urlscan.io logo urlscan.io
SecurityTrails logo

sit.auth.epa.vic.gov.au Open in urlscan Pro
35.172.155.67  Public Scan

Go To Rescan Add Verdict Report
URL: https://sit.auth.epa.vic.gov.au/
Submission: On November 23 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 35.172.155.67, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is sit.auth.epa.vic.gov.au.
TLS certificate: Issued by Thawte RSA CA 2018 on November 19th 2019. Valid for: a year.
This is the only time sit.auth.epa.vic.gov.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.172.155.67 14618 (AMAZON-AES)
8 13.227.156.61 16509 (AMAZON-02)
1 2 40.127.83.98 8075 (MICROSOFT...)
1 13.227.156.126 16509 (AMAZON-02)
11 4
Domain Requested by
8 op1static.oktacdn.com sit.auth.epa.vic.gov.au
op1static.oktacdn.com
2 www.epa.vic.gov.au 1 redirects sit.auth.epa.vic.gov.au
1 login.okta.com op1static.oktacdn.com
1 sit.auth.epa.vic.gov.au
11 4

This site contains no links.

Subject Issuer Validity Valid
sit.auth.epa.vic.gov.au
Thawte RSA CA 2018		 2019-11-19 -
2020-11-18		 a year crt.sh
*.oktacdn.com
DigiCert SHA2 High Assurance Server CA		 2017-11-01 -
2021-01-06		 3 years crt.sh
identity.epa.vic.gov.au
Thawte EV RSA CA 2018		 2019-04-23 -
2021-04-22		 2 years crt.sh
accounts.okta.com
DigiCert SHA2 High Assurance Server CA		 2019-07-29 -
2021-07-29		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://sit.auth.epa.vic.gov.au/
Frame ID: C115A96EBFA5425DFF0EE292D41E5247
Requests: 10 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: D6122D3A3BE2A386CF8A7682780491C1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

535 kB
Transfer

1572 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://www.epa.vic.gov.au/~/media/Images/Carousels/In-our-nature-1000x270.jpg HTTP 302
  • https://www.epa.vic.gov.au/notfound/

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
sit.auth.epa.vic.gov.au/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sit.auth.epa.vic.gov.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.155.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-155-67.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0f3709cc5e2e0a8dac1fbe0d7527a1a6f173438818b7b3ad6d9e0b2a9ded8d18
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Host
sit.auth.epa.vic.gov.au
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 23 Nov 2020 07:18:04 GMT
Server
nginx
Content-Type
text/html;charset=utf-8
Vary
Accept-Encoding
X-Okta-Request-Id
X7tiLOpw1VZ@F@G5OZwXnwAACk4
X-XSS-Protection
0
P3P
CP="HONK"
X-Rate-Limit-Limit
850
X-Rate-Limit-Remaining
848
X-Rate-Limit-Reset
1606115944
Expect-CT
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
0
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=edge
Content-Language
en
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-Robots-Tag
none
Content-Encoding
gzip
Set-Cookie
sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ JSESSIONID=1E22E0616B30BE8880085C1DF883E919; Path=/; Secure; HttpOnly t=default; Path=/ DT=DI0pUxwz91aQ_qibnOwppvTUQ;Version=1;Path=/;Max-Age=63072000;Secure;Expires=Wed, 23 Nov 2022 07:18:04 GMT;SameSite=None sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
okta-sign-in.min.js
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/js/ 		1 MB
349 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/js/okta-sign-in.min.js
Requested by
Host: sit.auth.epa.vic.gov.au
URL: https://sit.auth.epa.vic.gov.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.156.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-156-61.muc51.r.cloudfront.net
Software
nginx /
Resource Hash
f27daa844f6b3c459fdf04a0bccd7a7d1eb2e22a5211c725ddd21f6f859d7f57
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://sit.auth.epa.vic.gov.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 11 Nov 2020 17:01:24 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1001801
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 30 Apr 2020 01:44:33 GMT
server
nginx
etag
W/"24226971e0903c7d7f0fb8443f68c6c1"
strict-transport-security
max-age=315360000; includeSubDomains
content-type
application/javascript
via
1.1 62e719fa1465c080baa6431ff642a8a0.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
MUC51-C1
x-amz-cf-id
Aa2jG3INvdBf-u0Vp5B46py2SvpKD8O7g1qNKVoffBvJC_oTfzRbpA==
expires
Thu, 11 Nov 2021 17:01:24 GMT
okta-sign-in.min.css
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/css/ 		181 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/css/okta-sign-in.min.css
Requested by
Host: sit.auth.epa.vic.gov.au
URL: https://sit.auth.epa.vic.gov.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.156.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-156-61.muc51.r.cloudfront.net
Software
nginx /
Resource Hash
ea529b703d4233c8502c032419c0b5238ec604bf77f3f9425db9ae0a8bc17aea
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://sit.auth.epa.vic.gov.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 22:43:13 GMT
content-encoding
gzip
vary
Accept-Encoding
age
203692
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 30 Apr 2020 01:44:22 GMT
server
nginx
etag
W/"ec3aabb09a523e499e64ec432f326976"
strict-transport-security
max-age=315360000; includeSubDomains
content-type
text/css
via
1.1 62e719fa1465c080baa6431ff642a8a0.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
MUC51-C1
x-amz-cf-id
OuRsR8LUSjVNBx7M5Hp59Y3UPLNCM0SFI4KYm_HU1tYkP8-PC8o5Ew==
expires
Sat, 20 Nov 2021 22:43:13 GMT
custom-signin.bb8f4ce4363dd17160adb27f2ab5f478.css
op1static.oktacdn.com/assets/loginpage/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://op1static.oktacdn.com/assets/loginpage/css/custom-signin.bb8f4ce4363dd17160adb27f2ab5f478.css
Requested by
Host: sit.auth.epa.vic.gov.au
URL: https://sit.auth.epa.vic.gov.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.156.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-156-61.muc51.r.cloudfront.net
Software
nginx /
Resource Hash
6ad0ad11086d50749bb41cf96cf712c1e61f458b4f6844f36f4ba21960417250
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://sit.auth.epa.vic.gov.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 04:45:20 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1564365
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 Feb 2020 22:13:11 GMT
server
nginx
etag
W/"bb8f4ce4363dd17160adb27f2ab5f478"
strict-transport-security
max-age=315360000; includeSubDomains
content-type
text/css
via
1.1 62e719fa1465c080baa6431ff642a8a0.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
MUC51-C1
x-amz-cf-id
qaJjtGPkiHoXD-Z00VAnGNQJIc-kVc3HX05ViY5vsCMyhCDVwqJqwg==
expires
Fri, 05 Nov 2021 04:45:20 GMT
initLoginPage.pack.e4d8da92b7fc0974c4584ead28299fec.js
op1static.oktacdn.com/assets/js/mvc/loginpage/ 		298 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://op1static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.e4d8da92b7fc0974c4584ead28299fec.js
Requested by
Host:
URL: OktaUtil.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.156.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-156-61.muc51.r.cloudfront.net
Software
nginx /
Resource Hash
937282ba00e74dc13549c8c2529cab4db566cbc1779691dac58cf2dddf18e4d8
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://sit.auth.epa.vic.gov.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 01:24:06 GMT
content-encoding
gzip
vary
Accept-Encoding
age
885239
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 05 Nov 2020 03:28:59 GMT
server
nginx
etag
W/"e4d8da92b7fc0974c4584ead28299fec"
strict-transport-security
max-age=315360000; includeSubDomains
content-type
application/javascript
via
1.1 62e719fa1465c080baa6431ff642a8a0.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
MUC51-C1
x-amz-cf-id
x0BARU_O7SvJJhJN7S-RhtgNPioiUBYiTtlu2qXEz10tJaTtZW-XWg==
expires
Sat, 13 Nov 2021 01:24:06 GMT
/
www.epa.vic.gov.au/notfound/
Redirect Chain
  • https://www.epa.vic.gov.au/~/media/Images/Carousels/In-our-nature-1000x270.jpg
  • https://www.epa.vic.gov.au/notfound/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.epa.vic.gov.au/notfound/
Requested by
Host: sit.auth.epa.vic.gov.au
URL: https://sit.auth.epa.vic.gov.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.127.83.98 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sit.auth.epa.vic.gov.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
/notfound/
Date
Mon, 23 Nov 2020 07:18:06 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
Content-Length
127
Content-Type
text/html; charset=utf-8
fs0novkh0ehgKlM300h7
op1static.oktacdn.com/fs/bco/1/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://op1static.oktacdn.com/fs/bco/1/fs0novkh0ehgKlM300h7
Requested by
Host: sit.auth.epa.vic.gov.au
URL: https://sit.auth.epa.vic.gov.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.156.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-156-61.muc51.r.cloudfront.net
Software
nginx /
Resource Hash
da23825dd4a2ec07a9e8e67be162d8f4bfbb8f8fd057f7aa55cdac707d80fc9b
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://sit.auth.epa.vic.gov.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 07:18:05 GMT
via
1.1 62e719fa1465c080baa6431ff642a8a0.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC51-C1
x-cache
Miss from cloudfront
content-length
4159
last-modified
Wed, 02 Oct 2019 06:05:56 GMT
server
nginx
etag
"c93059780311e01c30b596d1c41d3e17"
strict-transport-security
max-age=315360000; includeSubDomains
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
M-Wbdaq-neVrlPWk27Lo68CAkDBNdb4PXmgwcfYxs7ShibtEdtkrnw==
expires
Tue, 23 Nov 2021 07:18:05 GMT
checkbox-sign-in-widget.png
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: op1static.oktacdn.com
URL: https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.156.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-156-61.muc51.r.cloudfront.net
Software
nginx /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 22:43:22 GMT
via
1.1 62e719fa1465c080baa6431ff642a8a0.cloudfront.net (CloudFront)
age
203683
x-cache
Hit from cloudfront
content-length
3141
last-modified
Thu, 30 Apr 2020 01:44:31 GMT
server
nginx
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
strict-transport-security
max-age=315360000; includeSubDomains
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
MUC51-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
6XlkP1xjsPqMFyCCmsdGfRj6K21pPYrdOs24dQ1JBgiMz_0-irTrxw==
expires
Sat, 20 Nov 2021 22:43:22 GMT
montserrat-light-webfont.woff
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/font/montserrat-light-webfont.woff
Requested by
Host: op1static.oktacdn.com
URL: https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.156.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-156-61.muc51.r.cloudfront.net
Software
nginx /
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Origin
https://sit.auth.epa.vic.gov.au
Referer
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 03:59:02 GMT
via
1.1 48d48000b22cc0a73550fdae51ee2662.cloudfront.net (CloudFront)
age
11943
x-cache
Hit from cloudfront
content-length
22112
last-modified
Thu, 30 Apr 2020 01:44:23 GMT
server
nginx
etag
"6225f3ca44b83090833064727a09cc95"
strict-transport-security
max-age=315360000; includeSubDomains
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
MUC51-C1
accept-ranges
bytes
content-type
application/font-woff
x-amz-cf-id
V3vMr8ZWA8ejWCq02sBvrn-jculhH5rBAmr5dNFgs96kIkm1o_8CNA==
expires
Tue, 23 Nov 2021 03:59:02 GMT
montserrat-regular-webfont.woff
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/font/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/font/montserrat-regular-webfont.woff
Requested by
Host: op1static.oktacdn.com
URL: https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.156.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-156-61.muc51.r.cloudfront.net
Software
nginx /
Resource Hash
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Origin
https://sit.auth.epa.vic.gov.au
Referer
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 04:42:51 GMT
via
1.1 48d48000b22cc0a73550fdae51ee2662.cloudfront.net (CloudFront)
age
441314
x-cache
Hit from cloudfront
content-length
21980
last-modified
Thu, 30 Apr 2020 01:44:23 GMT
server
nginx
etag
"8f2822b73b5f9c106c6f2e0db820bcbb"
strict-transport-security
max-age=315360000; includeSubDomains
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
MUC51-C1
accept-ranges
bytes
content-type
application/font-woff
x-amz-cf-id
Z4wifbCOjfKPTr9kPZbl03Yt0PyM-JhDwZD2by-gi_B1Jtu6Wdyqqg==
expires
Thu, 18 Nov 2021 04:42:51 GMT
iframe.html
login.okta.com/discovery/ Frame D612 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: op1static.oktacdn.com
URL: https://op1static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.e4d8da92b7fc0974c4584ead28299fec.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.227.156.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-156-126.muc51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
login.okta.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sit.auth.epa.vic.gov.au/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sit.auth.epa.vic.gov.au/

Response headers

Content-Type
text/html
Content-Length
546
Connection
keep-alive
Last-Modified
Mon, 09 Nov 2020 17:10:30 GMT
Server
AmazonS3
Date
Mon, 23 Nov 2020 06:13:26 GMT
ETag
"953e10853c650e0e1662b7e24256ad76"
X-Cache
Hit from cloudfront
Via
1.1 8685972bf77e5f24fd436c18e051a434.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC51-C1
X-Amz-Cf-Id
4BmZO-leTVC3KUfKZGXbBmylq9LHetxL7-UsWyRzq9T9L1kT88G-rA==
Age
3886

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Backbone function| jQueryCourage function| OktaSignIn function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil object| config object| oktaSignIn object| OktaLogin object| jQBrowser

4 Cookies

Domain/Path Name / Value
sit.auth.epa.vic.gov.au/ Name: t
Value: default
.epa.vic.gov.au/ Name: dtCookie
Value: v_4_srv_2_sn_68FCFFE22B449F2A29A706CA55FFE2CA_perc_100000_ol_0_mul_1
sit.auth.epa.vic.gov.au/ Name: DT
Value: DI0pUxwz91aQ_qibnOwppvTUQ
sit.auth.epa.vic.gov.au/ Name: JSESSIONID
Value: 1E22E0616B30BE8880085C1DF883E919

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0