Summary
A Concise Overview of the scan result of url https://crowdstrike.okta.com/app/salesforce/exk4rymd6aWCzh0QA0x7/sso/saml
- Document
- HTML
- 4
- StyleSheets
- 3
- Scripts
- 3
- Font
- 0
- Images
- 7
- Links
- 0
- JavaScript Variables
- 13
- Console log messages
- 0
- Network
- Requests
- 23
- Bytes Transferred
- 1.15MB
- Bytes Total
- 2.72MB
- DNS Record
- CNAME Record
- 6
- A Record
- 2
- Technology
- Authentication
- 1
- Web servers
- 1
- Reverse proxies
- 1
- Security
- 1
- SSL/TLS certificate authorities
- 1
Document
Links
The outgoing links identified from the page.
Link | Text |
---|
JavaScript Variables
Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.
Technology
The technologies identified are present on the scanned URL.
Name | Description | Detected patterns |
---|---|---|
Security | ||
HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS. | Type: headers Name: strict-transport-security Regex: (?:) | |
Web servers | ||
Nginx | Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. | Type: headers Name: server Regex: nginx(?:\/([\d.]{1,250}))? |
Reverse proxies | ||
Nginx | Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. | Type: headers Name: server Regex: nginx(?:\/([\d.]{1,250}))? |
Authentication | ||
Okta is a platform in the Identity-as-a-Service (IDaaS) category. Okta features include Provisioning, Single Sign-On (SSO), Active Directory (AD) and LDAP integration, the centralized de-provisioning of users, multi-factor authentication (MFA), mobile identity management. | Type: scriptSrc Regex: oktacdn\.com\/.{1,250}\/([\d.]{1,250})\/ | |
SSL/TLS certificate authorities | ||
DigiCert | Type: certIssuer Regex: DigiCert |
Performance
The speed and efficiency of the scanned URL loads and displays its content.
- dns
- 1 msGood
- tcp
- 329 msPoor
- requestTime
- 6 msGood
- dom
- 85 msGood
DNS Record
A DNS record maps a domain name to an IP address or other resource information.
Type | Name | Content | DNSSEC |
---|---|---|---|
CNAME | crowdstrike.okta.com | ok2-crtrs.tng.okta.com. | no |
CNAME | ok2-crtrs.tng.okta.com | ok2-crtrs.oktaedge.okta.com. | no |
CNAME | ok2-crtrs.oktaedge.okta.com | a9fda6e8074f1dfbe.awsglobalaccelerator.com. | no |
A | a9fda6e8074f1dfbe.awsglobalaccelerator.com | 99.83.213.230 | no |
A | a9fda6e8074f1dfbe.awsglobalaccelerator.com | 75.2.87.65 | no |
CNAME | crowdstrike.okta.com | ok2-crtrs.tng.okta.com. | no |
CNAME | ok2-crtrs.tng.okta.com | ok2-crtrs.oktaedge.okta.com. | no |
CNAME | ok2-crtrs.oktaedge.okta.com | a9fda6e8074f1dfbe.awsglobalaccelerator.com. | no |
SSL Certificate
An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.
Subject | Issue date | Expiry date | Valid |
---|---|---|---|
sfdc-urlt2q.edge.my.salesforce.com DigiCert TLS RSA SHA256 2020 CA1 | 4/30/2024 | 4/28/2025 | 12 months 3 days |
*.okta.com DigiCert TLS RSA SHA256 2020 CA1 | 2/12/2024 | 3/14/2025 | 1 year 1 month 1 day |
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1 | 12/15/2023 | 1/2/2025 | 1 year 19 days |
accounts.okta.com Amazon RSA 2048 M02 | 7/17/2024 | 8/15/2025 | 1 year 29 days |
HTTP Headers
HTTP Header
An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.
Name | Value |
---|---|
accept-ch | Sec-CH-UA-Platform-Version |
cache-control | no-cache, no-store |
content-encoding | gzip |
content-language | en |
content-security-policy | default-src 'self' crowdstrike.okta.com *.oktacdn.com; connect-src 'self' crowdstrike.okta.com crowdstrike-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com crowdstrike.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' crowdstrike.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' crowdstrike.okta.com *.oktacdn.com; frame-src 'self' crowdstrike.okta.com crowdstrike-admin.okta.com login.okta.com *.vidyard.com com-okta-authenticator: api-81556a20.duosecurity.com; img-src 'self' crowdstrike.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' crowdstrike.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' |
content-security-policy-report-only | default-src 'self' crowdstrike.okta.com *.oktacdn.com; connect-src 'self' crowdstrike.okta.com crowdstrike-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com crowdstrike.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'nonce-XRo1gGGBpjycemrpEzjzXg' 'unsafe-eval' 'self' crowdstrike.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' crowdstrike.okta.com *.oktacdn.com; frame-src 'self' crowdstrike.okta.com crowdstrike-admin.okta.com login.okta.com *.vidyard.com com-okta-authenticator: api-81556a20.duosecurity.com; img-src 'self' crowdstrike.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' crowdstrike.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' |
content-type | text/html;charset=utf-8 |
date | Wed, 02 Oct 2024 18:31:51 GMT |
expires | 0 |
p3p | CP="HONK" |
pragma | no-cache |
referrer-policy | strict-origin-when-cross-origin |
server | nginx |
strict-transport-security | max-age=315360000; includeSubDomains |
vary | Accept-Encoding |
x-content-type-options | nosniff |
x-frame-options | SAMEORIGIN |
x-okta-request-id | 31b4150fca9bebe59b017342d3723bfe |
x-rate-limit-limit | 750 |
x-rate-limit-remaining | 745 |
x-rate-limit-reset | 1727893961 |
x-robots-tag | noindex,nofollow |
x-ua-compatible | IE=edge |
x-xss-protection | 0 |
Content Security Policy
Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.
Name | Value |
---|---|
default-src | 'self'crowdstrike.okta.com*.oktacdn.com |
connect-src | 'self'crowdstrike.okta.comcrowdstrike-admin.okta.com*.oktacdn.com*.mixpanel.com*.mapbox.com*.mtls.okta.comcrowdstrike.kerberos.okta.com*.authenticatorlocalprod.com:8769http://localhost:8769http://127.0.0.1:8769*.authenticatorlocalprod.com:65111http://localhost:65111http://127.0.0.1:65111*.authenticatorlocalprod.com:65121http://localhost:65121http://127.0.0.1:65121*.authenticatorlocalprod.com:65131http://localhost:65131http://127.0.0.1:65131*.authenticatorlocalprod.com:65141http://localhost:65141http://127.0.0.1:65141*.authenticatorlocalprod.com:65151http://localhost:65151http://127.0.0.1:65151https://oinmanager.okta.comdata:data.pendo.iopendo-static-5634101834153984.storage.googleapis.compendo-static-5391521872216064.storage.googleapis.com |
script-src | 'unsafe-inline''unsafe-eval''self'crowdstrike.okta.com*.oktacdn.com |
style-src | 'unsafe-inline''self'crowdstrike.okta.com*.oktacdn.com |
frame-src | 'self'crowdstrike.okta.comcrowdstrike-admin.okta.comlogin.okta.com*.vidyard.comcom-okta-authenticator:api-81556a20.duosecurity.com |
img-src | 'self'crowdstrike.okta.com*.oktacdn.com*.tiles.mapbox.com*.mapbox.com*.vidyard.comdata:data.pendo.iopendo-static-5634101834153984.storage.googleapis.compendo-static-5391521872216064.storage.googleapis.comblob: |
font-src | 'self'crowdstrike.okta.comdata:*.oktacdn.comfonts.gstatic.com |
frame-ancestors | 'self |
Cookies
Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.
Name | Value | Domain/Path | Expires | Secure | HTTP Only |
---|---|---|---|---|---|
CookieConsentPolicy | 0:1 | crowdstrike.my.salesforce.com/ | 10/2/2025, 6:31:50 PM | yes | no |
LSKey-c$CookieConsentPolicy | 0:1 | crowdstrike.my.salesforce.com/ | 10/2/2025, 6:31:50 PM | yes | no |
BrowserId | ly8hWYDsEe-zZfmQUcQPYA | .salesforce.com/ | 10/2/2025, 6:31:50 PM | yes | no |
DT | DI1JvodVJ-RR-2MnpImqvXt8A | crowdstrike.okta.com/ | 11/6/2025, 6:31:51 PM | yes | yes |
JSESSIONID | 05FFB7E1D426FFB45666284C67A7BAD5 | crowdstrike.okta.com/ | 12/31/1969, 11:59:59 PM | yes | yes |