urlscan.io logo urlscan.io
SecurityTrails logo

farmersinsurance.okta.com Open in urlscan Pro
54.197.192.175  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://farmersinsurance-8002.quickbase.com/db/bnwkri8qn
Effective URL: https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7...
Submission: On September 19 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 10 HTTP transactions. The main IP is 54.197.192.175, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is farmersinsurance.okta.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on June 4th 2016. Valid for: 3 years.
This is the only time farmersinsurance.okta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 104.16.93.97 13335 (CLOUDFLAR...)
1 2 54.197.192.175 14618 (AMAZON-AES)
5 13.32.98.51 16509 (AMAZON-02)
2 54.230.95.181 16509 (AMAZON-02)
1 13.32.98.6 16509 (AMAZON-02)
10 5
3    104.16.93.97 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
farmersinsurance-8002.quickbase.com
2    54.197.192.175 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-197-192-175.compute-1.amazonaws.com
farmersinsurance.okta.com
5    13.32.98.51 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-98-51.prg50.r.cloudfront.net
ok4static.oktacdn.com
2    54.230.95.181 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-181.fra2.r.cloudfront.net
login.okta.com
1    13.32.98.6 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-98-6.prg50.r.cloudfront.net
ok4static.oktacdn.com
Apex Domain
Subdomains		 Transfer
6 oktacdn.com
ok4static.oktacdn.com
645 KB
4 okta.com
farmersinsurance.okta.com
login.okta.com
100 KB
3 quickbase.com
farmersinsurance-8002.quickbase.com
4 KB
10 3
Domain Requested by
6 ok4static.oktacdn.com farmersinsurance.okta.com
3 farmersinsurance-8002.quickbase.com 2 redirects
2 login.okta.com ok4static.oktacdn.com
login.okta.com
2 farmersinsurance.okta.com 1 redirects farmersinsurance-8002.quickbase.com
10 4

This site contains links to these domains. Also see Links.

Domain
portal.farmersinsurance.com
www.okta.com
Subject Issuer Validity Valid
ssl384695.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-05-30 -
2018-12-06		 6 months crt.sh
*.okta.com
DigiCert SHA2 High Assurance Server CA		 2016-06-04 -
2019-07-10		 3 years crt.sh
*.oktacdn.com
DigiCert SHA2 High Assurance Server CA		 2017-11-01 -
2021-01-06		 3 years crt.sh
accounts.okta.com
DigiCert SHA2 High Assurance Server CA		 2016-08-04 -
2019-08-09		 3 years crt.sh

This page contains 2 frames:

Primary Page: https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7plm3dzFGnGLJt1t7
Frame ID: 57879E969979C265479FE78B2E3731B9
Requests: 8 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: E001A52A5565C3C88FF12B9293947800
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://farmersinsurance-8002.quickbase.com/db/bnwkri8qn HTTP 302
    https://farmersinsurance-8002.quickbase.com/db/main?a=SignIn&nexturl=https%3A%2F%2Ffarmersinsurance-8002.quickbase.com%2... HTTP 302
    https://farmersinsurance-8002.quickbase.com/saml/SSOInitiate.aspx?nextURL=https%3A%2F%2Ffarmersinsurance-8002.quickbase.... Page URL
  2. https://farmersinsurance.okta.com/home/farmersinsurance_quickbaseitsm_1/0oa7pliz5i8RBptb01t7/aln7plm3dzFGnGLJt1t7 HTTP 302
    https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pli... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

1
Countries

747 kB
Transfer

2162 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://farmersinsurance-8002.quickbase.com/db/bnwkri8qn HTTP 302
    https://farmersinsurance-8002.quickbase.com/db/main?a=SignIn&nexturl=https%3A%2F%2Ffarmersinsurance-8002.quickbase.com%2Fdb%2Fbnwkri8qn&rc=psi HTTP 302
    https://farmersinsurance-8002.quickbase.com/saml/SSOInitiate.aspx?nextURL=https%3A%2F%2Ffarmersinsurance-8002.quickbase.com%2Fdb%2Fbnwkri8qn Page URL
  2. https://farmersinsurance.okta.com/home/farmersinsurance_quickbaseitsm_1/0oa7pliz5i8RBptb01t7/aln7plm3dzFGnGLJt1t7 HTTP 302
    https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7plm3dzFGnGLJt1t7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://farmersinsurance-8002.quickbase.com/db/bnwkri8qn HTTP 302
  • https://farmersinsurance-8002.quickbase.com/db/main?a=SignIn&nexturl=https%3A%2F%2Ffarmersinsurance-8002.quickbase.com%2Fdb%2Fbnwkri8qn&rc=psi HTTP 302
  • https://farmersinsurance-8002.quickbase.com/saml/SSOInitiate.aspx?nextURL=https%3A%2F%2Ffarmersinsurance-8002.quickbase.com%2Fdb%2Fbnwkri8qn

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
SSOInitiate.aspx
farmersinsurance-8002.quickbase.com/saml/
Redirect Chain
  • https://farmersinsurance-8002.quickbase.com/db/bnwkri8qn
  • https://farmersinsurance-8002.quickbase.com/db/main?a=SignIn&nexturl=https%3A%2F%2Ffarmersinsurance-8002.quickbase.com%2Fdb%2Fbnwkri8qn&rc=psi
  • https://farmersinsurance-8002.quickbase.com/saml/SSOInitiate.aspx?nextURL=https%3A%2F%2Ffarmersinsurance-8002.quickbase.com%2Fdb%2Fbnwkri8qn
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://farmersinsurance-8002.quickbase.com/saml/SSOInitiate.aspx?nextURL=https%3A%2F%2Ffarmersinsurance-8002.quickbase.com%2Fdb%2Fbnwkri8qn
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.93.97 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
farmersinsurance-8002.quickbase.com
:scheme
https
:path
/saml/SSOInitiate.aspx?nextURL=https%3A%2F%2Ffarmersinsurance-8002.quickbase.com%2Fdb%2Fbnwkri8qn
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d904dbfb6bc8fca4798f4e41b0c527cac1537368524; scache=Aug 16 2018 15:36:01_3; ptest=1537368524653; stest=1537368524653; sbIID=I3ert6w44m
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
57879E969979C265479FE78B2E3731B9

Response headers

status
200
date
Wed, 19 Sep 2018 14:48:45 GMT
content-type
text/html
content-length
2597
cache-control
private
content-encoding
gzip
vary
Accept-Encoding
set-cookie
ASP.NET_SessionId=at2yahjozmp5cbhuvu5yl33l; path=/; HttpOnly nextURLSB=158776407; domain=farmersinsurance-8002.quickbase.com; expires=Wed, 19-Sep-2018 14:53:45 GMT; path=/; secure; HttpOnly
x-powered-by
x-ua-compatible
IE=Edge,chrome=IE8
p3p
"/p3p/QBSpolicy.xml",CP="CAO DSP COR CURa ADMa DEVa PSAa CONo OUR STP BUS PHY ONL UNI FIN COM NAV INT DEM STA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
45ccdae16bab96e8-FRA

Redirect headers

status
302
date
Wed, 19 Sep 2018 14:48:45 GMT
content-length
0
cache-control
no-cache, no-store
pragma
no-cache
location
https://farmersinsurance-8002.quickbase.com/saml/SSOInitiate.aspx?nextURL=https%3A%2F%2Ffarmersinsurance-8002.quickbase.com%2Fdb%2Fbnwkri8qn
set-cookie
sbIID=I3ert6w44m; path=/; secure
tid
I3ert6w44m
x-powered-by
x-ua-compatible
IE=Edge,chrome=IE8
p3p
"/p3p/QBSpolicy.xml",CP="CAO DSP COR CURa ADMa DEVa PSAa CONo OUR STP BUS PHY ONL UNI FIN COM NAV INT DEM STA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
45ccdae06add96e8-FRA
Primary Request Cookie set login.htm
farmersinsurance.okta.com/login/
Redirect Chain
  • https://farmersinsurance.okta.com/home/farmersinsurance_quickbaseitsm_1/0oa7pliz5i8RBptb01t7/aln7plm3dzFGnGLJt1t7
  • https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7plm3dzFGnGLJt1t7
14 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7plm3dzFGnGLJt1t7
Requested by
Host: farmersinsurance-8002.quickbase.com
URL: https://farmersinsurance-8002.quickbase.com/saml/SSOInitiate.aspx?nextURL=https%3A%2F%2Ffarmersinsurance-8002.quickbase.com%2Fdb%2Fbnwkri8qn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.192.175 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-197-192-175.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b56003b33bc3655ba2596542d577b6fec32e6fa96d689df430822dbd55b4fe87
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Frame-Options SAMEORIGIN

Request headers

Host
farmersinsurance.okta.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://farmersinsurance-8002.quickbase.com/saml/SSOInitiate.aspx?nextURL=https%3A%2F%2Ffarmersinsurance-8002.quickbase.com%2Fdb%2Fbnwkri8qn
Accept-Encoding
gzip, deflate
Cookie
ADRUM_BTa="R:140|g:fb8eb747-32e9-4d28-abaf-4682840929ad|n:Okta_6d5b1e30-d05a-4894-a37b-81b5f6c60e0e"; ADRUM_BT1="R:140|i:12162|e:62"
Origin
https://farmersinsurance-8002.quickbase.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
57879E969979C265479FE78B2E3731B9
Referer
https://farmersinsurance-8002.quickbase.com/saml/SSOInitiate.aspx?nextURL=https%3A%2F%2Ffarmersinsurance-8002.quickbase.com%2Fdb%2Fbnwkri8qn

Response headers

Date
Wed, 19 Sep 2018 14:48:46 GMT
Server
nginx
Public-Key-Pins-Report-Only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"
Content-Type
text/html;charset=utf-8
Vary
Accept-Encoding
X-Okta-Request-Id
W6JhzvVpA@NI5Ow8AUmX3AAABvY
P3P
CP="HONK"
X-Rate-Limit-Limit
850
X-Rate-Limit-Remaining
827
X-Rate-Limit-Reset
1537368537
X-Okta-backend
ok4-majorapp04e.aue1p.internal
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
0
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=edge
Content-Language
en
Strict-Transport-Security
max-age=315360000
X-Robots-Tag
none
Content-Encoding
gzip
Set-Cookie
ADRUM_BTa="R:140|g:fb8eb747-32e9-4d28-abaf-4682840929ad|n:Okta_6d5b1e30-d05a-4894-a37b-81b5f6c60e0e"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ ADRUM_BT1="R:140|i:12162|e:62"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ ADRUM_BTa="R:140|g:66dede2e-f819-491d-aeb4-4ea8db47d098"; Version=1; Max-Age=30; Expires=Wed, 19-Sep-2018 14:49:16 GMT; Path=/ ADRUM_BTa="R:140|g:66dede2e-f819-491d-aeb4-4ea8db47d098|n:Okta_6d5b1e30-d05a-4894-a37b-81b5f6c60e0e"; Version=1; Max-Age=30; Expires=Wed, 19-Sep-2018 14:49:16 GMT; Path=/ ADRUM_BT1="R:140|i:12171"; Version=1; Max-Age=30; Expires=Wed, 19-Sep-2018 14:49:16 GMT; Path=/ ADRUM_BT1="R:140|i:12171|e:54"; Version=1; Max-Age=30; Expires=Wed, 19-Sep-2018 14:49:16 GMT; Path=/ sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ JSESSIONID=7E6F20995A284F6DED5C675264A07DA6; Path=/; HttpOnly t=default; Path=/ DT=DI0WUX3S7w6RyarzwsI2-HaLQ; Expires=Fri, 18-Sep-2020 14:48:46 GMT; Path=/; Secure sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ JSESSIONID=7E6F20995A284F6DED5C675264A07DA6; Path=/; Secure
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked

Redirect headers

Date
Wed, 19 Sep 2018 14:48:46 GMT
Server
nginx
Public-Key-Pins-Report-Only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"
Content-Length
0
X-Okta-Request-Id
W6JhzvVpA@NI5Ow8AUmX2AAABuk
P3P
CP="HONK"
X-Okta-backend
ok4-majorapp05e.aue1p.internal
Location
https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7plm3dzFGnGLJt1t7
Content-Language
en
Strict-Transport-Security
max-age=315360000
X-Robots-Tag
none
Set-Cookie
ADRUM_BTa="R:140|g:fb8eb747-32e9-4d28-abaf-4682840929ad"; Version=1; Max-Age=30; Expires=Wed, 19-Sep-2018 14:49:16 GMT; Path=/ ADRUM_BTa="R:140|g:fb8eb747-32e9-4d28-abaf-4682840929ad|n:Okta_6d5b1e30-d05a-4894-a37b-81b5f6c60e0e"; Version=1; Max-Age=30; Expires=Wed, 19-Sep-2018 14:49:16 GMT; Path=/ ADRUM_BT1="R:140|i:12162"; Version=1; Max-Age=30; Expires=Wed, 19-Sep-2018 14:49:16 GMT; Path=/ ADRUM_BT1="R:140|i:12162|e:62"; Version=1; Max-Age=30; Expires=Wed, 19-Sep-2018 14:49:16 GMT; Path=/ sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
okta-login-page.min.88c003cadf2616a8827c8a1531c3fea9.css
ok4static.oktacdn.com/assets/loginpage/css/ 		221 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok4static.oktacdn.com/assets/loginpage/css/okta-login-page.min.88c003cadf2616a8827c8a1531c3fea9.css
Requested by
Host: farmersinsurance.okta.com
URL: https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7plm3dzFGnGLJt1t7
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.98.51 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-98-51.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
3caa27dff177b3e53884db3b169feee48e10afe2108263cc8931b5b73db2691f
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7plm3dzFGnGLJt1t7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 00:13:27 GMT
content-encoding
gzip
vary
Accept-Encoding
age
657318
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 06 Sep 2018 03:50:48 GMT
server
nginx
etag
W/"5b90a418-372d3"
strict-transport-security
max-age=315360000
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"
via
1.1 10c9c057f4a519e21057a8790de37262.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
content-type
text/css
x-amz-cf-id
7jCCeFxt7E6KokQSD6nQm6RApmDly8lPg2UtHrfU7eo8_aFFLAi7aA==
expires
Thu, 12 Sep 2019 00:13:27 GMT
fileStoreRecord
ok4static.oktacdn.com/bc/image/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok4static.oktacdn.com/bc/image/fileStoreRecord?id=fs07pof1nucokRElz1t7
Requested by
Host: farmersinsurance.okta.com
URL: https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7plm3dzFGnGLJt1t7
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.98.51 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-98-51.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
20b85f6dea4f78d88069b83c87d3921afb22f2b7e5f1621dcbf5cabadb81bdca
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7plm3dzFGnGLJt1t7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-okta-request-id
W6FjUW@crNNilPmKC0OYRgAABr8
date
Tue, 18 Sep 2018 20:42:57 GMT
via
1.1 10c9c057f4a519e21057a8790de37262.cloudfront.net (CloudFront)
x-rate-limit-limit
10000
content-type
image/png
x-rate-limit-remaining
9982
age
65149
x-cache
Hit from cloudfront
p3p
CP="HONK"
status
200
content-length
1362
last-modified
Sat, 14 Jul 2018 01:54:35 GMT
server
nginx
strict-transport-security
max-age=315360000
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-rate-limit-reset
1537303401
x-robots-tag
none
x-amz-cf-id
y0w-033wCJo0wXMzzsyH9jrBwh5qS-nI7LXmlasjk7VAkVxeC7wEuA==
expires
Wed, 18 Sep 2019 20:42:57 GMT
initLoginPage.pack.40d08bedbb6ac392fbc9bcf4c7c02390.js
ok4static.oktacdn.com/assets/js/mvc/loginpage/ 		2 MB
568 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok4static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.40d08bedbb6ac392fbc9bcf4c7c02390.js?v=1
Requested by
Host: farmersinsurance.okta.com
URL: https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7plm3dzFGnGLJt1t7
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.98.51 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-98-51.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
4f51e618cb189ce6bb1a3183c189fa8e62a89c5d9553caf6e7e0b5d8f296a073
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7plm3dzFGnGLJt1t7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 00:13:28 GMT
content-encoding
gzip
vary
Accept-Encoding
age
657318
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 06 Sep 2018 03:48:14 GMT
server
nginx
etag
W/"5b90a37e-1c23ab"
strict-transport-security
max-age=315360000
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"
via
1.1 10c9c057f4a519e21057a8790de37262.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
content-type
application/javascript
x-amz-cf-id
l10IJxB-PpOOVrKndq3XV0Z8mtZbtWaluQzPfCH6q_dggFvSUZZ-2A==
expires
Thu, 12 Sep 2019 00:13:28 GMT
iframe.html
login.okta.com/discovery/ Frame E001 		531 B
947 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: ok4static.oktacdn.com
URL: https://ok4static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.40d08bedbb6ac392fbc9bcf4c7c02390.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.181 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31e23c258da84f633eae1ea8079411d4a78ed84a9bd7d37d43c581b47892f111

Request headers

Host
login.okta.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7plm3dzFGnGLJt1t7
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
57879E969979C265479FE78B2E3731B9
Referer
https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7plm3dzFGnGLJt1t7

Response headers

Content-Type
text/html
Content-Length
531
Connection
keep-alive
Date
Tue, 08 May 2018 20:01:36 GMT
Last-Modified
Mon, 07 May 2018 20:01:29 GMT
ETag
"b1d1e772950c69e778a346ad4adac808"
Server
AmazonS3
Age
67416
X-Cache
Hit from cloudfront
Via
1.1 63c6fe97aba90610d2a46b7713c49586.cloudfront.net (CloudFront)
X-Amz-Cf-Id
1SNsUgq7PSu6GxlADTgrDybruPOx3iQkL-_PxJSbN1w6aow3JiSDCQ==
fileStoreRecord
ok4static.oktacdn.com/bc/image/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok4static.oktacdn.com/bc/image/fileStoreRecord?id=fs0407rgwq8AZFYXM1t7
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.98.51 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-98-51.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
c7d36a74a05badbd6f519d96ae467ac554304bd19905a3ec6752fbb5ff63a2dd
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
https://farmersinsurance.okta.com/login/login.htm?fromURI=%2Fhome%2Ffarmersinsurance_quickbaseitsm_1%2F0oa7pliz5i8RBptb01t7%2Faln7plm3dzFGnGLJt1t7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-okta-request-id
WsTlXzDv5INrLFAKl683lgAABNw
date
Wed, 04 Apr 2018 14:46:55 GMT
via
1.1 10c9c057f4a519e21057a8790de37262.cloudfront.net (CloudFront)
x-rate-limit-limit
10000
content-type
image/png
x-rate-limit-remaining
9962
age
1787093
x-cache
Hit from cloudfront
p3p
CP="HONK"
status
200
content-length
6718
last-modified
Wed, 20 Sep 2017 14:01:35 GMT
server
nginx
strict-transport-security
max-age=315360000
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-rate-limit-reset
1522853237
x-robots-tag
none
x-amz-cf-id
4RxJDLQOIxytpwlwyK0FAYuU5LspTryiIGpqgYJssRjsKMydpT5T6g==
expires
Thu, 04 Apr 2019 14:46:55 GMT
checkbox-sign-in-widget.7846b2f8c6d0a7ca69fdd3d3c294e92d.png
ok4static.oktacdn.com/assets/loginpage/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok4static.oktacdn.com/assets/loginpage/img/ui/forms/checkbox-sign-in-widget.7846b2f8c6d0a7ca69fdd3d3c294e92d.png
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.98.51 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-98-51.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665

Request headers

Referer
https://ok4static.oktacdn.com/assets/loginpage/css/okta-login-page.min.88c003cadf2616a8827c8a1531c3fea9.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 03 Oct 2017 23:15:04 GMT
via
1.1 10c9c057f4a519e21057a8790de37262.cloudfront.net (CloudFront)
age
30296022
x-cache
Hit from cloudfront
status
200
content-length
3141
last-modified
Mon, 02 Oct 2017 22:10:04 GMT
server
nginx
etag
"59d2b93c-c45"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
BScQ02r82-IQ2lnsP8uauf9T2wGvXp840hv9lXvRPIpoZIqwB6ciyg==
expires
Wed, 03 Oct 2018 23:15:04 GMT
okticon.31036a2f6d125325e0caa9ba52db6bfd.woff
ok4static.oktacdn.com/assets/loginpage/font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok4static.oktacdn.com/assets/loginpage/font/okticon.31036a2f6d125325e0caa9ba52db6bfd.woff
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.98.6 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-98-6.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
e98a25ab47e6f3ecc22c6b0830a936776fe1594a1a56ce4e3b32c0b7156a9835
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://ok4static.oktacdn.com/assets/loginpage/css/okta-login-page.min.88c003cadf2616a8827c8a1531c3fea9.css
Origin
https://farmersinsurance.okta.com

Response headers

date
Thu, 09 Aug 2018 00:49:34 GMT
via
1.1 667c910f3fc9012a6ddd6dd1ee242781.cloudfront.net (CloudFront)
age
1778337
x-cache
Hit from cloudfront
status
200
content-length
22116
last-modified
Mon, 16 Jul 2018 22:18:10 GMT
server
nginx
etag
"5b4d19a2-5664"
strict-transport-security
max-age=315360000
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-type
application/font-woff
x-amz-cf-id
WIXIOuuHGO701aCOjPlUjfJd5rusVi_2ENklQd8E9bZQOZPlNNy9-g==
expires
Fri, 09 Aug 2019 00:49:34 GMT
discoveryIframe-a3766d114bdf498ab637.min.js
login.okta.com/lib/ Frame E001 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/lib/discoveryIframe-a3766d114bdf498ab637.min.js
Requested by
Host: login.okta.com
URL: https://login.okta.com/discovery/iframe.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.181 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3930fa8167a70071ca78a3b90052df890f1d08c164981559095d9be89523c48

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
login.okta.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://login.okta.com/discovery/iframe.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://login.okta.com/discovery/iframe.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 May 2018 20:01:37 GMT
Via
1.1 63c6fe97aba90610d2a46b7713c49586.cloudfront.net (CloudFront)
Last-Modified
Mon, 07 May 2018 20:01:29 GMT
Server
AmazonS3
Age
67391
ETag
"e4f6024d630e259b798b7d296fff617b"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Content-Length
92755
X-Amz-Cf-Id
bCry0em0wlP4FG9s9H4vKi2srAL4RkAhWpKn1kcFDRd37xcxv4iwDg==

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| okta function| runLoginPage object| OktaLogin object| jQBrowser function| jQueryCourage object| Backbone object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill

5 Cookies

Domain/Path Name / Value
farmersinsurance.okta.com/ Name: t
Value: default
farmersinsurance.okta.com/ Name: ADRUM_BT1
Value: "R:140|i:12171|e:54"
farmersinsurance.okta.com/ Name: DT
Value: DI0WUX3S7w6RyarzwsI2-HaLQ
farmersinsurance.okta.com/ Name: JSESSIONID
Value: 7E6F20995A284F6DED5C675264A07DA6
farmersinsurance.okta.com/ Name: ADRUM_BTa
Value: "R:140|g:66dede2e-f819-491d-aeb4-4ea8db47d098|n:Okta_6d5b1e30-d05a-4894-a37b-81b5f6c60e0e"

1 Console Messages

Source Level URL
Text
console-api log URL: https://ok4static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.40d08bedbb6ac392fbc9bcf4c7c02390.js?v=1(Line 27205)
Message:
[okta-auth-sdk] WARN: This browser doesn't support localStorage. Switching to sessionStorage.