urlscan.io logo urlscan.io
SecurityTrails logo

gamestop.okta.com Open in urlscan Pro
3.132.23.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://inside.gamestop.com/covid-19-vaccine-advocacy/
Effective URL: https://gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/saml
Submission: On November 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 13 HTTP transactions. The main IP is 3.132.23.99, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is gamestop.okta.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 1st 2021. Valid for: a year.
This is the only time gamestop.okta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 35.184.88.231 15169 (GOOGLE)
1 3.132.23.99 16509 (AMAZON-02)
11 143.204.98.4 16509 (AMAZON-02)
13 3
Apex Domain
Subdomains		 Transfer
11 oktacdn.com
ok6static.oktacdn.com
718 KB
2 gamestop.com
inside.gamestop.com
2 KB
1 okta.com
gamestop.okta.com
4 KB
13 3
Domain Requested by
11 ok6static.oktacdn.com gamestop.okta.com
ok6static.oktacdn.com
2 inside.gamestop.com 1 redirects
1 gamestop.okta.com
13 3

This site contains no links.

Subject Issuer Validity Valid
inside.gamestop.com
R3		 2021-09-28 -
2021-12-27		 3 months crt.sh
*.okta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-05-02		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-15 -
2022-01-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/saml
Frame ID: 8B338C9D2D1BB525FE40A5F6ED212746
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GameStop - Zugriff verboten

Page URL History Show full URLs

  1. https://inside.gamestop.com/covid-19-vaccine-advocacy/ HTTP 302
    https://inside.gamestop.com/wp-login.php?redirect_to=%2Fcovid-19-vaccine-advocacy%2F&action=wp-saml-auth Page URL
  2. https://gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/saml Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

723 kB
Transfer

2186 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://inside.gamestop.com/covid-19-vaccine-advocacy/ HTTP 302
    https://inside.gamestop.com/wp-login.php?redirect_to=%2Fcovid-19-vaccine-advocacy%2F&action=wp-saml-auth Page URL
  2. https://gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/saml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://inside.gamestop.com/covid-19-vaccine-advocacy/ HTTP 302
  • https://inside.gamestop.com/wp-login.php?redirect_to=%2Fcovid-19-vaccine-advocacy%2F&action=wp-saml-auth

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
wp-login.php
inside.gamestop.com/
Redirect Chain
  • https://inside.gamestop.com/covid-19-vaccine-advocacy/
  • https://inside.gamestop.com/wp-login.php?redirect_to=%2Fcovid-19-vaccine-advocacy%2F&action=wp-saml-auth
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://inside.gamestop.com/wp-login.php?redirect_to=%2Fcovid-19-vaccine-advocacy%2F&action=wp-saml-auth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.184.88.231 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.88.184.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
ebf4a0498f9b69c0661b95b2b74c4a09609a7e878125d41cbbf6b677f09c289e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 04 Nov 2021 19:11:43 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
x-frame-options
SAMEORIGIN
pragma
no-cache
x-powered-by
WP Engine
x-cacheable
NO:Passed
cache-control
max-age=0, must-revalidate, private
x-cache
MISS
x-pass-why
wp-admin
content-encoding
br

Redirect headers

server
nginx
date
Thu, 04 Nov 2021 19:11:43 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://inside.gamestop.com/wp-login.php?redirect_to=%2Fcovid-19-vaccine-advocacy%2F&action=wp-saml-auth
x-redirect-by
WordPress
x-powered-by
WP Engine
x-cacheable
non200
cache-control
max-age=0, must-revalidate, private
x-cache
MISS
x-cache-group
normal
Primary Request saml
gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/saml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.23.99 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-23-99.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d9c0e5fb231a2fed2448e3f621281ff178a0abc7c2318b191b2e91aaf4f34899
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
Origin
https://inside.gamestop.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://inside.gamestop.com/

Response headers

date
Thu, 04 Nov 2021 19:11:44 GMT
content-type
text/html;charset=utf-8
server
nginx
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
vary
Accept-Encoding
x-okta-request-id
YYQwcPWsa2QKFQu1Nsd@8wAABNA
x-xss-protection
0
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
cache-control
no-cache, no-store
pragma
no-cache
expires
0
x-content-type-options
nosniff
content-language
de
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
saasure-min.44321c5a4c857d530ce2fbd687c53056.css
ok6static.oktacdn.com/assets/css/ 		72 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok6static.oktacdn.com/assets/css/saasure-min.44321c5a4c857d530ce2fbd687c53056.css
Requested by
Host: gamestop.okta.com
URL: https://gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-4.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
337ecebcbad130d286256a0a975283ffa5f5cb578e5126eb63677eb9e9040f71
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamestop.okta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
etag
W/"44321c5a4c857d530ce2fbd687c53056"
age
255960
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 18 Aug 2021 00:26:02 GMT
server
nginx
date
Mon, 01 Nov 2021 20:05:44 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
kSy53SRsY6LAJpb7nXQ_h1cpXR64EHBAAsl5pADh2Ib109bZDkmFVw==
expires
Tue, 01 Nov 2022 20:05:44 GMT
courage.4e83825fe7317393bda6866643295d42.css
ok6static.oktacdn.com/assets/css/courage/ 		236 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok6static.oktacdn.com/assets/css/courage/courage.4e83825fe7317393bda6866643295d42.css
Requested by
Host: gamestop.okta.com
URL: https://gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-4.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
6848954b34e1a9e8a7e295355e937d90423de315aa43e29b7d95c3a62189670a
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamestop.okta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:44 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1468680
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 24 Aug 2021 23:54:29 GMT
server
nginx
etag
W/"4e83825fe7317393bda6866643295d42"
strict-transport-security
max-age=315360000; includeSubDomains
content-type
text/css
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
7J00NlfXE4R8VZjF2C6Wy53q_AAyApdK_tX-ytA-TPM8q5IBJ0liIw==
expires
Tue, 18 Oct 2022 19:13:44 GMT
admin-overrides.b37d62d7b29e36d86f6420831ac04e32.css
ok6static.oktacdn.com/assets/css/ 		131 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok6static.oktacdn.com/assets/css/admin-overrides.b37d62d7b29e36d86f6420831ac04e32.css
Requested by
Host: gamestop.okta.com
URL: https://gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-4.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
57619640e856dadff09b21ba69894dff46e3e8a73a80ac5b477fe3950309bd12
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamestop.okta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 23:06:25 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1713919
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 09 Sep 2021 00:14:47 GMT
server
nginx
etag
W/"b37d62d7b29e36d86f6420831ac04e32"
strict-transport-security
max-age=315360000; includeSubDomains
content-type
text/css
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Flg1x2KaMEYj6kvi4XluylFM_MHUuTx4B-IgYfXmyVKLizv81Y9S8w==
expires
Sat, 15 Oct 2022 23:06:25 GMT
errors.e0e7df89f5255d53c7e3dcfca7514f4b.css
ok6static.oktacdn.com/assets/css/sections/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok6static.oktacdn.com/assets/css/sections/errors.e0e7df89f5255d53c7e3dcfca7514f4b.css
Requested by
Host: gamestop.okta.com
URL: https://gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-4.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
35369ca98e9126dffd892c99d42ded5015bf8ce4c29f09016e497145b177c807
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamestop.okta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 05:51:31 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1689613
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 18 Aug 2021 00:26:36 GMT
server
nginx
etag
W/"e0e7df89f5255d53c7e3dcfca7514f4b"
strict-transport-security
max-age=315360000; includeSubDomains
content-type
text/css
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
cVTn1KPrOZlnKXjCC_qTKeX-MxKyU5aH26A2CFp8qvAfSj5H3ZoJ_w==
expires
Sun, 16 Oct 2022 05:51:31 GMT
dll.common.pack.3e16e3fddc05c82fe243b96a5c2020e3.js
ok6static.oktacdn.com/assets/js/mvc/dll-common/ 		1 MB
474 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok6static.oktacdn.com/assets/js/mvc/dll-common/dll.common.pack.3e16e3fddc05c82fe243b96a5c2020e3.js
Requested by
Host: gamestop.okta.com
URL: https://gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-4.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
8dd94c762b9c1da5d891ead6da1bc685b10a74050f96f1972cbb4591d046c6de
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://gamestop.okta.com/
Origin
https://gamestop.okta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 00:56:37 GMT
content-encoding
gzip
vary
Accept-Encoding
age
152106
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 02 Nov 2021 23:59:03 GMT
server
nginx
etag
W/"3e16e3fddc05c82fe243b96a5c2020e3"
strict-transport-security
max-age=315360000; includeSubDomains
content-type
application/javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
LYzbuQmEvqeONR8cjpTMlTxXvXFhN_nS-3fRTE9HX3z4cKFWtwQb-g==
expires
Thu, 03 Nov 2022 00:56:37 GMT
main-init-dll.pack.10870e59bc65821cb2ca9d3913dbc539.js
ok6static.oktacdn.com/assets/js/mvc/init-dll/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok6static.oktacdn.com/assets/js/mvc/init-dll/main-init-dll.pack.10870e59bc65821cb2ca9d3913dbc539.js
Requested by
Host: gamestop.okta.com
URL: https://gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-4.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
df6c2b43f2e0f15d9e95f17c43f49bca9b19b92ce4b5127386d2cd61c31a1c02
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://gamestop.okta.com/
Origin
https://gamestop.okta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
etag
W/"10870e59bc65821cb2ca9d3913dbc539"
age
385138
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 02:58:58 GMT
server
nginx
date
Sun, 31 Oct 2021 08:12:46 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
rC8fiTJ0pT57l52Sj0HBOj1mcn6mBqhDJh2-v-k4Ng2xpxUQNc8fdw==
expires
Mon, 31 Oct 2022 08:12:46 GMT
saasure.nojquery.min.e50e2f73c6c3556467da683277674ce6.js
ok6static.oktacdn.com/assets/js/ 		219 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok6static.oktacdn.com/assets/js/saasure.nojquery.min.e50e2f73c6c3556467da683277674ce6.js
Requested by
Host: gamestop.okta.com
URL: https://gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-4.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
d478a9a00d5aef5fe03e121ea0c086a51ef97403981b39aba5c2d13810b6bcb0
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://gamestop.okta.com/
Origin
https://gamestop.okta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 08:30:06 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1161698
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 12 Aug 2021 01:15:03 GMT
server
nginx
etag
W/"e50e2f73c6c3556467da683277674ce6"
strict-transport-security
max-age=315360000; includeSubDomains
content-type
application/javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
1Xkv32oggBCQEPtbLFi771TyrbGldY_PLEHYFS4SgTQslTLrqHN1lw==
expires
Sat, 22 Oct 2022 08:30:06 GMT
http-error-403.90a38c3891d95252dd80219721555820.png
ok6static.oktacdn.com/assets/img/ui/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok6static.oktacdn.com/assets/img/ui/http-error-403.90a38c3891d95252dd80219721555820.png
Requested by
Host: gamestop.okta.com
URL: https://gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-4.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
acca80801514b989af602218e68d2f3f8e6b4e6a60f721ba36d0042b27deea2f
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamestop.okta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:34:31 GMT
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
age
1319833
x-cache
Hit from cloudfront
content-length
6153
last-modified
Thu, 17 Jan 2019 20:26:53 GMT
server
nginx
etag
"90a38c3891d95252dd80219721555820"
strict-transport-security
max-age=315360000; includeSubDomains
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
iXfiSCZWtA6PhV07U9VotdnCewXtKdl5mq0TJqn4uypOc06Qef_Tyg==
expires
Thu, 20 Oct 2022 12:34:31 GMT
proximanova-reg-webfont.d99a7377dabb55772ca9f986b0a04b57.woff2
ok6static.oktacdn.com/assets/font/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok6static.oktacdn.com/assets/font/proximanova-reg-webfont.d99a7377dabb55772ca9f986b0a04b57.woff2
Requested by
Host: ok6static.oktacdn.com
URL: https://ok6static.oktacdn.com/assets/css/courage/courage.4e83825fe7317393bda6866643295d42.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-4.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ok6static.oktacdn.com/assets/css/courage/courage.4e83825fe7317393bda6866643295d42.css
Origin
https://gamestop.okta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
etag
"d99a7377dabb55772ca9f986b0a04b57"
age
24612
x-cache
Hit from cloudfront
content-length
20416
last-modified
Thu, 17 Jan 2019 20:23:45 GMT
server
nginx
date
Thu, 04 Nov 2021 12:21:32 GMT
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
-7slb_Z9cbQiBM1rRsYTUC3aZBCdm94k1TTkdcxBlFeu_vkC1V_oMg==
expires
Fri, 04 Nov 2022 12:21:32 GMT
proximanova-light-webfont.3bf194f33d52c87ea38f13e04fd41950.woff2
ok6static.oktacdn.com/assets/font/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok6static.oktacdn.com/assets/font/proximanova-light-webfont.3bf194f33d52c87ea38f13e04fd41950.woff2
Requested by
Host: ok6static.oktacdn.com
URL: https://ok6static.oktacdn.com/assets/css/courage/courage.4e83825fe7317393bda6866643295d42.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-4.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
018930498a4b01e598099a6e45d7316d54c7b1411ce2b741a3b1f1b0ed4e578b
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ok6static.oktacdn.com/assets/css/courage/courage.4e83825fe7317393bda6866643295d42.css
Origin
https://gamestop.okta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 16:21:55 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
age
1478989
x-cache
Hit from cloudfront
content-length
20052
last-modified
Thu, 17 Jan 2019 20:23:43 GMT
server
nginx
etag
"3bf194f33d52c87ea38f13e04fd41950"
strict-transport-security
max-age=315360000; includeSubDomains
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/font-woff2
x-amz-cf-id
WJ4r48P--5jT60kBUtV31MCbqfgReBw-CGJRzHshMXWpBDhE4EfImQ==
expires
Tue, 18 Oct 2022 16:21:55 GMT
okticon.31036a2f6d125325e0caa9ba52db6bfd.woff
ok6static.oktacdn.com/assets/font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok6static.oktacdn.com/assets/font/okticon.31036a2f6d125325e0caa9ba52db6bfd.woff
Requested by
Host: ok6static.oktacdn.com
URL: https://ok6static.oktacdn.com/assets/css/courage/courage.4e83825fe7317393bda6866643295d42.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-4.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e98a25ab47e6f3ecc22c6b0830a936776fe1594a1a56ce4e3b32c0b7156a9835
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ok6static.oktacdn.com/assets/css/courage/courage.4e83825fe7317393bda6866643295d42.css
Origin
https://gamestop.okta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
etag
"31036a2f6d125325e0caa9ba52db6bfd"
age
1570680
x-cache
Hit from cloudfront
content-length
22116
last-modified
Thu, 17 Jan 2019 20:23:41 GMT
server
nginx
date
Sun, 17 Oct 2021 14:53:44 GMT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
cFInsGbx1nfeMbIvfYvUTZkz4ePtcrCCfyf80QzsMQ9fN8m9PXXIzQ==
expires
Mon, 17 Oct 2022 14:53:44 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| okta boolean| __OKTA_EXPORT_JQUERY__ function| common object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ function| $ function| jQuery object| Backbone object| BROWSER object| jQuery112407788084829282038 number| ix object| vkbeautify function| jQueryCourage object| InitDll function| oldval function| OktaWayPoint object| webFontConfig object| AjaxForm object| JobManager object| ModalDialog object| Utils object| Preferences object| OktaMetrics function| _ object| webfont object| WebFont object| saasure object| hashChangeHandler object| mixpanel function| trackAdminHelpEvent function| showBadBrowserIfNotSeen

5 Cookies

Domain/Path Name / Value
inside.gamestop.com/ Name: wordpress_test_cookie
Value: WP%20Cookie%20check
inside.gamestop.com/ Name: PHPSESSID
Value: f96aa4e147552afa73bde5ec10d1689f
gamestop.okta.com/ Name: JSESSIONID
Value: 54BC5F48D9393C54D82F80D5C5A4E3B5
gamestop.okta.com/ Name: t
Value: default
gamestop.okta.com/ Name: DT
Value: DI0g5Olp1NNRqCTqtfPbXJ0vQ

1 Console Messages

Source Level URL
Text
network error URL: https://gamestop.okta.com/app/gamestop_intranet_1/exkc62f8xggzUZA790x7/sso/saml
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN