.partner.nike-cloud.com/ Page URL
  2. https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/authorize?client_id=NIKE.GSM.DPOM-UI&code_challenge=X3bzLbYXBchbd3aEpPwp7L23sk1JLwDQsAcG4WUWo_g&code_challenge_method=S256&nonce=GjVBRUa1ffAKlczkldTI7wPXeVlGotjnt6YNCtERu6J5YPFsQGWwbDoCczVUIBVH&redirect_uri=https%3A%2F%2Fdpom-prod11.partner.nike-cloud.com%2F&response_type=code&state=90sHi8Pgits2KxeKWvaUJH5zCcaEa0nhUWhqIKQG75UdLc8ifGb1Y99N0CzkZetA&scope=openid%20email%20profile%20legacy_username%20iam.okta.factoryaffiliations.read%20iam.okta.factorygroups.read Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
dpom-prod11.partner.nike-cloud.com/ 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dpom-prod11.partner.nike-cloud.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9ed9372e5995267b909b0685d47862b59ddb45601f6b725edff48cd780f1c70a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
text/html
date
Wed, 13 Mar 2024 00:22:11 GMT
request-context
appId=cid-v1:
x-azure-ref
20240313T002211Z-35fv2gca950mz8pprv5eeqbnmn00000002tg000000004s68
x-cache
CONFIG_NOCACHE
4345.js
dpom-prod11.partner.nike-cloud.com/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpom-prod11.partner.nike-cloud.com/4345.js
Requested by
Host: dpom-prod11.partner.nike-cloud.com
URL: https://dpom-prod11.partner.nike-cloud.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
230d41274bd21632c2822fda1a1f99faef74e1e410076a636e3f542a0e0e7bcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dpom-prod11.partner.nike-cloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

request-context
appId=cid-v1:
date
Wed, 13 Mar 2024 00:22:12 GMT
x-azure-ref
20240313T002211Z-35fv2gca950mz8pprv5eeqbnmn00000002tg000000004s75
x-cache
CONFIG_NOCACHE
content-type
application/javascript
main.js
dpom-prod11.partner.nike-cloud.com/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpom-prod11.partner.nike-cloud.com/main.js
Requested by
Host: dpom-prod11.partner.nike-cloud.com
URL: https://dpom-prod11.partner.nike-cloud.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4d395003099e8c5bc9be5cdb2da196d246fe1515f93d4413da9bdbe5c7f5320b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dpom-prod11.partner.nike-cloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

request-context
appId=cid-v1:
date
Wed, 13 Mar 2024 00:22:12 GMT
x-azure-ref
20240313T002211Z-35fv2gca950mz8pprv5eeqbnmn00000002tg000000004s76
x-cache
CONFIG_NOCACHE
content-type
application/javascript
main.ac7d8af4.css
dpom-prod11.partner.nike-cloud.com/static/css/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dpom-prod11.partner.nike-cloud.com/static/css/main.ac7d8af4.css
Requested by
Host: dpom-prod11.partner.nike-cloud.com
URL: https://dpom-prod11.partner.nike-cloud.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
979b0c84434991a167af8da4e2afd7f72c07f53dd5a8cbfa2edf9510afd2bba5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dpom-prod11.partner.nike-cloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

request-context
appId=cid-v1:
date
Wed, 13 Mar 2024 00:22:11 GMT
x-azure-ref
20240313T002211Z-35fv2gca950mz8pprv5eeqbnmn00000002tg000000004s74
x-cache
CONFIG_NOCACHE
content-type
text/css
ncss.en-us.min.css
www.nike.com/assets/ncss/3.0/dotcom/desktop/css/ 		80 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nike.com/assets/ncss/3.0/dotcom/desktop/css/ncss.en-us.min.css
Requested by
Host: dpom-prod11.partner.nike-cloud.com
URL: https://dpom-prod11.partner.nike-cloud.com/static/css/main.ac7d8af4.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.137 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-137.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
c8c7dee7eb603ecb3d476d7d110870b0be34cf9f8ebb8b838da0e75616da700c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dpom-prod11.partner.nike-cloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
384
date
Wed, 13 Mar 2024 00:22:12 GMT
content-encoding
br
akamai-grn
0.645dd217.1708946703.17dcd89a, 0.27747e68.1710289332.10e6cd87
x-edgeconnect-midmile-rtt
8
x-amz-request-id
CCN1JWM6M7N53BWR
server-timing
cdn-cache; desc=HIT, edge; dur=10, origin; dur=0, ak_p; desc="1710289332718_1753117735_283561351_979_5355_65_90_255";dur=1
content-length
6340
x-amz-id-2
lCopjhuOaGNYANvO72Di6tSaMtlSJ9Sy4g56HS3q9ceqUwzfLt/M4Omhj76Lis+wCOtA1T+YKhA=
last-modified
Fri, 04 Oct 2019 17:55:56 GMT
server
Akamai Resource Optimizer
etag
"3be3299bfe2975003eea22c28fd295e5"
content-type
text/css
cache-control
public, max-age=27120
accept-ranges
bytes
timing-allow-origin
https://c.go-mpulse.net,https://www.nike.com,https://bam-cell.nr-data.net,https://bam.nr-data.net
expires
Wed, 13 Mar 2024 07:54:12 GMT
openid-configuration
nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/.well-known/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/.well-known/openid-configuration
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.253.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a904c371d9946c759.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://dpom-prod11.partner.nike-cloud.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://dpom-prod11.partner.nike-cloud.com
access-control-max-age
3600
content-length
0
content-type
application/octet-stream
date
Wed, 13 Mar 2024 00:22:15 GMT
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
vary
Origin
x-okta-request-id
edced80233e4d827d6b65bebcde98657
openid-configuration
nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/.well-known/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/.well-known/openid-configuration
Requested by
Host: dpom-prod11.partner.nike-cloud.com
URL: https://dpom-prod11.partner.nike-cloud.com/4345.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.253.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a904c371d9946c759.awsglobalaccelerator.com
Software
nginx /
Resource Hash
d43b0910eef11d0b4a06f6e8afa21f1ff379a5f5f14b4aa35b5b81c82644d62f
Security Headers
Name Value
Content-Security-Policy default-src 'self' nike.okta.com *.oktacdn.com; connect-src 'self' nike.okta.com nike-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com nike.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike.okta.com *.oktacdn.com; frame-src 'self' nike.okta.com nike-admin.okta.com login.okta.com ok4-devicetrust.okta.com; img-src 'self' nike.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike.okta.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://dpom-prod11.partner.nike-cloud.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

x-okta-request-id
42cd81496c0472c7a49cf900c01a29eb
date
Wed, 13 Mar 2024 00:22:15 GMT
content-security-policy
default-src 'self' nike.okta.com *.oktacdn.com; connect-src 'self' nike.okta.com nike-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com nike.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike.okta.com *.oktacdn.com; frame-src 'self' nike.okta.com nike-admin.okta.com login.okta.com ok4-devicetrust.okta.com; img-src 'self' nike.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike.okta.com data: *.oktacdn.com fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=315360000; includeSubDomains
content-security-policy-report-only
default-src 'self' nike.okta.com *.oktacdn.com; connect-src 'self' nike.okta.com nike-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com nike.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike.okta.com *.oktacdn.com; frame-src 'self' nike.okta.com nike-admin.okta.com login.okta.com ok4-devicetrust.okta.com; img-src 'self' nike.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
p3p
CP="HONK"
x-xss-protection
0
server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin, Origin
content-type
application/json
access-control-allow-origin
https://dpom-prod11.partner.nike-cloud.com
cache-control
max-age=86400, must-revalidate
access-control-allow-credentials
true
expires
Thu, 14 Mar 2024 00:21:20 GMT
18f956775257cba64415.ttf
dpom-prod11.partner.nike-cloud.com/ 		556 KB
557 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dpom-prod11.partner.nike-cloud.com/18f956775257cba64415.ttf
Requested by
Host: dpom-prod11.partner.nike-cloud.com
URL: https://dpom-prod11.partner.nike-cloud.com/static/css/main.ac7d8af4.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://dpom-prod11.partner.nike-cloud.com/static/css/main.ac7d8af4.css
Origin
https://dpom-prod11.partner.nike-cloud.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

request-context
appId=cid-v1:
date
Wed, 13 Mar 2024 00:22:14 GMT
x-azure-ref
20240313T002214Z-35fv2gca950mz8pprv5eeqbnmn00000002tg000000004sf6
x-cache
CONFIG_NOCACHE
content-type
application/font-sfnt
truncated
/ 		488 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd495c7a49b75aff8941d423e62e4377563b5efcc8ad05485da14c095ec64b4e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
westus2-0.in.applicationinsights.azure.com//v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://westus2-0.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.9.155.150 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dpom-prod11.partner.nike-cloud.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Wed, 13 Mar 2024 00:22:15 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
Primary Request authorize
nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/ 		3 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/authorize?client_id=NIKE.GSM.DPOM-UI&code_challenge=X3bzLbYXBchbd3aEpPwp7L23sk1JLwDQsAcG4WUWo_g&code_challenge_method=S256&nonce=GjVBRUa1ffAKlczkldTI7wPXeVlGotjnt6YNCtERu6J5YPFsQGWwbDoCczVUIBVH&redirect_uri=https%3A%2F%2Fdpom-prod11.partner.nike-cloud.com%2F&response_type=code&state=90sHi8Pgits2KxeKWvaUJH5zCcaEa0nhUWhqIKQG75UdLc8ifGb1Y99N0CzkZetA&scope=openid%20email%20profile%20legacy_username%20iam.okta.factoryaffiliations.read%20iam.okta.factorygroups.read
Requested by
Host: dpom-prod11.partner.nike-cloud.com
URL: https://dpom-prod11.partner.nike-cloud.com/4345.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.253.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a904c371d9946c759.awsglobalaccelerator.com
Software
nginx /
Resource Hash
5e98c4a934a4f894316ff24421775e23a3c7de64113f3f9a55995ae01c137d16
Security Headers
Name Value
Content-Security-Policy default-src 'self' nike.okta.com *.oktacdn.com; connect-src 'self' nike.okta.com nike-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com nike.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike.okta.com *.oktacdn.com; frame-src 'self' nike.okta.com nike-admin.okta.com login.okta.com ok4-devicetrust.okta.com; img-src 'self' nike.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike.okta.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dpom-prod11.partner.nike-cloud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store
content-language
en
content-length
3357
content-security-policy
default-src 'self' nike.okta.com *.oktacdn.com; connect-src 'self' nike.okta.com nike-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com nike.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike.okta.com *.oktacdn.com; frame-src 'self' nike.okta.com nike-admin.okta.com login.okta.com ok4-devicetrust.okta.com; img-src 'self' nike.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike.okta.com data: *.oktacdn.com fonts.gstatic.com
content-type
text/html;charset=utf-8
date
Wed, 13 Mar 2024 00:22:15 GMT
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
x-content-type-options
nosniff
x-okta-request-id
c02bbd86ef63a61352b16c26fe3f994b
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1710289395
x-xss-protection
0
track
westus2-0.in.applicationinsights.azure.com//v2/ 		0
0
errors-v2.css
nike.okta.com/assets/css/sections/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nike.okta.com/assets/css/sections/errors-v2.css
Requested by
Host: nike.okta.com
URL: https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/authorize?client_id=NIKE.GSM.DPOM-UI&code_challenge=X3bzLbYXBchbd3aEpPwp7L23sk1JLwDQsAcG4WUWo_g&code_challenge_method=S256&nonce=GjVBRUa1ffAKlczkldTI7wPXeVlGotjnt6YNCtERu6J5YPFsQGWwbDoCczVUIBVH&redirect_uri=https%3A%2F%2Fdpom-prod11.partner.nike-cloud.com%2F&response_type=code&state=90sHi8Pgits2KxeKWvaUJH5zCcaEa0nhUWhqIKQG75UdLc8ifGb1Y99N0CzkZetA&scope=openid%20email%20profile%20legacy_username%20iam.okta.factoryaffiliations.read%20iam.okta.factorygroups.read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.253.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a904c371d9946c759.awsglobalaccelerator.com
Software
nginx /
Resource Hash
07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 00:22:15 GMT
x-amz-meta-sha1sum
a0af4ecf251187b0203ff095d16f850cc57a38c1
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
last-modified
Thu, 03 Nov 2022 21:47:10 GMT
server
nginx
etag
W/"80127ba5c47706686501006723ba83da"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
expires
Thu, 13 Mar 2025 00:22:15 GMT
style-sheet
nike.okta.com/api/internal/brand/theme/ 		341 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nike.okta.com/api/internal/brand/theme/style-sheet?touch-point=ERROR_PAGE&v=43dff4eb61a65f4f97dfc180776e02d13b3acb259b69662414091c035c781ffaecf3a59d10c67150a2909055ec9b7b40
Requested by
Host: nike.okta.com
URL: https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/authorize?client_id=NIKE.GSM.DPOM-UI&code_challenge=X3bzLbYXBchbd3aEpPwp7L23sk1JLwDQsAcG4WUWo_g&code_challenge_method=S256&nonce=GjVBRUa1ffAKlczkldTI7wPXeVlGotjnt6YNCtERu6J5YPFsQGWwbDoCczVUIBVH&redirect_uri=https%3A%2F%2Fdpom-prod11.partner.nike-cloud.com%2F&response_type=code&state=90sHi8Pgits2KxeKWvaUJH5zCcaEa0nhUWhqIKQG75UdLc8ifGb1Y99N0CzkZetA&scope=openid%20email%20profile%20legacy_username%20iam.okta.factoryaffiliations.read%20iam.okta.factorygroups.read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.253.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a904c371d9946c759.awsglobalaccelerator.com
Software
nginx /
Resource Hash
f7ccbf90b79df0fb9645a4d4b5165d6183fec5057f3f0ffb583644b0a5274520
Security Headers
Name Value
Content-Security-Policy default-src 'self' nike.okta.com *.oktacdn.com; connect-src 'self' nike.okta.com nike-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com nike.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike.okta.com *.oktacdn.com; frame-src 'self' nike.okta.com nike-admin.okta.com login.okta.com ok4-devicetrust.okta.com; img-src 'self' nike.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike.okta.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-okta-request-id
ad683a3f53c8d9253b2729f9f98968d5
date
Wed, 13 Mar 2024 00:22:15 GMT
content-security-policy
default-src 'self' nike.okta.com *.oktacdn.com; connect-src 'self' nike.okta.com nike-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com nike.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike.okta.com *.oktacdn.com; frame-src 'self' nike.okta.com nike-admin.okta.com login.okta.com ok4-devicetrust.okta.com; img-src 'self' nike.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike.okta.com data: *.oktacdn.com fonts.gstatic.com
x-rate-limit-limit
24000
x-content-type-options
nosniff
content-encoding
gzip
x-rate-limit-remaining
23960
strict-transport-security
max-age=315360000; includeSubDomains
content-security-policy-report-only
default-src 'self' nike.okta.com *.oktacdn.com; connect-src 'self' nike.okta.com nike-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com nike.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nike.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nike.okta.com *.oktacdn.com; frame-src 'self' nike.okta.com nike-admin.okta.com login.okta.com ok4-devicetrust.okta.com; img-src 'self' nike.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nike.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
p3p
CP="HONK"
x-xss-protection
0
server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/css
x-rate-limit-reset
1710289365
cache-control
max-age=31536000, must-revalidate
expires
Thu, 13 Mar 2025 00:22:15 GMT
fs0piw5qn8xZkWS4q1t6
ok4static.oktacdn.com/fs/bco/1/ 		500 B
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok4static.oktacdn.com/fs/bco/1/fs0piw5qn8xZkWS4q1t6
Requested by
Host: nike.okta.com
URL: https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/authorize?client_id=NIKE.GSM.DPOM-UI&code_challenge=X3bzLbYXBchbd3aEpPwp7L23sk1JLwDQsAcG4WUWo_g&code_challenge_method=S256&nonce=GjVBRUa1ffAKlczkldTI7wPXeVlGotjnt6YNCtERu6J5YPFsQGWwbDoCczVUIBVH&redirect_uri=https%3A%2F%2Fdpom-prod11.partner.nike-cloud.com%2F&response_type=code&state=90sHi8Pgits2KxeKWvaUJH5zCcaEa0nhUWhqIKQG75UdLc8ifGb1Y99N0CzkZetA&scope=openid%20email%20profile%20legacy_username%20iam.okta.factoryaffiliations.read%20iam.okta.factorygroups.read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-91.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
fcfadab6eba8bf7c5420608740e9410f32bd976ff064954ecfe9b62c76e0c5e2
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 07:25:13 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
age
1097822
x-cache
Hit from cloudfront
content-length
500
last-modified
Thu, 08 Aug 2019 15:26:48 GMT
server
nginx
etag
"d17cc02a893a80ade12487e5c3cd620b"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
0-F2OLi1uthXwcxZynLsLfhI6ksHO55PiddIWuVzXxeaEjUS4PCx6Q==
expires
Fri, 28 Feb 2025 07:25:13 GMT
fs0rsz9z6BF6JTMYQ1t6
ok4static.oktacdn.com/fs/bco/7/ 		662 KB
663 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok4static.oktacdn.com/fs/bco/7/fs0rsz9z6BF6JTMYQ1t6
Requested by
Host: nike.okta.com
URL: https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/authorize?client_id=NIKE.GSM.DPOM-UI&code_challenge=X3bzLbYXBchbd3aEpPwp7L23sk1JLwDQsAcG4WUWo_g&code_challenge_method=S256&nonce=GjVBRUa1ffAKlczkldTI7wPXeVlGotjnt6YNCtERu6J5YPFsQGWwbDoCczVUIBVH&redirect_uri=https%3A%2F%2Fdpom-prod11.partner.nike-cloud.com%2F&response_type=code&state=90sHi8Pgits2KxeKWvaUJH5zCcaEa0nhUWhqIKQG75UdLc8ifGb1Y99N0CzkZetA&scope=openid%20email%20profile%20legacy_username%20iam.okta.factoryaffiliations.read%20iam.okta.factorygroups.read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-91.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
794c5813f7aecce8f8a81b6eb9ad51c70ad348930a2b4a3a9a2bc78787313873
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nike.okta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 04:13:34 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
age
1109321
x-cache
Hit from cloudfront
content-length
678110
last-modified
Thu, 08 Aug 2019 15:36:02 GMT
server
nginx
etag
"82851be5c35b0d3afa1ac79c97732c37"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
5M9LXX8ZONSFvB2v_6uT25p-oyb4TGGOMbMFF611h5fJVHunqIm4oQ==
expires
Fri, 28 Feb 2025 04:13:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
westus2-0.in.applicationinsights.azure.com
URL
https://westus2-0.in.applicationinsights.azure.com//v2/track

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Domain/Path Name / Value
dpom-prod11.partner.nike-cloud.com/ Name: ai_user
Value: LZjzgFKB2w99QGKHe2sopD|2024-03-13T00:22:14.774Z
dpom-prod11.partner.nike-cloud.com/ Name: ai_session
Value: qbsQN+geD9YmsYMpsV89IJ|1710289335207|1710289335207
dpom-prod11.partner.nike-cloud.com/ Name: okta-oauth-redirect-params
Value: {%22responseType%22:%22code%22%2C%22state%22:%2290sHi8Pgits2KxeKWvaUJH5zCcaEa0nhUWhqIKQG75UdLc8ifGb1Y99N0CzkZetA%22%2C%22nonce%22:%22GjVBRUa1ffAKlczkldTI7wPXeVlGotjnt6YNCtERu6J5YPFsQGWwbDoCczVUIBVH%22%2C%22scopes%22:[%22openid%22%2C%22email%22%2C%22profile%22%2C%22legacy_username%22%2C%22iam.okta.factoryaffiliations.read%22%2C%22iam.okta.factorygroups.read%22]%2C%22clientId%22:%22NIKE.GSM.DPOM-UI%22%2C%22urls%22:{%22issuer%22:%22https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7%22%2C%22authorizeUrl%22:%22https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/authorize%22%2C%22userinfoUrl%22:%22https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/userinfo%22%2C%22tokenUrl%22:%22https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/token%22%2C%22revokeUrl%22:%22https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/revoke%22%2C%22logoutUrl%22:%22https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/logout%22}%2C%22ignoreSignature%22:false}
dpom-prod11.partner.nike-cloud.com/ Name: okta-oauth-nonce
Value: GjVBRUa1ffAKlczkldTI7wPXeVlGotjnt6YNCtERu6J5YPFsQGWwbDoCczVUIBVH
dpom-prod11.partner.nike-cloud.com/ Name: okta-oauth-state
Value: 90sHi8Pgits2KxeKWvaUJH5zCcaEa0nhUWhqIKQG75UdLc8ifGb1Y99N0CzkZetA
nike.okta.com/ Name: t
Value: slate
nike.okta.com/ Name: DT
Value: DI14o9CspCDRUiSsYIOg3FZXA
nike.okta.com/ Name: JSESSIONID
Value: 81DF482C46E6D8F70F27DB6AFD9772A4

1 Console Messages

Source Level URL
Text
network error URL: https://nike.okta.com/oauth2/aus27z7p76as9Dz0H1t7/v1/authorize?client_id=NIKE.GSM.DPOM-UI&code_challenge=X3bzLbYXBchbd3aEpPwp7L23sk1JLwDQsAcG4WUWo_g&code_challenge_method=S256&nonce=GjVBRUa1ffAKlczkldTI7wPXeVlGotjnt6YNCtERu6J5YPFsQGWwbDoCczVUIBVH&redirect_uri=https%3A%2F%2Fdpom-prod11.partner.nike-cloud.com%2F&response_type=code&state=90sHi8Pgits2KxeKWvaUJH5zCcaEa0nhUWhqIKQG75UdLc8ifGb1Y99N0CzkZetA&scope=openid%20email%20profile%20legacy_username%20iam.okta.factoryaffiliations.read%20iam.okta.factorygroups.read
Message:
Failed to load resource: the server responded with a status of 400 ()