urlscan.io logo urlscan.io
SecurityTrails logo

id.archerirm.cloud Open in urlscan Pro
2606:4700:4400::6812:2b76  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://engage.archerirm.us/assessments/28aad038-b885-4b9c-9df0-8c36703de461
Effective URL: https://id.archerirm.cloud/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=DmC2lAPailYTWS9rYHW42Xixxs-P87aRC...
Submission: On November 16 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 19 HTTP transactions. The main IP is 2606:4700:4400::6812:2b76, located in United States and belongs to CLOUDFLARENET, US. The main domain is id.archerirm.cloud.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2022. Valid for: a year.
This is the only time id.archerirm.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 108.157.142.74 16509 (AMAZON-02)
1 1 2600:1f14:917... 16509 (AMAZON-02)
1 3 2606:4700:440... 13335 (CLOUDFLAR...)
1 2600:1f18:24e... 14618 (AMAZON-AES)
8 18.164.116.19 16509 (AMAZON-02)
2 99.84.37.33 16509 (AMAZON-02)
19 6
5    108.157.142.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-142-74.mci50.r.cloudfront.net
engage.archerirm.us
1    2600:1f14:917:5700:3f0:f5da:3386:6450 (Boardman, United States)

ASN16509 (AMAZON-02, US)
engage-sso-prod.auth.us-west-2.amazoncognito.com
3    2606:4700:4400::6812:2b76 (United States)

ASN13335 (CLOUDFLARENET, US)
id.archerirm.cloud
1    2600:1f18:24e6:b900:f071:f010:5760:c5fd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum-http-intake.logs.datadoghq.com
8    18.164.116.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-19.jfk50.r.cloudfront.net
ok12static.oktacdn.com
2    99.84.37.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-33.ewr52.r.cloudfront.net
login.okta.com
Apex Domain
Subdomains		 Transfer
8 oktacdn.com
ok12static.oktacdn.com — Cisco Umbrella Rank: 15010
674 KB
5 archerirm.us
engage.archerirm.us
2 MB
3 archerirm.cloud
id.archerirm.cloud
6 KB
2 okta.com
login.okta.com — Cisco Umbrella Rank: 5114
97 KB
1 datadoghq.com
rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 4072
1 amazoncognito.com
engage-sso-prod.auth.us-west-2.amazoncognito.com
2 KB
19 6
Domain Requested by
8 ok12static.oktacdn.com id.archerirm.cloud
ok12static.oktacdn.com
5 engage.archerirm.us engage.archerirm.us
3 id.archerirm.cloud 1 redirects engage.archerirm.us
ok12static.oktacdn.com
2 login.okta.com ok12static.oktacdn.com
login.okta.com
1 rum-http-intake.logs.datadoghq.com engage.archerirm.us
1 engage-sso-prod.auth.us-west-2.amazoncognito.com 1 redirects
19 6

This site contains no links.

Subject Issuer Validity Valid
engage.archerirm.us
Amazon		 2022-08-25 -
2023-09-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-15 -
2023-06-15		 a year crt.sh
*.logs.datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-26 -
2023-04-26		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-22 -
2023-01-22		 a year crt.sh
accounts.okta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-13 -
2023-07-25		 a year crt.sh

This page contains 2 frames:

Primary Page: https://id.archerirm.cloud/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=DmC2lAPailYTWS9rYHW42Xixxs-P87aRC8OCRux28JU
Frame ID: EDA62EB7BCE24A525BAF8145CBAEDCDC
Requests: 17 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: 4415F875EECCD3872169E21611FA4ECC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Archer - Sign In

Page URL History Show full URLs

  1. https://engage.archerirm.us/assessments/28aad038-b885-4b9c-9df0-8c36703de461 Page URL
  2. https://engage-sso-prod.auth.us-west-2.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fd2h81p9bdeqa2h.cloudfront.net%2F... HTTP 302
    https://id.archerirm.cloud/oauth2/v1/authorize?client_id=0oa6cwiujgtS1fALc5d7&redirect_uri=https%3A%2F%... HTTP 302
    https://id.archerirm.cloud/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=DmC2lAPailYTW... Page URL

Page Statistics

19
Requests

95 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

2416 kB
Transfer

10283 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://engage.archerirm.us/assessments/28aad038-b885-4b9c-9df0-8c36703de461 Page URL
  2. https://engage-sso-prod.auth.us-west-2.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fd2h81p9bdeqa2h.cloudfront.net%2F&response_type=code&client_id=499blnnh5v3ght9a6t0359j4th&identity_provider=Okta&scopes=email%2Copenid%2Cprofile%2Caws.cognito.signin.user.admin&state=Gdx2meTjuApy2BP2iu7Ued1ILpqaPGlq-%2Fassessments%2F28aad038_b885_4b9c_9df0_8c36703de461&code_challenge=3vuJwDfvuJs955S_q_Pz9L210pvrdc_zUXNKdNzvcZA&code_challenge_method=S256 HTTP 302
    https://id.archerirm.cloud/oauth2/v1/authorize?client_id=0oa6cwiujgtS1fALc5d7&redirect_uri=https%3A%2F%2Fengage-sso-prod.auth.us-west-2.amazoncognito.com%2Foauth2%2Fidpresponse&scope=email+profile+openid&response_type=code&state=H4sIAAAAAAAAAD2SW3PaMBCF_4ufI-OrsHgjQLklsRMKNDQdj2zJlsG2BJINodP_3s1D-6L9NDrn7I6k3xa1Rlan0ZVrg7y0iOuEHK6SWA9WBifxyVDAHDAgJKvbVoS9XwpDKDaOH5JjYAQIGAiEMUqPBgPmichVJGP8TD1h57XsWHGRrbFbbgYg5iDOJeOAxVeP5XQCWFqjnxa9ajuXZVsZaesKamt3ml9sypqq_bI2tKqhSsXbigEoIduvIHWRRVVz69eDJSBzzm5ew78fu7H69B4Tr-qGW87c5ZM602Ren9HHx4BqzbVueGs07LyIUub4UZpFUZgGGclTwgonjXIfDx2f8QC70KeCcL_vVtdpAasmYbhJz2lyJ0-e66j-wvL0vv3xsmYv9z4_jMFxBMfGCzHgCXD_uaKTx7x7lWF9kcm2ROvnmM8oLuZLMQvO2wy_9zcRv8XjyW79WLoyea61F9-UeI97vt5rZ6yR0at2hRZosaDHUCq_ipfVZLNcHGLJ3l7V7pSks_meOWHn6OVbeDx0u-3Q6U_7nZgkn3zhTObVjE-np-qbEoF5l7tMPqEr1oKoa078jUxuM5i4hol5W9KSI60lgltmNu2MsP9_GZs29C7bf4-WywZsjTVyMY6wE2HswONYo4LWmj9YF8gbck597lI09AhGgcc4yqIhQWEYBC7HRRExYv35C0u3DGqaAgAA.H4sIAAAAAAAAAAEgAN__H-1_9v4b8TYhHvy7ur3lUuDGw5StbkJ_0rr-UCQaZMi1gxS1IAAAAA.3 HTTP 302
    https://id.archerirm.cloud/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=DmC2lAPailYTWS9rYHW42Xixxs-P87aRC8OCRux28JU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
28aad038-b885-4b9c-9df0-8c36703de461
engage.archerirm.us/assessments/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://engage.archerirm.us/assessments/28aad038-b885-4b9c-9df0-8c36703de461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.142.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-142-74.mci50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
471290a520e6947454d726a434349755fbaa298c28adaf2a0f3c292505e6aeed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
5215
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 16 Nov 2022 14:24:18 GMT
ETag
W/"c276ecb6b6f00043530841eadb6a6964"
Last-Modified
Mon, 14 Nov 2022 09:07:43 GMT
Server
AmazonS3
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 db3e57cd2df5f5ed34aca58ca36b7f98.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Gzx-zgXZRFT34AtCQB__FdostTkcyOZ2N-ah0PMc0Y3pZ0o601y3Ig==
X-Amz-Cf-Pop
MCI50-P1
X-Cache
Error from cloudfront
X-Frame-Options
DENY
x-amz-server-side-encryption
AES256
2.1b7bbd93.chunk.css
engage.archerirm.us/static/css/ 		751 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://engage.archerirm.us/static/css/2.1b7bbd93.chunk.css
Requested by
Host: engage.archerirm.us
URL: https://engage.archerirm.us/assessments/28aad038-b885-4b9c-9df0-8c36703de461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.142.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-142-74.mci50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6c4aa3cb8044beea8d7b34db0555364f7ed1485df3362c407267626ba85518e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://engage.archerirm.us/assessments/28aad038-b885-4b9c-9df0-8c36703de461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Date
Wed, 16 Nov 2022 14:24:18 GMT
Via
1.1 db3e57cd2df5f5ed34aca58ca36b7f98.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MCI50-P1
Age
1215
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
751
Last-Modified
Mon, 14 Nov 2022 09:07:45 GMT
Server
AmazonS3
ETag
"b430e392a78897b81399b487fa6bdac0"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
X-Amz-Cf-Id
jSHkLV-TKi9IqhmJ1mbvb7H8Yb5eetjIAdH1uFxeDvsvzN5T2bFVvg==
main.eb6083e9.chunk.css
engage.archerirm.us/static/css/ 		186 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://engage.archerirm.us/static/css/main.eb6083e9.chunk.css
Requested by
Host: engage.archerirm.us
URL: https://engage.archerirm.us/assessments/28aad038-b885-4b9c-9df0-8c36703de461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.142.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-142-74.mci50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ee06b09d25286cc0041b42f48c3977ffda7eb54f74e04162fcd30fcb6933b09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://engage.archerirm.us/assessments/28aad038-b885-4b9c-9df0-8c36703de461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Encoding
gzip
Via
1.1 8812178a174bf0625299e1bd0e9ac280.cloudfront.net (CloudFront)
Date
Wed, 16 Nov 2022 14:24:19 GMT
X-Amz-Cf-Pop
MCI50-P1
Age
5215
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 14 Nov 2022 09:07:46 GMT
Server
AmazonS3
ETag
W/"ce4a2a39f19d4a42cad1921568563048"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
text/css
X-Amz-Cf-Id
V13Dqv8A5skB66d5cNL1s79kM-0VpXvgPW5aaYhCv6FzVWrNmtZVGw==
2.af2df8d2.chunk.js
engage.archerirm.us/static/js/ 		7 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.archerirm.us/static/js/2.af2df8d2.chunk.js
Requested by
Host: engage.archerirm.us
URL: https://engage.archerirm.us/assessments/28aad038-b885-4b9c-9df0-8c36703de461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.142.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-142-74.mci50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09e330e0b25d5bbb1a2999e9d0d5536c9508ba236f655bebac1b13b57709c24d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://engage.archerirm.us/assessments/28aad038-b885-4b9c-9df0-8c36703de461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Encoding
gzip
Via
1.1 ad90c41dcd819cda8680b348a8c92d6e.cloudfront.net (CloudFront)
Date
Wed, 16 Nov 2022 14:24:19 GMT
X-Amz-Cf-Pop
MCI50-P1
Age
5215
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 14 Nov 2022 09:07:48 GMT
Server
AmazonS3
ETag
W/"7cd4d544cc3bc9ba0ce4f18212c185d0-2"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
application/javascript
X-Amz-Cf-Id
X5deYNFSQ4mbc-JkYKJe8AbHbGAQRQpOPB-R0AUPRvAXAe4Iqrv4Sw==
main.ab7c0e4d.chunk.js
engage.archerirm.us/static/js/ 		553 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.archerirm.us/static/js/main.ab7c0e4d.chunk.js
Requested by
Host: engage.archerirm.us
URL: https://engage.archerirm.us/assessments/28aad038-b885-4b9c-9df0-8c36703de461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.142.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-142-74.mci50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d96de0fb9f7d7f2e6b68c1485795fef740d56e16bc6304475d73c6e967fefb96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://engage.archerirm.us/assessments/28aad038-b885-4b9c-9df0-8c36703de461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Encoding
gzip
Via
1.1 f94f111858ae30776d9438404c17ed14.cloudfront.net (CloudFront)
Date
Wed, 16 Nov 2022 14:24:19 GMT
X-Amz-Cf-Pop
MCI50-P1
Age
5215
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 14 Nov 2022 09:07:53 GMT
Server
AmazonS3
ETag
W/"af9d832e01f452ea588aa2611e43b4ea"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
application/javascript
X-Amz-Cf-Id
IXyzMIz6W8u9qSCWTX-d4TaEjibX8M8HgAfxXjsy9u6yderAnUzQLA==
Primary Request login.htm
id.archerirm.cloud/login/
Redirect Chain
  • https://engage-sso-prod.auth.us-west-2.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fd2h81p9bdeqa2h.cloudfront.net%2F&response_type=code&client_id=499blnnh5v3ght9a6t0359j4th&identit...
  • https://id.archerirm.cloud/oauth2/v1/authorize?client_id=0oa6cwiujgtS1fALc5d7&redirect_uri=https%3A%2F%2Fengage-sso-prod.auth.us-west-2.amazoncognito.com%2Foauth2%2Fidpresponse&scope=email+profile+...
  • https://id.archerirm.cloud/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=DmC2lAPailYTWS9rYHW42Xixxs-P87aRC8OCRux28JU
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id.archerirm.cloud/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=DmC2lAPailYTWS9rYHW42Xixxs-P87aRC8OCRux28JU
Requested by
Host: engage.archerirm.us
URL: https://engage.archerirm.us/static/js/2.af2df8d2.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69a16ab43e9890ea4f77d46e4f4bbb8a67d820ba1c39fc5cf2a1afca676da00b
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
76b0e3c42c052bb3-ORD
content-encoding
gzip
content-language
en
content-security-policy-report-only
frame-ancestors 'self'
content-type
text/html;charset=utf-8
date
Wed, 16 Nov 2022 14:24:21 GMT
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires
0
p3p
CP="HONK"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-okta-request-id
Y3Tylftcu2qmvxjW0mqP2QAAAgc
x-rate-limit-limit
1200
x-rate-limit-remaining
1197
x-rate-limit-reset
1668608719
x-robots-tag
noindex,nofollow
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
76b0e3c12ef62bb3-ORD
content-language
en
content-length
0
date
Wed, 16 Nov 2022 14:24:21 GMT
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires
0
location
https://id.archerirm.cloud/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=DmC2lAPailYTWS9rYHW42Xixxs-P87aRC8OCRux28JU
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=315360000; includeSubDomains
x-okta-request-id
Y3TylPtcu2qmvxjW0mqP0wAAAgc
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1668608720
x-robots-tag
noindex,nofollow
x-xss-protection
0
pub4b4b897b5996654214795fe3d730f16a
rum-http-intake.logs.datadoghq.com/v1/input/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pub4b4b897b5996654214795fe3d730f16a?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Aengage-prod%2Cversion%3A1.0.0&batch_time=1668608659953
Requested by
Host: engage.archerirm.us
URL: https://engage.archerirm.us/static/js/2.af2df8d2.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:f071:f010:5760:c5fd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://engage.archerirm.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
pub4b4b897b5996654214795fe3d730f16a
rum-http-intake.logs.datadoghq.com/v1/input/ 		0
0
okta-sign-in.min.js
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/js/ 		2 MB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/js/okta-sign-in.min.js
Requested by
Host: id.archerirm.cloud
URL: https://id.archerirm.cloud/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=DmC2lAPailYTWS9rYHW42Xixxs-P87aRC8OCRux28JU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
9d75be9fa71d9de02417f044d50b1264dc564d453ee20efc7faa9d819a8ffdfb
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://id.archerirm.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 08:29:42 GMT
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
1403679
x-cache
Hit from cloudfront
last-modified
Thu, 03 Feb 2022 20:32:13 GMT
server
nginx
etag
W/"3201febd49d61359da808444b6a8dd0e"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
q7a9FLt7cYjK38Hl8QhUeNzdtGnmLzROCKg12r8I4xE5FpCEeQLxeA==
expires
Tue, 31 Oct 2023 08:29:42 GMT
okta-sign-in.min.css
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/ 		211 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
Requested by
Host: id.archerirm.cloud
URL: https://id.archerirm.cloud/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=DmC2lAPailYTWS9rYHW42Xixxs-P87aRC8OCRux28JU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
9088ba84bd8facb1ae216959655256308143f85f3608acb93880347b60f9a620
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://id.archerirm.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 09:14:52 GMT
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
623369
x-cache
Hit from cloudfront
last-modified
Thu, 03 Feb 2022 20:32:03 GMT
server
nginx
etag
W/"32082203138e95c3496af212b9076cd4"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
FDKjV0BOodTHan80OsVo7mjlu4UHOD33K6_RjQ5jnQBCviEQFWVjDA==
expires
Thu, 09 Nov 2023 09:14:52 GMT
custom-signin.241e0fb439244dc50c5929c0513a6765.css
ok12static.oktacdn.com/assets/loginpage/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok12static.oktacdn.com/assets/loginpage/css/custom-signin.241e0fb439244dc50c5929c0513a6765.css
Requested by
Host: id.archerirm.cloud
URL: https://id.archerirm.cloud/login/login.htm?fromURI=/oauth2/v1/authorize/redirect?okta_key=DmC2lAPailYTWS9rYHW42Xixxs-P87aRC8OCRux28JU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://id.archerirm.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 08:29:42 GMT
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
1403679
x-cache
Hit from cloudfront
last-modified
Tue, 22 Mar 2022 21:07:17 GMT
server
nginx
etag
W/"241e0fb439244dc50c5929c0513a6765"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
hsvqwmV_S7yyJOOSRmwkUaukrdSxqNBTfQ5aHtVfBqUuS-8BWrMmjA==
expires
Tue, 31 Oct 2023 08:29:42 GMT
initLoginPage.pack.2bdb59c1d8e3f47bf6fd77317d3b5214.js
ok12static.oktacdn.com/assets/js/mvc/loginpage/ 		204 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok12static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.2bdb59c1d8e3f47bf6fd77317d3b5214.js
Requested by
Host:
URL: OktaUtil.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
aceefc59efc53b72a00a04b44d641f2af026de4de7743f648b08611b5a4e6770
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://id.archerirm.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 12:33:43 GMT
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
870638
x-cache
Hit from cloudfront
last-modified
Tue, 18 Oct 2022 21:08:35 GMT
server
nginx
etag
W/"2bdb59c1d8e3f47bf6fd77317d3b5214"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
NeUVw2Y-9LrnDev7umRw7Vv1gqk14pxp1La84J0Ce3ZCmTSzfZlWjg==
expires
Mon, 06 Nov 2023 12:33:43 GMT
fs0p3kgyjlUOcFgwt5d6
ok12static.oktacdn.com/fs/bco/1/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok12static.oktacdn.com/fs/bco/1/fs0p3kgyjlUOcFgwt5d6
Requested by
Host: id.archerirm.cloud
URL: https://id.archerirm.cloud/signin/refresh-auth-state/00MgQ9zNWtKP7o10hpUiMH2xj_92vzIopju6ZAqVKE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
4b2b14ab7b0e800ead9670f25bcd6d597c4ccc576d7d6ec460f1e77e6b1460a2
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://id.archerirm.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 05:05:17 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
1675144
x-cache
Hit from cloudfront
content-length
5374
last-modified
Thu, 06 May 2021 02:13:51 GMT
server
nginx
etag
"8b5ab809197610dc30ec7cd594d4251a"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
cg6ONrCXZXM4BNTnwZpKk4PvYHQdCZfiC_GTzbM4BIS3Df8vxk7pkg==
expires
Sat, 28 Oct 2023 05:05:17 GMT
introspect
id.archerirm.cloud/api/v1/authn/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.archerirm.cloud/api/v1/authn/introspect
Requested by
Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/js/okta-sign-in.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2020a26ddb351acd01cc4029736f6a6c6e7f27cebef9dc70a22ab0e6566186fe
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://id.archerirm.cloud/signin/refresh-auth-state/00MgQ9zNWtKP7o10hpUiMH2xj_92vzIopju6ZAqVKE
X-Okta-User-Agent-Extended
okta-auth-js/5.8.0 okta-signin-widget-5.16.1
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

x-okta-request-id
Y3Tylftcu2qmvxjW0mqP5AAAAgc
date
Wed, 16 Nov 2022 14:24:22 GMT
strict-transport-security
max-age=315360000; includeSubDomains
x-rate-limit-limit
600
x-content-type-options
nosniff
content-encoding
gzip
x-rate-limit-remaining
598
cf-cache-status
DYNAMIC
content-security-policy-report-only
frame-ancestors 'self'
p3p
CP="HONK"
x-xss-protection
0
pragma
no-cache
server
cloudflare
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://id.archerirm.cloud
x-rate-limit-reset
1668608673
access-control-allow-credentials
true
cache-control
no-cache, no-store
cf-ray
76b0e3c90c202bb3-ORD
access-control-allow-headers
Content-Type
expires
0
montserrat-light-webfont.woff
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/font/montserrat-light-webfont.woff
Requested by
Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
Origin
https://id.archerirm.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 10:00:01 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 c70c0d114d0fcf32b9941c29c00266de.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
707061
x-cache
Hit from cloudfront
content-length
22112
last-modified
Thu, 03 Feb 2022 20:32:05 GMT
server
nginx
etag
"6225f3ca44b83090833064727a09cc95"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
BUXV7ISY8y1ewzUzYC58yET8to4BgcInyHPbLObzm6pn3UAgRVLjvg==
expires
Wed, 08 Nov 2023 10:00:01 GMT
iframe.html
login.okta.com/discovery/ Frame 4415 		546 B
986 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.2bdb59c1d8e3f47bf6fd77317d3b5214.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-33.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64b87d7f20fd8415961b110eea44d95759b9dd8573f5c1a08bd8cd321d3193d2

Request headers

Referer
https://id.archerirm.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
56585
Connection
keep-alive
Content-Length
546
Content-Type
text/html
Date
Tue, 15 Nov 2022 22:41:18 GMT
ETag
"d31972220c176b431cfc97fb589e3faa"
Last-Modified
Wed, 02 Nov 2022 17:14:32 GMT
Server
AmazonS3
Via
1.1 f0ab8d467f15305a984bbb6e71d77f06.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Jssiut--FExJjRC7flsn7lVa6jT7XTFHxXyJycx9raY9RDfgb7xOrw==
X-Amz-Cf-Pop
EWR52-C4
X-Cache
Hit from cloudfront
checkbox-sign-in-widget.png
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 08:24:47 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
367175
x-cache
Hit from cloudfront
content-length
3141
last-modified
Thu, 03 Feb 2022 20:32:05 GMT
server
nginx
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
cq0vGicSR9j8LmVFTogh6N2by4cl1wtKKPy0wV4ZCMyqQdAiGBtOZQ==
expires
Sun, 12 Nov 2023 08:24:47 GMT
montserrat-regular-webfont.woff
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/font/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/font/montserrat-regular-webfont.woff
Requested by
Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
Origin
https://id.archerirm.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 09:27:46 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 c70c0d114d0fcf32b9941c29c00266de.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
1572996
x-cache
Hit from cloudfront
content-length
21980
last-modified
Thu, 03 Feb 2022 20:32:05 GMT
server
nginx
etag
"8f2822b73b5f9c106c6f2e0db820bcbb"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
V2ZlLEzlCCCNP20d3Y6YOE3uV3Lo2M76vSQlVFzXnflKPG4EsJhnWg==
expires
Sun, 29 Oct 2023 09:27:46 GMT
discoveryIframe-2692d5ddd2b91a4c061d.min.js
login.okta.com/lib/ Frame 4415 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/lib/discoveryIframe-2692d5ddd2b91a4c061d.min.js
Requested by
Host: login.okta.com
URL: https://login.okta.com/discovery/iframe.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-33.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e411407027a30686cacf70e8cdbda75187d227dab220c4a5f39be7e66c018736

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.okta.com/discovery/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 08:01:20 GMT
Via
1.1 f0ab8d467f15305a984bbb6e71d77f06.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Nov 2022 17:14:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
EWR52-C4
Age
22983
ETag
"1e81b8f8e1712aeff69a4b08b45e2d61"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Content-Length
97960
X-Amz-Cf-Id
Pb-BBHfv7EHw9GmwuMVqIHsWIyBIT708MTqzwSqIo7Wu2swsicODMg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rum-http-intake.logs.datadoghq.com
URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pub4b4b897b5996654214795fe3d730f16a?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Aengage-prod%2Cversion%3A1.0.0&batch_time=1668608661318

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| regeneratorRuntime function| setImmediate function| clearImmediate object| Backbone function| jQueryCourage object| u2f function| OktaSignIn function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil object| config object| oktaSignIn object| OktaLogin object| jQBrowser

8 Cookies

Domain/Path Name / Value
engage.archerirm.us/ Name: _dd_s
Value: rum=1&id=a6d615d7-71b5-42c8-a3f2-8d48f2186fe5&created=1668608659888&expire=1668609559888
engage-sso-prod.auth.us-west-2.amazoncognito.com/ Name: XSRF-TOKEN
Value: 53e0c094-5e34-4e48-bee2-1c4535160eef
engage-sso-prod.auth.us-west-2.amazoncognito.com/ Name: csrf-state
Value: WyJaCBcuQo5lroPUg-KMOeEa6fGIhE4qUb6YvxhOROACVKBg1oPMls2OxphYOveKWs0As-tsJnJ-H-HHaj5op3iOIiCSIHZOodRQpVkP_EGWd05u0sIR5jZuVU70vkWVhCPyeH0CGiEeDDkiFph4tYoVboL-w6sh9pwc93SoPxE
engage-sso-prod.auth.us-west-2.amazoncognito.com/ Name: csrf-state-legacy
Value: WyJaCBcuQo5lroPUg-KMOeEa6fGIhE4qUb6YvxhOROACVKBg1oPMls2OxphYOveKWs0As-tsJnJ-H-HHaj5op3iOIiCSIHZOodRQpVkP_EGWd05u0sIR5jZuVU70vkWVhCPyeH0CGiEeDDkiFph4tYoVboL-w6sh9pwc93SoPxE
id.archerirm.cloud/ Name: t
Value: blue-dark
id.archerirm.cloud/ Name: DT
Value: DI1DNGRX5oRQUiuL0QqDnIAwQ
id.archerirm.cloud/ Name: JSESSIONID
Value: F15AE934E02EE4F26188026143AD235E
id.archerirm.cloud/ Name: oktaStateToken
Value: 00MgQ9zNWtKP7o10hpUiMH2xj_92vzIopju6ZAqVKE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

engage-sso-prod.auth.us-west-2.amazoncognito.com
engage.archerirm.us
id.archerirm.cloud
login.okta.com
ok12static.oktacdn.com
rum-http-intake.logs.datadoghq.com
rum-http-intake.logs.datadoghq.com
108.157.142.74
18.164.116.19
2600:1f14:917:5700:3f0:f5da:3386:6450
2600:1f18:24e6:b900:f071:f010:5760:c5fd
2606:4700:4400::6812:2b76
99.84.37.33
09e330e0b25d5bbb1a2999e9d0d5536c9508ba236f655bebac1b13b57709c24d
0ee06b09d25286cc0041b42f48c3977ffda7eb54f74e04162fcd30fcb6933b09
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
2020a26ddb351acd01cc4029736f6a6c6e7f27cebef9dc70a22ab0e6566186fe
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
471290a520e6947454d726a434349755fbaa298c28adaf2a0f3c292505e6aeed
4b2b14ab7b0e800ead9670f25bcd6d597c4ccc576d7d6ec460f1e77e6b1460a2
64b87d7f20fd8415961b110eea44d95759b9dd8573f5c1a08bd8cd321d3193d2
69a16ab43e9890ea4f77d46e4f4bbb8a67d820ba1c39fc5cf2a1afca676da00b
9088ba84bd8facb1ae216959655256308143f85f3608acb93880347b60f9a620
9d75be9fa71d9de02417f044d50b1264dc564d453ee20efc7faa9d819a8ffdfb
aceefc59efc53b72a00a04b44d641f2af026de4de7743f648b08611b5a4e6770
d96de0fb9f7d7f2e6b68c1485795fef740d56e16bc6304475d73c6e967fefb96
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
e411407027a30686cacf70e8cdbda75187d227dab220c4a5f39be7e66c018736
f6c4aa3cb8044beea8d7b34db0555364f7ed1485df3362c407267626ba85518e
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace