ssologin.synchronyfinancial.com
Open in
urlscan Pro
23.36.238.75
Public Scan
Effective URL: https://ssologin.synchronyfinancial.com/siteminderagent/forms/syf_login.fcc?TYPE=33554433&REALMOID=06-000eeb92-2f3d-160d-b8fb-0c130a41d0...
Submission: On March 02 via manual from IN
Summary
TLS certificate: Issued by HydrantID EV SSL ICA G1 on January 7th 2020. Valid for: a year.
This is the only time ssologin.synchronyfinancial.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 136.147.100.50 136.147.100.50 | 14340 (SALESFORCE) (SALESFORCE) | |
2 8 | 23.36.238.75 23.36.238.75 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 23.0.36.169 23.0.36.169 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2a02:26f0:eb:... 2a02:26f0:eb:187::11a6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
11 | 6 |
ASN14340 (SALESFORCE, US)
PTR: dcl1-phx.na52-phx.my.salesforce.com
syf1.my.salesforce.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-36-238-75.deploy.static.akamaitechnologies.com
federation.synchronyfinancial.com | |
ssologin.synchronyfinancial.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-0-36-169.deploy.static.akamaitechnologies.com
s.go-mpulse.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
synchronyfinancial.com
2 redirects
federation.synchronyfinancial.com ssologin.synchronyfinancial.com |
459 KB |
2 |
go-mpulse.net
s.go-mpulse.net c.go-mpulse.net |
51 KB |
2 |
salesforce.com
syf1.my.salesforce.com |
7 KB |
1 |
googleapis.com
ajax.googleapis.com |
30 KB |
11 | 4 |
Domain | Requested by | |
---|---|---|
6 | ssologin.synchronyfinancial.com |
syf1.my.salesforce.com
ssologin.synchronyfinancial.com |
2 | federation.synchronyfinancial.com | 2 redirects |
2 | syf1.my.salesforce.com |
syf1.my.salesforce.com
|
1 | c.go-mpulse.net |
s.go-mpulse.net
|
1 | s.go-mpulse.net |
ssologin.synchronyfinancial.com
|
1 | ajax.googleapis.com |
ssologin.synchronyfinancial.com
|
11 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
ssoregistrar.synchronyfinancial.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.my.salesforce.com DigiCert SHA2 Secure Server CA |
2017-12-03 - 2020-12-02 |
3 years | crt.sh |
cdsso.synchronyfinancial.com HydrantID EV SSL ICA G1 |
2020-01-07 - 2021-07-07 |
a year | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
akstat.io DigiCert SHA2 Secure Server CA |
2019-04-16 - 2020-06-14 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://ssologin.synchronyfinancial.com/siteminderagent/forms/syf_login.fcc?TYPE=33554433&REALMOID=06-000eeb92-2f3d-160d-b8fb-0c130a41d0bd&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-%2f5uEF2Zrl2NIbBNOFFzIkocNukV5nWjucz7oM60Pz7eDr2iWaTsA2ZmebGJKm%2bVcEY%2fOqCmtPANTxIy6SqwKG5eDT6QpxhG8&TARGET=-SM-HTTPS%3a%2f%2ffederation%2esynchronyfinancial%2ecom%2fsiteminderagent%2fredirectjsp%2fredirect%2ejsp%3fSMPORTALURL%3dhttps-%3A-%2F-%2Ffederation%2esynchronyfinancial%2ecom-%2Faffwebservices-%2Fpublic-%2Fsaml2sso%26SAMLTRANSACTIONID%3d36a17259--7e1d41cd--d0accefd--69887f89--7adcc5d9--c4
Frame ID: 2EB57BA1D19139DE8146059EE1A1AF11
Requests: 11 HTTP requests in this frame
Frame:
https://s.go-mpulse.net/boomerang/C5PNM-5LYEH-XL4NP-QNLPL-EM7ZF
Frame ID: 9E16AC508E7A8B6C0B3DB60883F222BF
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://syf1.my.salesforce.com/00Od00000047bhy Page URL
- https://syf1.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXErpy7OME8wMFcwMDAwMDA4T0k4AAA... Page URL
-
https://federation.synchronyfinancial.com/affwebservices/public/saml2sso
HTTP 302
https://federation.synchronyfinancial.com/siteminderagent/redirectjsp/redirect.jsp?SMPORTALURL=https%3A%2F%2Ffederatio... HTTP 302
https://ssologin.synchronyfinancial.com/siteminderagent/forms/syf_login.fcc?TYPE=33554433&REALMOID=06-000eeb92-2f3d-... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Forgot your Password?
Search URL Search Domain Scan URL
Title: Forgot your User ID?
Search URL Search Domain Scan URL
Title: Modify Your Account
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://syf1.my.salesforce.com/00Od00000047bhy Page URL
- https://syf1.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXErpy7OME8wMFcwMDAwMDA4T0k4AAAA3qqZ2TrrcK7hG37I85S20GV36FkMuqUZ45fsQ7DMaLLdUJfIy55WU3Hz-2topb9uO2vuLhTZDY0ChaBBTNjzxgYEL1Jexw3LBmNgrfGZ9FHbKWQZ9dYmXor4ww4AhiCxDSWkH7yu5G-FPfnhkdbX_7IS9TZAHhV0C1QZtqOaHkJ2asRaCyuYAMvdXGiAT2aEIgal7oot1PJDmD_DcskyyXaam2tzJkiqlfl3sgDE98XosX4vhH1dOEggaN-B6M-eag&saml_acs=https%3A%2F%2Fsyf1.my.salesforce.com%3Fso%3D00Dd0000000cK84&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fsyf1.my.salesforce.com&samlSsoConfig=0LE0W000000wk6G&RelayState=%2F00Od00000047bhy Page URL
-
https://federation.synchronyfinancial.com/affwebservices/public/saml2sso
HTTP 302
https://federation.synchronyfinancial.com/siteminderagent/redirectjsp/redirect.jsp?SMPORTALURL=https%3A%2F%2Ffederation.synchronyfinancial.com%2Faffwebservices%2Fpublic%2Fsaml2sso&SAMLTRANSACTIONID=36a17259-7e1d41cd-d0accefd-69887f89-7adcc5d9-c4 HTTP 302
https://ssologin.synchronyfinancial.com/siteminderagent/forms/syf_login.fcc?TYPE=33554433&REALMOID=06-000eeb92-2f3d-160d-b8fb-0c130a41d0bd&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-%2f5uEF2Zrl2NIbBNOFFzIkocNukV5nWjucz7oM60Pz7eDr2iWaTsA2ZmebGJKm%2bVcEY%2fOqCmtPANTxIy6SqwKG5eDT6QpxhG8&TARGET=-SM-HTTPS%3a%2f%2ffederation%2esynchronyfinancial%2ecom%2fsiteminderagent%2fredirectjsp%2fredirect%2ejsp%3fSMPORTALURL%3dhttps-%3A-%2F-%2Ffederation%2esynchronyfinancial%2ecom-%2Faffwebservices-%2Fpublic-%2Fsaml2sso%26SAMLTRANSACTIONID%3d36a17259--7e1d41cd--d0accefd--69887f89--7adcc5d9--c4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
00Od00000047bhy
syf1.my.salesforce.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authn-request.jsp
syf1.my.salesforce.com/saml/ |
7 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
syf_login.fcc
ssologin.synchronyfinancial.com/siteminderagent/forms/ Redirect Chain
|
11 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles_21.css
ssologin.synchronyfinancial.com/siteminderagent/dmspages/syfui/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5ff1b5f2
ssologin.synchronyfinancial.com/akam/11/ |
32 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SF_logo_goldcharcoal_transparent_rgb_250px.png
ssologin.synchronyfinancial.com/siteminderagent/dmspages/syfui/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
C5PNM-5LYEH-XL4NP-QNLPL-EM7ZF
s.go-mpulse.net/boomerang/ Frame 9E16 |
202 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
03.jpg
ssologin.synchronyfinancial.com/siteminderagent/dmspages/syfui/img/ |
432 KB 432 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.json
c.go-mpulse.net/api/ Frame 9E16 |
68 B 346 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
pixel_5ff1b5f2
ssologin.synchronyfinancial.com/akam/11/ |
0 700 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate string| cookie_name function| resetCredFields function| submitForm function| hideErrors function| setCookie function| getCookie function| checkCookie function| deletecookie function| $ function| jQuery object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart string| bazadebezolkohpepadr string| urhehlevkedkilrobacf number| BOOMR_onload1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.synchronyfinancial.com/ | Name: ak_bmsc Value: 3A6450C207F303AEB862A4427E817898C16C5E83BC4600008F0B5D5E93F55241~pl1wFdE9YzGK1VKmudue9P2DL1dXKdoe6WoyBK7slfrspis6RZNdU7hY4EGYNPJJwp+n9KAAxNUuwOSjXVYQhQruMFl4HjwTG99IZOTZ2GMw8fadrCoxk5obvU1E/bRocu3NqwmqnVj4zVRMxM9ICY15Ci+tA83dpJgOSpCv2WEBdd0IsXjNdOrSEb8r+8jgGQkvTcE+KBvjqe34l1RUrq5eDjEUWdPMrrhpenyzzb83NOJCJz2BG7twD2FH+KhIGP4asqOQEjJw3XbiijoaBBsv/hd28RMw7gnIHtU9QqQaWTbSzur6P0Oxee4PcpCpIgOd1HiAnGobP839jPRUybEskhzMG9/mVfLMY+8r4rgDM= |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536002; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
c.go-mpulse.net
federation.synchronyfinancial.com
s.go-mpulse.net
ssologin.synchronyfinancial.com
syf1.my.salesforce.com
136.147.100.50
23.0.36.169
23.36.238.75
2a00:1450:4001:806::200a
2a02:26f0:eb:187::11a6
06373a4617d7b42538b15dfcc04f44d7ab6b09e104049c6b16a401affccb9bbf
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e
32d28efa5f643a95f039839e5c84c391a662ac408ee7c77fc5230089c175671e
523636f0c5cefd378ec1f3392921bc063fde645cc4397451051238cac439a3b3
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
84396e06f57f23d426fdfcfe9d7fea4c99657ffd68feb977f4014286dc193edb
906bb0a3710e0ee95a34cc3bfc8565140e2d304ba1a94364e7917ec3bb4d4ff8
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
ba51057fe2e8055660101d2a9ac0e5424c250a01a913ea7b1e3aeda1268192eb
d54f94df1233ab7224af68f63fe3df27584c4c01d70b2e65bcdc774ba05c6b41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855