Nmap scan report for usaa.okta.com (99.83.213.230) Host is up (0.00084s latency). Other addresses for usaa.okta.com (not scanned): 75.2.87.65 rDNS record for 99.83.213.230: a9fda6e8074f1dfbe.awsglobalaccelerator.com Not shown: 996 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 80/tcp open http awselb/2.0 |_http-server-header: awselb/2.0 | fingerprint-strings: | FourOhFourRequest: | HTTP/1.1 302 Moved Temporarily | Server: awselb/2.0 | Date: Sat, 02 Aug 2025 00:32:52 GMT | Content-Type: text/html | Content-Length: 110 | Connection: close | Location: https://internal-ok2-crtr-tls12-int-alb-803426229.us-east-1.elb.amazonaws.com:443/nice%20ports%2C/Tri%6Eity.txt%2ebak | | 302 Found | |

302 Found

| | | GetRequest, HTTPOptions: | HTTP/1.1 302 Moved Temporarily | Server: awselb/2.0 | Date: Sat, 02 Aug 2025 00:32:52 GMT | Content-Type: text/html | Content-Length: 110 | Connection: close | Location: https://internal-ok2-crtr-tls12-int-alb-803426229.us-east-1.elb.amazonaws.com:443/ | | 302 Found | |

302 Found

| | | RPCCheck: | HTTP/1.1 400 Bad Request | Server: awselb/2.0 | Date: Sat, 02 Aug 2025 00:32:57 GMT | Content-Type: text/html | Content-Length: 122 | Connection: close | | 400 Bad Request | |

400 Bad Request

| | | RTSPRequest: | | 400 Bad Request | |

400 Bad Request

| | | X11Probe: | HTTP/1.1 400 Bad Request | Server: awselb/2.0 | Date: Sat, 02 Aug 2025 00:32:52 GMT | Content-Type: text/html | Content-Length: 122 | Connection: close | | 400 Bad Request | |

400 Bad Request

| |_ |_http-title: Did not follow redirect to https://usaa.okta.com:443/ 389/tcp open ldap |_ssl-date: TLS randomness does not represent time | fingerprint-strings: | LDAPBindReq: | LDAPException(resultCode=53 (unwilling to perform), errorMessage='BindDN is invalid: must be of format 'uid=*,dc=yourOrg,dc=okta,dc=com'', ldapSDKVersion=7.0.2, revision=d3320e659d17d7b2f8ae0ec0a0b436314c49691a) | LDAPSearchReq: |_ secure connection cannot be established. To admin: This service requires TLS. | ssl-cert: Subject: commonName=*.ldap.okta.com/organizationName=Okta, Inc./stateOrProvinceName=California/countryName=US | Subject Alternative Name: DNS:*.ldap.okta.com, DNS:ldap.okta.com | Not valid before: 2025-04-02T00:00:00 |_Not valid after: 2026-04-21T23:59:59 443/tcp open ssl/http nginx | ssl-cert: Subject: commonName=*.okta.com/organizationName=Okta, Inc./stateOrProvinceName=California/countryName=US | Subject Alternative Name: DNS:*.okta.com, DNS:okta.com | Not valid before: 2025-01-15T00:00:00 |_Not valid after: 2026-02-14T23:59:59 | tls-nextprotoneg: | h2 |_ http/1.1 |_ssl-date: TLS randomness does not represent time | http-robots.txt: 1 disallowed entry |_/ |_http-title: USAA (WF usaa.) - Sign In | tls-alpn: | h2 |_ http/1.1 636/tcp open ssl/ldap |_ssl-date: TLS randomness does not represent time | ssl-cert: Subject: commonName=*.ldap.okta.com/organizationName=Okta, Inc./stateOrProvinceName=California/countryName=US | Subject Alternative Name: DNS:*.ldap.okta.com, DNS:ldap.okta.com | Not valid before: 2025-04-02T00:00:00 |_Not valid after: 2026-04-21T23:59:59 | fingerprint-strings: | LDAPBindReq: |_ LDAPException(resultCode=53 (unwilling to perform), errorMessage='BindDN is invalid: must be of format 'uid=*,dc=yourOrg,dc=okta,dc=com'', ldapSDKVersion=7.0.2, revision=d3320e659d17d7b2f8ae0ec0a0b436314c49691a) 3 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service : ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port80-TCP:V=7.92%I=7%D=8/1%Time=688D5CB4%P=x86_64-redhat-linux-gnu%r(G SF:etRequest,168,"HTTP/1\.1\x20302\x20Moved\x20Temporarily\r\nServer:\x20a SF:wselb/2\.0\r\nDate:\x20Sat,\x2002\x20Aug\x202025\x2000:32:52\x20GMT\r\n SF:Content-Type:\x20text/html\r\nContent-Length:\x20110\r\nConnection:\x20 SF:close\r\nLocation:\x20https://internal-ok2-crtr-tls12-int-alb-803426229 SF:\.us-east-1\.elb\.amazonaws\.com:443/\r\n\r\n\r\n302 SF:\x20Found\r\n\r\n

302\x20Found

\r\n\r\n\r\n")%r(HTTPOptions,168,"HTTP/1\.1\x20302\x SF:20Moved\x20Temporarily\r\nServer:\x20awselb/2\.0\r\nDate:\x20Sat,\x2002 SF:\x20Aug\x202025\x2000:32:52\x20GMT\r\nContent-Type:\x20text/html\r\nCon SF:tent-Length:\x20110\r\nConnection:\x20close\r\nLocation:\x20https://int SF:ernal-ok2-crtr-tls12-int-alb-803426229\.us-east-1\.elb\.amazonaws\.com: SF:443/\r\n\r\n\r\n302\x20Found\r\n\r\n

302\x20Found

\r\n\r\n\r\n") SF:%r(RTSPRequest,7A,"\r\n400\x20Bad\x20Request SF:\r\n\r\n

400\x20Bad\x20Request

\r\ SF:n\r\n\r\n")%r(X11Probe,110,"HTTP/1\.1\x20400\x20Bad\x20Re SF:quest\r\nServer:\x20awselb/2\.0\r\nDate:\x20Sat,\x2002\x20Aug\x202025\x SF:2000:32:52\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x201 SF:22\r\nConnection:\x20close\r\n\r\n\r\n400\x20Bad\x20 SF:Request\r\n\r\n

400\x20Bad\x20Request

\r\n\r\n\r\n")%r(FourOhFourRequest,18B,"HTTP/ SF:1\.1\x20302\x20Moved\x20Temporarily\r\nServer:\x20awselb/2\.0\r\nDate:\ SF:x20Sat,\x2002\x20Aug\x202025\x2000:32:52\x20GMT\r\nContent-Type:\x20tex SF:t/html\r\nContent-Length:\x20110\r\nConnection:\x20close\r\nLocation:\x SF:20https://internal-ok2-crtr-tls12-int-alb-803426229\.us-east-1\.elb\.am SF:azonaws\.com:443/nice%20ports%2C/Tri%6Eity\.txt%2ebak\r\n\r\n\r\n SF:302\x20Found\r\n\r\n

302\x SF:20Found

\r\n\r\n\r\n")%r(RPCCheck,110,"HTTP/ SF:1\.1\x20400\x20Bad\x20Request\r\nServer:\x20awselb/2\.0\r\nDate:\x20Sat SF:,\x2002\x20Aug\x202025\x2000:32:57\x20GMT\r\nContent-Type:\x20text/html SF:\r\nContent-Length:\x20122\r\nConnection:\x20close\r\n\r\n\r\n400\x20Bad\x20Request\r\n\r\n

400\x20Bad\x20Request

\r\n\r\n\r\n"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port389-TCP:V=7.92%I=7%D=8/1%Time=688D5CB9%P=x86_64-redhat-linux-gnu%r( SF:LDAPSearchReq,5D,"0\[\x02\x01\x07eV\n\x015\x04\0\x04OA\x20secure\x20con SF:nection\x20cannot\x20be\x20established\.\x20To\x20admin:\x20This\x20ser SF:vice\x20requires\x20TLS\.")%r(LDAPBindReq,E4,"0\x81\xe1\x02\x01\x01a\x8 SF:1\xdb\n\x015\x04\0\x04\x81\xd3LDAPException\(resultCode=53\x20\(unwilli SF:ng\x20to\x20perform\),\x20errorMessage='BindDN\x20is\x20invalid:\x20mus SF:t\x20be\x20of\x20format\x20'uid=\*,dc=yourOrg,dc=okta,dc=com'',\x20ldap SF:SDKVersion=7\.0\.2,\x20revision=d3320e659d17d7b2f8ae0ec0a0b436314c49691 SF:a\)"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port636-TCP:V=7.92%T=SSL%I=7%D=8/1%Time=688D5CBF%P=x86_64-redhat-linux- SF:gnu%r(LDAPSearchReq,E,"0\x0c\x02\x01\x07e\x07\n\x012\x04\0\x04\0")%r(LD SF:APBindReq,E4,"0\x81\xe1\x02\x01\x01a\x81\xdb\n\x015\x04\0\x04\x81\xd3LD SF:APException\(resultCode=53\x20\(unwilling\x20to\x20perform\),\x20errorM SF:essage='BindDN\x20is\x20invalid:\x20must\x20be\x20of\x20format\x20'uid= SF:\*,dc=yourOrg,dc=okta,dc=com'',\x20ldapSDKVersion=7\.0\.2,\x20revision= SF:d3320e659d17d7b2f8ae0ec0a0b436314c49691a\)"); Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: phone Running (JUST GUESSING): Google Android 5.X (90%) OS CPE: cpe:/o:google:android:5.0.1 Aggressive OS guesses: Android 5.0.1 (90%) No exact OS matches for host (test conditions non-ideal). Network Distance: 15 hops TRACEROUTE (using port 443/tcp) HOP RTT ADDRESS 1 0.20 ms 208.76.251.177.rdns.ColocationAmerica.com (208.76.251.177) 2 0.56 ms gw.mcom-colocationamerica.com (208.64.231.81) 3 0.69 ms r2b4.n1.p1401.lax.multacom.net (64.69.46.11) 4 2.96 ms 206.72.211.146.any2ix.coresite.com (206.72.211.146) 5 1.23 ms 52.93.92.40 6 ... 7 8 1.29 ms 52.93.92.25 9 ... 14 15 0.56 ms a9fda6e8074f1dfbe.awsglobalaccelerator.com (99.83.213.230) OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 39.92 seconds