urlscan.io logo urlscan.io
SecurityTrails logo

xero.okta.com Open in urlscan Pro
3.33.201.229  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://github-migration.xero-support.com/
Effective URL: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1gz91ebtmQ087b0h8&nonce=sYEBvLGhDMNoMzbICe4T5yjfZ7ZOKaV...
Submission: On July 12 via automatic, source ayashige — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 3.33.201.229, located in United States and belongs to AMAZON-02, US. The main domain is xero.okta.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 7th 2022. Valid for: a year.
This is the only time xero.okta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 23.36.163.251 20940 (AKAMAI-ASN1)
3 104.75.89.136 16625 (AKAMAI-AS)
5 3.33.201.229 16509 (AMAZON-02)
15 4
Apex Domain
Subdomains		 Transfer
5 okta.com
xero.okta.com
483 KB
4 xero-support.com
github-migration.xero-support.com
745 KB
3 xero.com
edge.xero.com — Cisco Umbrella Rank: 47578
52 KB
0 xero.dev Failed
paas-test.xero.dev Failed
15 4
Domain Requested by
5 xero.okta.com github-migration.xero-support.com
xero.okta.com
4 github-migration.xero-support.com github-migration.xero-support.com
3 edge.xero.com github-migration.xero-support.com
0 paas-test.xero.dev Failed github-migration.xero-support.com
15 4

This site contains no links.

Subject Issuer Validity Valid
public.xero.com
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
*.xero.com
GeoTrust RSA CA 2018		 2022-06-20 -
2023-06-21		 a year crt.sh
*.okta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1gz91ebtmQ087b0h8&nonce=sYEBvLGhDMNoMzbICe4T5yjfZ7ZOKaVcZQqLYAFuONYo2MGXEVDKrnKdqYXT7JhB&redirect_uri=https%3A%2F%2Fgithub-migration.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=h5kgvI3wtV1OeFaPD9YVuUS0t7aRAkc6WZaNqyysNEgAef5fk9EGfPxrYwOu3Uwh&scope=openid%20email%20profile
Frame ID: 13087DAF74A2AC604BE1C72152DE0A28
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Xero - Ongeldige aanvraag

Page URL History Show full URLs

  1. https://github-migration.xero-support.com/ Page URL
  2. https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1gz91ebtmQ087b0h8&nonce=sYEBvLGhDMN... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

15
Requests

80 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

1279 kB
Transfer

4616 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://github-migration.xero-support.com/ Page URL
  2. https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1gz91ebtmQ087b0h8&nonce=sYEBvLGhDMNoMzbICe4T5yjfZ7ZOKaVcZQqLYAFuONYo2MGXEVDKrnKdqYXT7JhB&redirect_uri=https%3A%2F%2Fgithub-migration.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=h5kgvI3wtV1OeFaPD9YVuUS0t7aRAkc6WZaNqyysNEgAef5fk9EGfPxrYwOu3Uwh&scope=openid%20email%20profile Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
github-migration.xero-support.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://github-migration.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-251.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c729f5a90832568aec642bc100366b0d617237770a1c1030738115c17f494f1c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
max-age=0
content-encoding
gzip
content-length
470
content-type
text/html
date
Tue, 12 Jul 2022 06:36:34 GMT
etag
W/"62ccedb2-433"
expires
Tue, 12 Jul 2022 06:36:34 GMT
last-modified
Tue, 12 Jul 2022 03:42:42 GMT
server
nginx
vary
Accept-Encoding
x-envoy-upstream-service-time
0
config.js
github-migration.xero-support.com/ 		304 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://github-migration.xero-support.com/config.js
Requested by
Host: github-migration.xero-support.com
URL: https://github-migration.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-251.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d21424a270f4dde65a8970aa8205ace0109def98d8898a09d1867c4276fc7bdd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://github-migration.xero-support.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 06:36:34 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 03:46:08 GMT
server
nginx
etag
"62ccee80-130"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
x-envoy-upstream-service-time
2
accept-ranges
bytes
content-length
228
expires
Tue, 12 Jul 2022 06:51:34 GMT
xui.min.css
edge.xero.com/style/xui/19.1.0/ 		242 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/style/xui/19.1.0/xui.min.css
Requested by
Host: github-migration.xero-support.com
URL: https://github-migration.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.136 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-136.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
eecdee66caa6f2ddb04272111dc190694496ecec19dae927e5c33ffbdb06a80d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://github-migration.xero-support.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
GOpVNjFvPxDVcGsSWel9CWH1tthZfdTH
content-encoding
br
etag
"3b1190833d5ac57b3e3c41ed3ce422fb"
x-amz-request-id
1T5GVJXHBQ1648K4
x-amz-replication-status
COMPLETED
content-length
23659
x-amz-id-2
kkgxevUZj7e+vwKjUaufTh2HvMfrxuNmgz/j3jJBBVYeP6HFfwoyNRszpN27SSFrCm/imUWFLf0=
last-modified
Tue, 18 Jan 2022 06:05:16 GMT
server
Akamai Resource Optimizer
date
Tue, 12 Jul 2022 06:36:34 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=7775999
accept-ranges
bytes
header.min.css
edge.xero.com/platform/header/4.7.1/ 		32 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/platform/header/4.7.1/header.min.css
Requested by
Host: github-migration.xero-support.com
URL: https://github-migration.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.136 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-136.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
cbcc29e795b9ddba0c0704477b434b4cedc97885efb7a813c78ad4981ec12b98

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://github-migration.xero-support.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
00OSQSBGcUhLGFRxB8iG37slefLcNrgW
content-encoding
br
etag
"72fb482d1518376467a40bf8e7dd49f3"
x-amz-request-id
WWQHRCW34GMME0A2
x-amz-replication-status
COMPLETED
content-length
5012
x-amz-id-2
C67WumBHsT14QqSIl7J5BYXonOt3I4y1xAR5pA9U8fikQYAPM9OV0gTf5UdEHdFo504mQ8UvSTk=
last-modified
Thu, 30 Jun 2022 21:49:15 GMT
server
Akamai Resource Optimizer
date
Tue, 12 Jul 2022 06:36:34 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=7775945
accept-ranges
bytes
main.9c3b0460.js
github-migration.xero-support.com/static/js/ 		4 MB
742 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://github-migration.xero-support.com/static/js/main.9c3b0460.js
Requested by
Host: github-migration.xero-support.com
URL: https://github-migration.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-251.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
02051cad30c0659ed5b6592c61922cb887504e2c01390548d8d0392515aa03d5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://github-migration.xero-support.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 06:36:35 GMT
content-encoding
br
last-modified
Tue, 12 Jul 2022 06:25:57 GMT
server
Akamai Resource Optimizer
etag
"62ccedb2-3afadc"
content-type
application/javascript
cache-control
max-age=85753
x-envoy-upstream-service-time
0
accept-ranges
bytes
content-length
757126
expires
Wed, 13 Jul 2022 06:25:48 GMT
main.40c11e10.css
github-migration.xero-support.com/static/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://github-migration.xero-support.com/static/css/main.40c11e10.css
Requested by
Host: github-migration.xero-support.com
URL: https://github-migration.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-251.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
35abd901f6df704ee9e35b5b6a1dbaad17829fbab81c976027ef86528215b21c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://github-migration.xero-support.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 06:36:34 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 03:42:42 GMT
server
nginx
etag
"62ccedb2-18c7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=138
x-envoy-upstream-service-time
2
accept-ranges
bytes
content-length
2150
expires
Tue, 12 Jul 2022 06:38:52 GMT
header.min.js
edge.xero.com/platform/header/4.7.1/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/platform/header/4.7.1/header.min.js
Requested by
Host: github-migration.xero-support.com
URL: https://github-migration.xero-support.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.136 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-136.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
6639bb426ae2b2c51e981bd12ee6db28c8791452f6b491c09c12b95a93a9afd8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://github-migration.xero-support.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
CYkJlHePe5ofFTKNAfsEl8rKo1PZK6ks
content-encoding
br
etag
"0366c235e8b18c56ff0000c46838f081"
x-amz-request-id
8DT03WZ5P7XN5CMM
x-amz-replication-status
COMPLETED
content-length
22769
x-amz-id-2
9iOz7X5oGPGZ7m+D1KvtvK62Gf98/a5O524dmAr3Rvi0aT8yZwKBwpZ3ZnFC0ErgUOarKPMlc18=
last-modified
Thu, 30 Jun 2022 22:27:39 GMT
server
Akamai Resource Optimizer
date
Tue, 12 Jul 2022 06:36:34 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7775975
accept-ranges
bytes
headerlogo.svg
github-migration.xero-support.com/ 		0
0
/
paas-test.xero.dev/api/self/ 		0
0
/
paas-test.xero.dev/api/self/ 		0
0
Primary Request authorize
xero.okta.com/oauth2/default/v1/ 		2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1gz91ebtmQ087b0h8&nonce=sYEBvLGhDMNoMzbICe4T5yjfZ7ZOKaVcZQqLYAFuONYo2MGXEVDKrnKdqYXT7JhB&redirect_uri=https%3A%2F%2Fgithub-migration.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=h5kgvI3wtV1OeFaPD9YVuUS0t7aRAkc6WZaNqyysNEgAef5fk9EGfPxrYwOu3Uwh&scope=openid%20email%20profile
Requested by
Host: github-migration.xero-support.com
URL: https://github-migration.xero-support.com/static/js/main.9c3b0460.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
b0415b34c6c646dde133e1e0c2b3018c1306876d97b093a40a073a13f28b5bc4
Security Headers
Name Value
Content-Security-Policy default-src 'self' xero.okta.com *.oktacdn.com; connect-src 'self' xero.okta.com xero-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com xero.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' xero.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' xero.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' xero.okta.com xero-admin.okta.com login.okta.com; img-src 'self' xero.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' xero.okta.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://github-migration.xero-support.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store
content-language
nl-NL
content-length
2409
content-security-policy
default-src 'self' xero.okta.com *.oktacdn.com; connect-src 'self' xero.okta.com xero-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com xero.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' xero.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' xero.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' xero.okta.com xero-admin.okta.com login.okta.com; img-src 'self' xero.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' xero.okta.com data: *.oktacdn.com fonts.gstatic.com
content-type
text/html;charset=utf-8
date
Tue, 12 Jul 2022 06:36:36 GMT
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires
0
p3p
CP="HONK"
pragma
no-cache
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
x-content-type-options
nosniff
x-okta-request-id
Ys0WdHX7yHQR43F0k_TpqwAABEI
x-rate-limit-limit
2000
x-rate-limit-remaining
1983
x-rate-limit-reset
1657607828
x-xss-protection
0
errors-v2.css
xero.okta.com/assets/css/sections/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/assets/css/sections/errors-v2.css
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1gz91ebtmQ087b0h8&nonce=sYEBvLGhDMNoMzbICe4T5yjfZ7ZOKaVcZQqLYAFuONYo2MGXEVDKrnKdqYXT7JhB&redirect_uri=https%3A%2F%2Fgithub-migration.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=h5kgvI3wtV1OeFaPD9YVuUS0t7aRAkc6WZaNqyysNEgAef5fk9EGfPxrYwOu3Uwh&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 06:36:36 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 22:31:27 GMT
server
nginx
etag
W/"80127ba5c47706686501006723ba83da"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
strict-transport-security
max-age=315360000; includeSubDomains
expires
Wed, 12 Jul 2023 06:36:36 GMT
style-sheet
xero.okta.com/api/internal/brand/theme/ 		341 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xero.okta.com/api/internal/brand/theme/style-sheet?touch-point=ERROR_PAGE&v=1c27e24560b38e40d8332a57bb5050be
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1gz91ebtmQ087b0h8&nonce=sYEBvLGhDMNoMzbICe4T5yjfZ7ZOKaVcZQqLYAFuONYo2MGXEVDKrnKdqYXT7JhB&redirect_uri=https%3A%2F%2Fgithub-migration.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=h5kgvI3wtV1OeFaPD9YVuUS0t7aRAkc6WZaNqyysNEgAef5fk9EGfPxrYwOu3Uwh&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
f7ccbf90b79df0fb9645a4d4b5165d6183fec5057f3f0ffb583644b0a5274520
Security Headers
Name Value
Content-Security-Policy default-src 'self' xero.okta.com *.oktacdn.com; connect-src 'self' xero.okta.com xero-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com xero.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' xero.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' xero.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' xero.okta.com xero-admin.okta.com login.okta.com; img-src 'self' xero.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' xero.okta.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-okta-request-id
Ys0WdGcqHE-rZ-lx527T3gAABU8
date
Tue, 12 Jul 2022 06:36:36 GMT
content-encoding
gzip
x-rate-limit-limit
2400
x-rate-limit-remaining
2398
content-security-policy-report-only
default-src 'self' xero.okta.com *.oktacdn.com; connect-src 'self' xero.okta.com xero-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com xero.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' xero.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' xero.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' xero.okta.com xero-admin.okta.com login.okta.com; img-src 'self' xero.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' xero.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
p3p
CP="HONK"
vary
Accept-Encoding
x-xss-protection
0
server
nginx
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
strict-transport-security
max-age=315360000; includeSubDomains
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, must-revalidate
x-rate-limit-reset
1657607853
content-security-policy
default-src 'self' xero.okta.com *.oktacdn.com; connect-src 'self' xero.okta.com xero-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com xero.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' xero.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' xero.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' xero.okta.com xero-admin.okta.com login.okta.com; img-src 'self' xero.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' xero.okta.com data: *.oktacdn.com fonts.gstatic.com
content-type
text/css
x-content-type-options
nosniff
expires
Wed, 12 Jul 2023 06:36:36 GMT
fs02vl8jezDJFANBZSJW
xero.okta.com/fs/bco/1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xero.okta.com/fs/bco/1/fs02vl8jezDJFANBZSJW
Requested by
Host: xero.okta.com
URL: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1gz91ebtmQ087b0h8&nonce=sYEBvLGhDMNoMzbICe4T5yjfZ7ZOKaVcZQqLYAFuONYo2MGXEVDKrnKdqYXT7JhB&redirect_uri=https%3A%2F%2Fgithub-migration.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=h5kgvI3wtV1OeFaPD9YVuUS0t7aRAkc6WZaNqyysNEgAef5fk9EGfPxrYwOu3Uwh&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
4aab00468ab032ab934c1e40174b176781b64df67d256203d1d44e1d9bc84bda
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 06:36:36 GMT
last-modified
Tue, 16 Jul 2019 19:33:37 GMT
server
nginx
etag
"0de2590a902e0af182998e4ffeca09d3"
strict-transport-security
max-age=315360000; includeSubDomains
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-type
image/png
content-length
1635
expires
Wed, 12 Jul 2023 06:36:36 GMT
fs01o9y4o7rRoUZ4u0h8
xero.okta.com/fs/bco/7/ 		472 KB
473 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xero.okta.com/fs/bco/7/fs01o9y4o7rRoUZ4u0h8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.201.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a89c2f8ab8ab01436.awsglobalaccelerator.com
Software
nginx /
Resource Hash
3d91988372eddc90d68c379484669bdbd4a9e711a1bf9660dc015394bbd0b9a7
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1gz91ebtmQ087b0h8&nonce=sYEBvLGhDMNoMzbICe4T5yjfZ7ZOKaVcZQqLYAFuONYo2MGXEVDKrnKdqYXT7JhB&redirect_uri=https%3A%2F%2Fgithub-migration.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=h5kgvI3wtV1OeFaPD9YVuUS0t7aRAkc6WZaNqyysNEgAef5fk9EGfPxrYwOu3Uwh&scope=openid%20email%20profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 06:36:36 GMT
last-modified
Wed, 13 Apr 2022 00:01:35 GMT
server
nginx
etag
"22175a4010d71d7b5be7b26fab1d1b85"
strict-transport-security
max-age=315360000; includeSubDomains
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
content-type
image/png
content-length
482947
expires
Wed, 12 Jul 2023 06:36:36 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
github-migration.xero-support.com
URL
https://github-migration.xero-support.com/headerlogo.svg
Domain
paas-test.xero.dev
URL
https://paas-test.xero.dev/api/self/
Domain
paas-test.xero.dev
URL
https://paas-test.xero.dev/api/self/

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

8 Cookies

Domain/Path Name / Value
github-migration.xero-support.com/kiali Name: kialitoken
Value: undefined
.xero-support.com/ Name: ak_bmsc
Value: B1E810EB83DAD2763E35ACE8B162EA13~000000000000000000000000000000~YAAQ36EkFzdJ3+6BAQAA8K0f8RCB0mf2WiWAjMqoMWBp568n9vEALTu+wowOaCdIrP+6nsJJMFJIlgbBLX/7iuJBuQqiqC0evww1UJF+oYbD4QRmsn57v4Zxs98mDbDg7HGjVK+Jl1i9cAQO8l/w+AEauUr/TLti60EX/I2xNd4YOWcqrI2CfPpStyoqQewsQoFI2xFAQGCW8uNmSuwMrIzNVudzdtcb5In9Gn2wEwU4YSOf35dde7vvsbTgmKO7kKxLGTqlRGNqkl28dfAPTrdC4iGm4J/x+kFOa850JLw+NT0XjHHcZeE5llY3Fmw+kqKjmsjwi5GlSABCT8yiz8JuZTrS58sxxq/v1hd/EOFV8QXrUI9BdJkDhrekPzdWeUYysn48zuyLi/eHn70RDEw=
github-migration.xero-support.com/ Name: okta-oauth-redirect-params
Value: {%22responseType%22:[%22id_token%22%2C%22token%22]%2C%22state%22:%22h5kgvI3wtV1OeFaPD9YVuUS0t7aRAkc6WZaNqyysNEgAef5fk9EGfPxrYwOu3Uwh%22%2C%22nonce%22:%22sYEBvLGhDMNoMzbICe4T5yjfZ7ZOKaVcZQqLYAFuONYo2MGXEVDKrnKdqYXT7JhB%22%2C%22scopes%22:[%22openid%22%2C%22email%22%2C%22profile%22]%2C%22clientId%22:%220oa1gz91ebtmQ087b0h8%22%2C%22urls%22:{%22issuer%22:%22https://xero.okta.com/oauth2/default%22%2C%22authorizeUrl%22:%22https://xero.okta.com/oauth2/default/v1/authorize%22%2C%22userinfoUrl%22:%22https://xero.okta.com/oauth2/default/v1/userinfo%22%2C%22tokenUrl%22:%22https://xero.okta.com/oauth2/default/v1/token%22%2C%22revokeUrl%22:%22https://xero.okta.com/oauth2/default/v1/revoke%22%2C%22logoutUrl%22:%22https://xero.okta.com/oauth2/default/v1/logout%22}%2C%22ignoreSignature%22:false}
github-migration.xero-support.com/ Name: okta-oauth-nonce
Value: sYEBvLGhDMNoMzbICe4T5yjfZ7ZOKaVcZQqLYAFuONYo2MGXEVDKrnKdqYXT7JhB
github-migration.xero-support.com/ Name: okta-oauth-state
Value: h5kgvI3wtV1OeFaPD9YVuUS0t7aRAkc6WZaNqyysNEgAef5fk9EGfPxrYwOu3Uwh
xero.okta.com/ Name: t
Value: default
xero.okta.com/ Name: DT
Value: DI0eRoC15NCToyCnJjeIHfW3Q
xero.okta.com/ Name: JSESSIONID
Value: D91C25D7707AFEACF23C1C9A4B225345

1 Console Messages

Source Level URL
Text
network error URL: https://xero.okta.com/oauth2/default/v1/authorize?client_id=0oa1gz91ebtmQ087b0h8&nonce=sYEBvLGhDMNoMzbICe4T5yjfZ7ZOKaVcZQqLYAFuONYo2MGXEVDKrnKdqYXT7JhB&redirect_uri=https%3A%2F%2Fgithub-migration.xero-support.com%2Fimplicit%2Fcallback&response_mode=fragment&response_type=id_token%20token&state=h5kgvI3wtV1OeFaPD9YVuUS0t7aRAkc6WZaNqyysNEgAef5fk9EGfPxrYwOu3Uwh&scope=openid%20email%20profile
Message:
Failed to load resource: the server responded with a status of 400 ()