urlscan.io logo urlscan.io
SecurityTrails logo

sso-staging.test.security.cisco.com Open in urlscan Pro
3.33.152.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://df3zgr9rzrvm2.cloudfront.net/
Effective URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7Sr...
Submission: On May 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 3.33.152.248, located in United States and belongs to AMAZON-02, US. The main domain is sso-staging.test.security.cisco.com.
TLS certificate: Issued by HydrantID Server CA O1 on August 7th 2023. Valid for: a year.
This is the only time sso-staging.test.security.cisco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2600:9000:267... 16509 (AMAZON-02)
2 15.197.151.86 16509 (AMAZON-02)
1 3.33.152.248 16509 (AMAZON-02)
2 92.123.148.55 16625 (AKAMAI-AS)
5 2600:9000:215... 16509 (AMAZON-02)
19 5
9    2600:9000:2670:a200:1:be1d:f280:93a1 (United States)

ASN16509 (AMAZON-02, US)
df3zgr9rzrvm2.cloudfront.net
2    15.197.151.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: a9d4dea8e2661b2ed.awsglobalaccelerator.com
sso-staging.test.security.cisco.com
1    3.33.152.248 (United States)

ASN16509 (AMAZON-02, US)
PTR: a9d4dea8e2661b2ed.awsglobalaccelerator.com
sso-staging.test.security.cisco.com
2    92.123.148.55 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-55.deploy.static.akamaitechnologies.com
cdn.walkme.com
5    2600:9000:2156:b400:6:5751:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
sso-apps.security.cisco.com
Apex Domain
Subdomains		 Transfer
9 cloudfront.net
df3zgr9rzrvm2.cloudfront.net
316 KB
8 cisco.com
sso-staging.test.security.cisco.com
sso-apps.security.cisco.com — Cisco Umbrella Rank: 229323
206 KB
2 walkme.com
cdn.walkme.com — Cisco Umbrella Rank: 1463
9 KB
19 3
Domain Requested by
9 df3zgr9rzrvm2.cloudfront.net df3zgr9rzrvm2.cloudfront.net
5 sso-apps.security.cisco.com sso-staging.test.security.cisco.com
3 sso-staging.test.security.cisco.com df3zgr9rzrvm2.cloudfront.net
2 cdn.walkme.com sso-staging.test.security.cisco.com
cdn.walkme.com
19 4

This site contains no links.

Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
sso-staging.test.security.cisco.com
HydrantID Server CA O1		 2023-08-07 -
2024-08-06		 a year crt.sh
walkme.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-04 -
2024-12-03		 a year crt.sh
sso-apps.security.cisco.com
Amazon RSA 2048 M02		 2024-01-29 -
2025-02-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Frame ID: A5D5F4B5377DE35D715B4B7056F7666B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SecureX sign-on (Staging) - Schlechte Anfrage

Page URL History Show full URLs

  1. https://df3zgr9rzrvm2.cloudfront.net/ Page URL
  2. https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code... Page URL

Page Statistics

19
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

530 kB
Transfer

1564 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://df3zgr9rzrvm2.cloudfront.net/ Page URL
  2. https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
df3zgr9rzrvm2.cloudfront.net/ 		375 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://df3zgr9rzrvm2.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:a200:1:be1d:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f0b180819aaadad4f125935fe92f420a9bba311697bbc0d83763b66ee770f3b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-disposition
inline; filename="index.html"
content-encoding
gzip
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Sun, 05 May 2024 08:50:42 GMT
etag
W/"42aefb9716af9103c375a0a217cbb12314f57f20"
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding,Accept-Encoding Origin
via
1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
x-amz-cf-id
b7--oXS1SEjkm1nQjB5tU8AykD4RuCaWMyWEzHWcJrDZt7Hkdyerdw==
x-amz-cf-pop
FRA56-P9
x-cache
Miss from cloudfront
x-envoy-decorator-operation
scc-host-staging-svc.security-cloud-gateway.svc.cluster.local:3000/*
x-envoy-upstream-service-time
1
main.afe6ff35.js
df3zgr9rzrvm2.cloudfront.net/static/js/ 		411 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df3zgr9rzrvm2.cloudfront.net/static/js/main.afe6ff35.js
Requested by
Host: df3zgr9rzrvm2.cloudfront.net
URL: https://df3zgr9rzrvm2.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:a200:1:be1d:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c70f3d67dbb9d6fe19a3f1fcc985f6f52d70a3aac82fd1ae24903a90df2ae00f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://df3zgr9rzrvm2.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-envoy-decorator-operation
scc-host-staging-svc.security-cloud-gateway.svc.cluster.local:3000/*
date
Sun, 05 May 2024 08:50:42 GMT
via
1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self';
x-amz-cf-pop
FRA56-P9
etag
"e06d44b219a316d3dc4fe3968bd368fd54dc52cf"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
5
content-disposition
inline; filename="main.afe6ff35.js"
accept-ranges
bytes
x-amz-cf-id
CXT9GkvuMG8JRUTGMA-2-sCVLF89zp5cviJNjvo0pUljTJVMiLrYtQ==
725.5cc5e432.chunk.css
df3zgr9rzrvm2.cloudfront.net/static/css/ 		324 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://df3zgr9rzrvm2.cloudfront.net/static/css/725.5cc5e432.chunk.css
Requested by
Host: df3zgr9rzrvm2.cloudfront.net
URL: https://df3zgr9rzrvm2.cloudfront.net/static/js/main.afe6ff35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:a200:1:be1d:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77cb0a65669666999f7f03c723e7b59cbf25d2ee859f603e1432c4c261d3e71f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://df3zgr9rzrvm2.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-envoy-decorator-operation
scc-host-staging-svc.security-cloud-gateway.svc.cluster.local:3000/*
date
Sun, 05 May 2024 08:50:43 GMT
via
1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self';
x-amz-cf-pop
FRA56-P9
etag
"8375bc4139cc84ccc0a4a5bdf0d8b3388ec559b8"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
text/css; charset=utf-8
x-envoy-upstream-service-time
4
content-disposition
inline; filename="725.5cc5e432.chunk.css"
accept-ranges
bytes
x-amz-cf-id
g2XlPTk_Tugy5f177AMKO9FxckI3rwxtQvZ-kMZCFqx-1M9dtPGhgQ==
725.ccf1058d.chunk.js
df3zgr9rzrvm2.cloudfront.net/static/js/ 		525 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df3zgr9rzrvm2.cloudfront.net/static/js/725.ccf1058d.chunk.js
Requested by
Host: df3zgr9rzrvm2.cloudfront.net
URL: https://df3zgr9rzrvm2.cloudfront.net/static/js/main.afe6ff35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:a200:1:be1d:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
01a5477a772e6f3d763942ff3ae1302708ce1b939b187b976373af517c4e82c6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://df3zgr9rzrvm2.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-envoy-decorator-operation
scc-host-staging-svc.security-cloud-gateway.svc.cluster.local:3000/*
date
Sun, 05 May 2024 08:50:43 GMT
via
1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self';
x-amz-cf-pop
FRA56-P9
etag
"884919918ab3044eff42bd31131df2f7a4e095aa"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
5
content-disposition
inline; filename="725.ccf1058d.chunk.js"
accept-ranges
bytes
x-amz-cf-id
DyALO-u6Yw2t29cvHSUi8_sDOAsoMKyzFsJtEsrb_yBypsQA6DcRYw==
131.2d82a0bd.chunk.css
df3zgr9rzrvm2.cloudfront.net/static/css/ 		741 B
996 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://df3zgr9rzrvm2.cloudfront.net/static/css/131.2d82a0bd.chunk.css
Requested by
Host: df3zgr9rzrvm2.cloudfront.net
URL: https://df3zgr9rzrvm2.cloudfront.net/static/js/main.afe6ff35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:a200:1:be1d:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fc7bddc16ab57168715fed23b514e23dce95e37d955b7c3fde945c74ac6ba907
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://df3zgr9rzrvm2.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 08:50:43 GMT
x-envoy-decorator-operation
scc-host-staging-svc.security-cloud-gateway.svc.cluster.local:3000/*
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self';
x-amz-cf-pop
FRA56-P9
etag
W/"35bd7736ea5b802d2249e10e755a9a179cede6b5"
vary
Accept-Encoding,Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/css; charset=utf-8
x-envoy-upstream-service-time
3
content-disposition
inline; filename="131.2d82a0bd.chunk.css"
x-amz-cf-id
TgRabzueUmBaMybsQ6KJA9PHmzG1OSabehV-7a2KURcHfdUyU9pBIg==
131.85e98a23.chunk.js
df3zgr9rzrvm2.cloudfront.net/static/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df3zgr9rzrvm2.cloudfront.net/static/js/131.85e98a23.chunk.js
Requested by
Host: df3zgr9rzrvm2.cloudfront.net
URL: https://df3zgr9rzrvm2.cloudfront.net/static/js/main.afe6ff35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:a200:1:be1d:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b90cdb5d51b282cc1234adc4272ac81dcaa0925a1cecedef46a766ea9f12c8fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://df3zgr9rzrvm2.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 08:50:43 GMT
content-encoding
gzip
x-envoy-decorator-operation
scc-host-staging-svc.security-cloud-gateway.svc.cluster.local:3000/*
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self';
x-amz-cf-pop
FRA56-P9
etag
"8aed1db11d19d5206b4c7586360c6e1e295fcf14"
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
4
content-disposition
inline; filename="131.85e98a23.chunk.js"
accept-ranges
bytes
x-amz-cf-id
1itrT_3WrW033RRbXgmQmIfJj1mOtfETBZXXBfIRa2lRlUf-3PrYWQ==
shellconfig.json
df3zgr9rzrvm2.cloudfront.net/config/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://df3zgr9rzrvm2.cloudfront.net/config/shellconfig.json
Requested by
Host: df3zgr9rzrvm2.cloudfront.net
URL: https://df3zgr9rzrvm2.cloudfront.net/static/js/725.ccf1058d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:a200:1:be1d:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
33ed998411b83750ba9044ea21147d43f3109e47f91a90a5d9f0772cd726b09b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://df3zgr9rzrvm2.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 08:50:43 GMT
content-encoding
gzip
x-envoy-decorator-operation
scc-host-staging-svc.security-cloud-gateway.svc.cluster.local:3000/*
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self';
x-amz-cf-pop
FRA56-P9
etag
"7728f50714312ea60cf2868d09330d507abbc144"
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
x-envoy-upstream-service-time
2
content-disposition
inline; filename="shellconfig.json"
accept-ranges
bytes
x-amz-cf-id
TF3rdVN_XWc-Ze3EsaxVc58UT5P6hrvyxuk8AeOzub3yVjstLli6iw==
favicon.ico
df3zgr9rzrvm2.cloudfront.net/ 		31 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://df3zgr9rzrvm2.cloudfront.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:a200:1:be1d:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
55611c3117c644fd3f6b798c02cb86b224058cc9725d72798bbac69de8a6dda2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://df3zgr9rzrvm2.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 08:50:43 GMT
content-encoding
gzip
x-envoy-decorator-operation
scc-host-staging-svc.security-cloud-gateway.svc.cluster.local:3000/*
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self';
x-amz-cf-pop
FRA56-P9
etag
"d78574fe54ffce7a176d999a87f0b36e2a704f81"
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
image/x-icon
x-envoy-upstream-service-time
2
content-disposition
inline; filename="favicon.ico"
accept-ranges
bytes
x-amz-cf-id
ITw_CxbfpMyWD33cQ5vLDHUkruIyXAs3L0KVxLt26gEgz98o4zhXEA==
favicon.ico
df3zgr9rzrvm2.cloudfront.net/ 		31 KB
380 B 		Other
General
Check archive.org
Download Go to
Full URL
https://df3zgr9rzrvm2.cloudfront.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:a200:1:be1d:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
55611c3117c644fd3f6b798c02cb86b224058cc9725d72798bbac69de8a6dda2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://df3zgr9rzrvm2.cloudfront.net/piam/overview
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 08:50:44 GMT
x-envoy-decorator-operation
scc-host-staging-svc.security-cloud-gateway.svc.cluster.local:3000/*
via
1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-security-policy
frame-ancestors 'self';
x-amz-cf-pop
FRA56-P9
etag
"d78574fe54ffce7a176d999a87f0b36e2a704f81"
vary
Origin
x-cache
Miss from cloudfront
content-type
image/x-icon
x-envoy-upstream-service-time
1
content-disposition
inline; filename="favicon.ico"
accept-ranges
bytes
x-amz-cf-id
kh5eIcGQ46i8kVn46mOGGWtFe67tS0774RyydMPiUcflyoB020N_Cg==
openid-configuration
sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/.well-known/ 		3 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/.well-known/openid-configuration
Requested by
Host: df3zgr9rzrvm2.cloudfront.net
URL: https://df3zgr9rzrvm2.cloudfront.net/static/js/main.afe6ff35.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.151.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9d4dea8e2661b2ed.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com; connect-src 'self' ciscob2b-staging.okta.com ciscob2b-staging-admin.okta.com sso-staging.test.security.cisco.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com ciscob2b-staging.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com; style-src 'unsafe-inline' 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com; frame-src 'self' ciscob2b-staging.okta.com ciscob2b-staging-admin.okta.com sso-staging.test.security.cisco.com login.okta.com api-8767b90a.duosecurity.com; img-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Okta-User-Agent-Extended
okta-auth-js/7.5.0 @okta/okta-react/6.7.0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://df3zgr9rzrvm2.cloudfront.net/
sec-ch-ua-platform
"Win32"

Response headers

X-Okta-Request-Id
ZjdIZDhVOWzYP1gayvEZLQAAC0Y
Date
Sun, 05 May 2024 08:50:44 GMT
content-security-policy
default-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com; connect-src 'self' ciscob2b-staging.okta.com ciscob2b-staging-admin.okta.com sso-staging.test.security.cisco.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com ciscob2b-staging.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com; style-src 'unsafe-inline' 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com; frame-src 'self' ciscob2b-staging.okta.com ciscob2b-staging-admin.okta.com sso-staging.test.security.cisco.com login.okta.com api-8767b90a.duosecurity.com; img-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-content-type-options
nosniff
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://df3zgr9rzrvm2.cloudfront.net
cache-control
max-age=86400, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5, max=99
expires
Mon, 06 May 2024 08:50:44 GMT
openid-configuration
sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/.well-known/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/.well-known/openid-configuration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.151.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9d4dea8e2661b2ed.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
GET
Origin
https://df3zgr9rzrvm2.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type,x-okta-user-agent-extended
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
https://df3zgr9rzrvm2.cloudfront.net
Access-Control-Max-Age
3600
Connection
Keep-Alive
Content-Length
0
Content-Type
application/octet-stream
Date
Sun, 05 May 2024 08:50:44 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Vary
Origin
X-Okta-Request-Id
ZjdIZDhVOWzYP1gayvEZLAAAC0Y
Primary Request authorize
sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/ 		12 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Requested by
Host: df3zgr9rzrvm2.cloudfront.net
URL: https://df3zgr9rzrvm2.cloudfront.net/static/js/main.afe6ff35.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.152.248 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9d4dea8e2661b2ed.awsglobalaccelerator.com
Software
nginx /
Resource Hash
be5c0891daf9f80f0b293bbd305daa248c578af3d68d839a50ff0e6d524c4f67
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://df3zgr9rzrvm2.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
close
Content-Type
text/html;charset=utf-8
Date
Sun, 05 May 2024 08:50:45 GMT
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
accept-ch
Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store
content-language
de
content-security-policy-report-only
default-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com; connect-src 'self' ciscob2b-staging.okta.com ciscob2b-staging-admin.okta.com sso-staging.test.security.cisco.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com ciscob2b-staging.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com; style-src 'unsafe-inline' 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com; frame-src 'self' ciscob2b-staging.okta.com ciscob2b-staging-admin.okta.com sso-staging.test.security.cisco.com login.okta.com api-8767b90a.duosecurity.com; img-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com data: *.oktacdn.com fonts.gstatic.com
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
x-content-type-options
nosniff
x-okta-request-id
ZjdIZahMBvVkXCFRue2nkQAAC68
x-rate-limit-limit
1200
x-rate-limit-remaining
1199
x-rate-limit-reset
1714899105
x-xss-protection
0
walkme_92f25c9837b9440b8a8bc45b4156d6fb_https.js
cdn.walkme.com/users/92f25c9837b9440b8a8bc45b4156d6fb/test/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/92f25c9837b9440b8a8bc45b4156d6fb/test/walkme_92f25c9837b9440b8a8bc45b4156d6fb_https.js
Requested by
Host: sso-staging.test.security.cisco.com
URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a36a58f0557a624989446a2b0aa540dd1c0bae0a369fa0a9c57089dfca5fc566
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
_Pq53fJen7DMqTtq3.CZWAYm2GGpoZvS
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 05 May 2024 08:50:45 GMT
access-control-allow-private-network
true
x-amz-request-id
H1GVX8M2SA4N600H
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
7190
x-amz-id-2
qv5IRBOMCOQZeFeTdVZSpX87uydiSamCNuho+j2HmFMSH+mQE26s7H1nCaZ30Dzj4XKFPU9r56c=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Jul 2022 11:43:07 GMT
etag
"5ad9b40c230ad9ce8672148746df84d6"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31222355
accept-ranges
bytes
timing-allow-origin
*
Cisco_Logo.png
sso-apps.security.cisco.com/okta-customization/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso-apps.security.cisco.com/okta-customization/images/Cisco_Logo.png
Requested by
Host: sso-staging.test.security.cisco.com
URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b400:6:5751:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d25f21823089756cfbdab04b45d1b034d7325113f2d1263fcdde2eca8890f19b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sso-staging.test.security.cisco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 08:50:46 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self';
last-modified
Wed, 24 Apr 2024 18:11:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"d1e126a37ca69229e9c571c5c2baac63"
vary
Origin
x-cache
RefreshHit from cloudfront
content-type
image/png
content-length
7149
x-amz-cf-id
PjAnWyTmyXk2OEnnnJarvEW1Z-7zVDkUbDDgXAmeO_oSx-seZHqP4Q==
EmptyState.svg
sso-apps.security.cisco.com/okta-customization/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso-apps.security.cisco.com/okta-customization/images/EmptyState.svg
Requested by
Host: sso-staging.test.security.cisco.com
URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b400:6:5751:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80fc1a3ef2b62b718dca349cc2613a41d3f7670afd245f4ac8bea8b92d25dbff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sso-staging.test.security.cisco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 08:50:46 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self';
last-modified
Wed, 24 Apr 2024 18:11:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"50e1db2fef16c193b7fd5b3aeec3620f"
vary
Origin
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
content-length
1490
x-amz-cf-id
4oljW58EFWOjhIr8umJUfCCaLP6TL6UiSdkdmh1z57eCdVFw186rgQ==
SharpSans-Bold.woff2
sso-apps.security.cisco.com/okta-customization/fonts/sharp-sans/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso-apps.security.cisco.com/okta-customization/fonts/sharp-sans/SharpSans-Bold.woff2
Requested by
Host: sso-staging.test.security.cisco.com
URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b400:6:5751:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
801c30ad33e457a490a748b1d7ecd7cc30208560d75e3db459e5ce9e82dcb057
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sso-staging.test.security.cisco.com/
Origin
https://sso-staging.test.security.cisco.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 08:50:46 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self';
last-modified
Wed, 24 Apr 2024 18:11:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"f1ba3634795f83a9235ff39afa9fb587"
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
access-control-allow-origin
*
content-length
49912
x-amz-cf-id
7CipciHUo6psbGtJJzHZSXpjJ0vEh9_BkT9ROve0P1gYxqouFREeLw==
Inter-Regular.woff2
sso-apps.security.cisco.com/okta-customization/fonts/inter/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso-apps.security.cisco.com/okta-customization/fonts/inter/Inter-Regular.woff2
Requested by
Host: sso-staging.test.security.cisco.com
URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b400:6:5751:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bed72259a8e25611bfdcd02ae7534bab339f607cbce3b989614fb32a5fb95738
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sso-staging.test.security.cisco.com/
Origin
https://sso-staging.test.security.cisco.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 08:50:46 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self';
last-modified
Wed, 24 Apr 2024 18:11:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"4232a675a077023a364c30ee94c155b5"
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
access-control-allow-origin
*
content-length
98844
x-amz-cf-id
mbRtRecckRMQ_rZQg4fOx1KJHYbNoGdtqSYU88pI_9qfdHM5F8gMEw==
settings.txt
cdn.walkme.com/users/92f25c9837b9440b8a8bc45b4156d6fb/test/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/92f25c9837b9440b8a8bc45b4156d6fb/test/settings.txt
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/92f25c9837b9440b8a8bc45b4156d6fb/test/walkme_92f25c9837b9440b8a8bc45b4156d6fb_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f64ded59fe822ea7f54c38313326a058909618eed1cbc0ab6068949e775a7717
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
2y3NJ5Un9OrQuYnx_n6B4N50Oo_yUJDY
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 05 May 2024 08:50:45 GMT
access-control-allow-private-network
true
x-amz-request-id
P801VT5VE3V6AF9D
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
611
x-amz-id-2
Qc/AAJPX1lS7gfhV7N93bxKQNKUSgFh7761fByuG5ROOh7QDLG7sxqCzk4p6c838D+aBhveheNs=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Mar 2024 15:28:22 GMT
etag
"f0e94e5c9fbb3d9544dd33d005889411"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
timing-allow-origin
*
favicon.ico
sso-apps.security.cisco.com/ 		31 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sso-apps.security.cisco.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b400:6:5751:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55611c3117c644fd3f6b798c02cb86b224058cc9725d72798bbac69de8a6dda2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 08:50:47 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self';
last-modified
Wed, 24 Apr 2024 18:11:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"bbf4bf76f176307a6812e21cf2ea775a"
vary
Origin
x-cache
RefreshHit from cloudfront
content-type
image/vnd.microsoft.icon
content-length
32038
x-amz-cf-id
MSq2t5DirzeP2MOs8f-i3n0dkA22oRfYEkAUc30n26Cy0nrlGxSUOQ==

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _walkmeConfig function| goHome function| WalkmeSnippet object| _walkmeInternals object| wmSnippet undefined| fixedCallback

3 Cookies

Domain/Path Name / Value
sso-staging.test.security.cisco.com/ Name: JSESSIONID
Value: CA00A6B9056F6AC739CCDC1A314719F4
sso-staging.test.security.cisco.com/ Name: t
Value: default
sso-staging.test.security.cisco.com/ Name: DT
Value: DI1iEZqu_XeQR6rhbazwhgDfA

17 Console Messages

Source Level URL
Text
network error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile(Line 7)
Message:
[Report Only] Refused to load the image 'https://sso-apps.security.cisco.com/favicon.ico' because it violates the following Content Security Policy directive: "img-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile(Line 62)
Message:
[Report Only] Refused to load the script 'https://cdn.walkme.com/users/92f25c9837b9440b8a8bc45b4156d6fb/test/walkme_92f25c9837b9440b8a8bc45b4156d6fb_https.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Message:
[Report Only] Refused to load the font 'https://sso-apps.security.cisco.com/okta-customization/fonts/inter/Inter-Regular.woff2' because it violates the following Content Security Policy directive: "font-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com data: *.oktacdn.com fonts.gstatic.com".
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Message:
[Report Only] Refused to load the font 'https://sso-apps.security.cisco.com/okta-customization/fonts/inter/Inter-Regular.woff' because it violates the following Content Security Policy directive: "font-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com data: *.oktacdn.com fonts.gstatic.com".
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Message:
[Report Only] Refused to load the font 'https://sso-apps.security.cisco.com/okta-customization/fonts/sharp-sans/SharpSans-Bold.woff2' because it violates the following Content Security Policy directive: "font-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com data: *.oktacdn.com fonts.gstatic.com".
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Message:
[Report Only] Refused to load the font 'https://sso-apps.security.cisco.com/okta-customization/fonts/sharp-sans/SharpSans-Bold.woff' because it violates the following Content Security Policy directive: "font-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com data: *.oktacdn.com fonts.gstatic.com".
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Message:
[Report Only] Refused to load the font 'https://sso-apps.security.cisco.com/okta-customization/fonts/sharp-sans/SharpSans-Bold.woff2' because it violates the following Content Security Policy directive: "font-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com data: *.oktacdn.com fonts.gstatic.com".
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Message:
[Report Only] Refused to load the font 'https://sso-apps.security.cisco.com/okta-customization/fonts/sharp-sans/SharpSans-Bold.woff' because it violates the following Content Security Policy directive: "font-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com data: *.oktacdn.com fonts.gstatic.com".
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Message:
[Report Only] Refused to load the font 'https://sso-apps.security.cisco.com/okta-customization/fonts/sharp-sans/SharpSans-BoldItalic.woff2' because it violates the following Content Security Policy directive: "font-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com data: *.oktacdn.com fonts.gstatic.com".
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Message:
[Report Only] Refused to load the font 'https://sso-apps.security.cisco.com/okta-customization/fonts/sharp-sans/SharpSans-BoldItalic.woff' because it violates the following Content Security Policy directive: "font-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com data: *.oktacdn.com fonts.gstatic.com".
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Message:
[Report Only] Refused to load the font 'https://sso-apps.security.cisco.com/okta-customization/fonts/sharp-sans/SharpSans-ExtraboldItalic.woff2' because it violates the following Content Security Policy directive: "font-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com data: *.oktacdn.com fonts.gstatic.com".
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Message:
[Report Only] Refused to load the font 'https://sso-apps.security.cisco.com/okta-customization/fonts/sharp-sans/SharpSans-ExtraboldItalic.woff' because it violates the following Content Security Policy directive: "font-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com data: *.oktacdn.com fonts.gstatic.com".
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Message:
[Report Only] Refused to load the image 'https://sso-apps.security.cisco.com/okta-customization/images/Cisco_Logo.png' because it violates the following Content Security Policy directive: "img-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Message:
[Report Only] Refused to load the image 'https://sso-apps.security.cisco.com/okta-customization/images/EmptyState.svg' because it violates the following Content Security Policy directive: "img-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security error URL: https://cdn.walkme.com/users/92f25c9837b9440b8a8bc45b4156d6fb/test/walkme_92f25c9837b9440b8a8bc45b4156d6fb_https.js(Line 6)
Message:
[Report Only] Refused to load the script 'https://cdn.walkme.com/users/92f25c9837b9440b8a8bc45b4156d6fb/test/settings.txt' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://sso-staging.test.security.cisco.com/oauth2/aus3uzfwpumAvDegH357/v1/authorize?client_id=0oa11ktbm2mbbQjXm358&code_challenge=icJ0zP7SrIf6CF9XlaYDyMnPhYkssH7HgJYofKcUC5Q&code_challenge_method=S256&nonce=7OyjgULX3VPneZ6voRURK5O0AbibKobMVZ5V8aBGexAUGOHAbfLoow86tOOF2AS0&redirect_uri=https%3A%2F%2Fdf3zgr9rzrvm2.cloudfront.net%2Flogin%2Fcallback&response_type=code&state=g2b0KEgCXI01vuaiMR2BNIt89z5tBu2vxAq4TGjMtHG5NUi98J8FPogLk8D7ay5q&scope=openid%20email%20profile
Message:
[Report Only] Refused to load the image 'https://sso-apps.security.cisco.com/favicon.ico' because it violates the following Content Security Policy directive: "img-src 'self' ciscob2b-staging.okta.com sso-staging.test.security.cisco.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains