urlscan.io logo urlscan.io
SecurityTrails logo

sso.synchronyfinancial.com Open in urlscan Pro
34.223.206.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sso.tangoe.com/sp/startSSO.ping?PartnerIdpId=http://www.okta.com/exk4uci3k7HcMiEl3297&TARGET=https://www.traq.c...
Effective URL: https://sso.synchronyfinancial.com/app/synchrony_tangoeprod2003247541_1/exk4uci3k7HcMiEl3297/sso/saml
Submission: On April 09 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 18 HTTP transactions. The main IP is 34.223.206.17, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is sso.synchronyfinancial.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 4th 2023. Valid for: a year.
This is the only time sso.synchronyfinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 206.127.27.19 3900 (TEXASNET-ASN)
3 34.223.206.17 16509 (AMAZON-02)
12 18.66.147.65 16509 (AMAZON-02)
1 108.138.7.107 16509 (AMAZON-02)
18 4
Apex Domain
Subdomains		 Transfer
12 oktacdn.com
ok5static.oktacdn.com — Cisco Umbrella Rank: 61677
2 MB
3 synchronyfinancial.com
sso.synchronyfinancial.com
14 KB
2 tangoe.com
sso.tangoe.com
9 KB
1 okta.com
login.okta.com — Cisco Umbrella Rank: 7267
18 4
Domain Requested by
12 ok5static.oktacdn.com sso.synchronyfinancial.com
ok5static.oktacdn.com
3 sso.synchronyfinancial.com ok5static.oktacdn.com
2 sso.tangoe.com
1 login.okta.com ok5static.oktacdn.com
18 4

This site contains no links.

Subject Issuer Validity Valid
*.tangoe.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-24		 a year crt.sh
sso.synchronyfinancial.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-04 -
2024-06-03		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-15 -
2025-01-02		 a year crt.sh
accounts.okta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2024-07-24		 a year crt.sh

This page contains 2 frames:

Primary Page: https://sso.synchronyfinancial.com/app/synchrony_tangoeprod2003247541_1/exk4uci3k7HcMiEl3297/sso/saml
Frame ID: B00C99E34F97500AE6A9B68F53F4793E
Requests: 17 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: E72BFB41DA7B904F94E5FB230DB9876A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Synchrony - Anmelden

Page URL History Show full URLs

  1. https://sso.tangoe.com/sp/startSSO.ping?PartnerIdpId=http://www.okta.com/exk4uci3k7HcMiEl3297&TARGE... Page URL
  2. https://sso.synchronyfinancial.com/app/synchrony_tangoeprod2003247541_1/exk4uci3k7HcMiEl3297/sso/saml Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

2196 kB
Transfer

3756 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sso.tangoe.com/sp/startSSO.ping?PartnerIdpId=http://www.okta.com/exk4uci3k7HcMiEl3297&TARGET=https://www.traq.com/manage/procure/orderdetail.trq%3Fam%3DworkflowTask%26isNewWizard%3Dtrue%26workflowButton%3D104%26isEmailRequest%3Dtrue%26orderId%3D17632303 Page URL
  2. https://sso.synchronyfinancial.com/app/synchrony_tangoeprod2003247541_1/exk4uci3k7HcMiEl3297/sso/saml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
startSSO.ping
sso.tangoe.com/sp/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.tangoe.com/sp/startSSO.ping?PartnerIdpId=http://www.okta.com/exk4uci3k7HcMiEl3297&TARGET=https://www.traq.com/manage/procure/orderdetail.trq%3Fam%3DworkflowTask%26isNewWizard%3Dtrue%26workflowButton%3D104%26isEmailRequest%3Dtrue%26orderId%3D17632303
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.127.27.19 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
sso.tangoe.com
Software
/
Resource Hash
ba5c2846f18224da39afaf1b99f3cf4214a4897274caf56078b8727ba3a28d5c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
961
Content-Type
text/html;charset=utf-8
Date
Tue, 09 Apr 2024 12:14:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
origin
Vary
Accept-Encoding
Primary Request saml
sso.synchronyfinancial.com/app/synchrony_tangoeprod2003247541_1/exk4uci3k7HcMiEl3297/sso/ 		13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.synchronyfinancial.com/app/synchrony_tangoeprod2003247541_1/exk4uci3k7HcMiEl3297/sso/saml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.206.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-206-17.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0f2e560eb54e3a616766663b20778ea9c06637c7875429c11ecd1f424302f030
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://sso.tangoe.com
Referer
https://sso.tangoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Tue, 09 Apr 2024 12:14:11 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
accept-ch
Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store
content-language
de
content-security-policy-report-only
frame-ancestors 'self'
expires
0
p3p
CP="HONK"
pragma
no-cache
x-content-type-options
nosniff
x-okta-request-id
ZhUxEwqbJ-Leslyvehzq7gAADQI
x-ua-compatible
IE=edge
x-xss-protection
0
favicon.ico
sso.tangoe.com/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sso.tangoe.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.127.27.19 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
sso.tangoe.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://sso.tangoe.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 09 Apr 2024 12:14:10 GMT
Last-Modified
Fri, 17 Jul 2020 14:38:00 GMT
Content-Length
7406
Content-Type
image/x-icon
okta-sign-in.min.js
ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/js/ 		2 MB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/js/okta-sign-in.min.js
Requested by
Host: sso.synchronyfinancial.com
URL: https://sso.synchronyfinancial.com/app/synchrony_tangoeprod2003247541_1/exk4uci3k7HcMiEl3297/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-65.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
9daf3347512399224f539e52835e58e95719f510297e544fed33e18a99bda076
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://sso.synchronyfinancial.com/
Origin
https://sso.synchronyfinancial.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1sum
780804dd723a375058f81c58c0d4d8f9c3e85a0a
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
date
Mon, 01 Apr 2024 08:34:31 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
704380
x-cache
Hit from cloudfront
last-modified
Tue, 29 Nov 2022 18:49:21 GMT
server
nginx
etag
W/"e1e293ebd34a4b6e2155c41f9eed7073"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
m6xuh3W0JBheOFw49tCqe1hvY9rHBXvdOEQr6hVwNxtlTAmm1BjNwQ==
expires
Tue, 01 Apr 2025 08:34:31 GMT
okta-sign-in.min.css
ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/css/ 		222 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/css/okta-sign-in.min.css
Requested by
Host: sso.synchronyfinancial.com
URL: https://sso.synchronyfinancial.com/app/synchrony_tangoeprod2003247541_1/exk4uci3k7HcMiEl3297/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-65.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
f82da44225ccffe54b17728bca07164af78a2807ca5c0f22bae83e07b9877575
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://sso.synchronyfinancial.com/
Origin
https://sso.synchronyfinancial.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1sum
f89344013d233a955e8765deee6ec272f477f859
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
date
Thu, 04 Apr 2024 06:02:01 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
454330
x-cache
Hit from cloudfront
last-modified
Tue, 29 Nov 2022 18:48:16 GMT
server
nginx
etag
W/"c9bf93734c591718e3e48bf20e27845a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
q6J8XbQO6MVdwLIyTUsaIOmyM3t4kPdl3HwqPFRyrIOHQIHw_3tgqQ==
expires
Fri, 04 Apr 2025 06:02:01 GMT
custom-signin.73947dcedbe30f708373f1b3405f6417.css
ok5static.oktacdn.com/assets/loginpage/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Requested by
Host: sso.synchronyfinancial.com
URL: https://sso.synchronyfinancial.com/app/synchrony_tangoeprod2003247541_1/exk4uci3k7HcMiEl3297/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-65.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
79e149cae4cee318fb0fc5beb4feec6880022de818efdb269f8cf90298d61a00
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://sso.synchronyfinancial.com/
Origin
https://sso.synchronyfinancial.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1sum
35d16198401d1fd985775d017f4a337e2a74c215
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
date
Wed, 03 Apr 2024 19:10:03 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
493448
x-cache
Hit from cloudfront
last-modified
Wed, 13 Mar 2024 18:21:58 GMT
server
nginx
etag
W/"73947dcedbe30f708373f1b3405f6417"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
JNsM9V-CaE5sOxr9D3hteYQ6y5BGzv3ijhY-DwDKkPBNbH683mZ0Bg==
expires
Thu, 03 Apr 2025 19:10:03 GMT
default.6770228fb0dab49a1695ef440a5279bb.png
ok5static.oktacdn.com/assets/img/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok5static.oktacdn.com/assets/img/logos/default.6770228fb0dab49a1695ef440a5279bb.png
Requested by
Host: sso.synchronyfinancial.com
URL: https://sso.synchronyfinancial.com/app/synchrony_tangoeprod2003247541_1/exk4uci3k7HcMiEl3297/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-65.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
9ce729df778fbee5e9bb0b6cde926b2e5c19c87ebd301e10eeaabab0d3d89c66
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://sso.synchronyfinancial.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
date
Sun, 07 Apr 2024 04:13:12 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
201659
x-cache
Hit from cloudfront
content-length
1632
last-modified
Thu, 06 Dec 2018 08:59:48 GMT
server
nginx
etag
"6770228fb0dab49a1695ef440a5279bb"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
jQrEtciBsvj6klBIYfGJupJawZSOiJGgRPhjAmnZYaGdvbpzqFsBrg==
expires
Mon, 07 Apr 2025 04:13:12 GMT
initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
ok5static.oktacdn.com/assets/js/mvc/loginpage/ 		204 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
Requested by
Host:
URL: OktaUtil.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-65.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://sso.synchronyfinancial.com/
Origin
https://sso.synchronyfinancial.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1sum
91eca02abf11239ec4af7a30b1da6e2610f1b9a6
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
date
Fri, 29 Mar 2024 06:14:45 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
971966
x-cache
Hit from cloudfront
last-modified
Tue, 07 Nov 2023 19:03:23 GMT
server
nginx
etag
W/"58de3be0c9b511a0fdfd7ea4f69b56fc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
opyUwAROCurrN7_wyHwtNWC0u43EDuRN7mcWKGIXg_fAPJxsRLlMlw==
expires
Sat, 29 Mar 2025 06:14:45 GMT
fs0jq9ejs4TR2NLCc297
ok5static.oktacdn.com/fs/bco/7/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok5static.oktacdn.com/fs/bco/7/fs0jq9ejs4TR2NLCc297
Requested by
Host: sso.synchronyfinancial.com
URL: https://sso.synchronyfinancial.com/app/synchrony_tangoeprod2003247541_1/exk4uci3k7HcMiEl3297/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-65.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
12ec7b9b9aa802b42868fcbddceb7d9f341e71bdaa448d87ad76755ff0383168
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://sso.synchronyfinancial.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
date
Wed, 20 Mar 2024 07:53:20 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1743652
x-cache
Hit from cloudfront
content-length
1410530
last-modified
Wed, 21 Jun 2023 20:43:49 GMT
server
nginx
etag
"383e6c43441b9db04ef0f8664e53c192"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
eFlBQGCpz4MUL5GMx4e8FqvIZWcNchm37nZjUROu6wex_j9MIX7jyQ==
expires
Thu, 20 Mar 2025 07:53:20 GMT
proximanova-light-webfont.aba797dabec6686294a9.woff2
ok5static.oktacdn.com/assets/loginpage/font/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/loginpage/font/assets/proximanova-light-webfont.aba797dabec6686294a9.woff2
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-65.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
018930498a4b01e598099a6e45d7316d54c7b1411ce2b741a3b1f1b0ed4e578b
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ok5static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Origin
https://sso.synchronyfinancial.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1sum
28b8b4bd234dde07b7ee63a6d32c6f275f03eca1
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
date
Sun, 07 Apr 2024 06:35:15 GMT
x-amz-cf-pop
FRA60-P4
age
193169
x-cache
Hit from cloudfront
content-length
20052
last-modified
Tue, 07 Nov 2023 19:03:22 GMT
server
nginx
etag
"3bf194f33d52c87ea38f13e04fd41950"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
k3PFhWiCB1C_-wQB5XiJoH3uVqOBN1DQtDMs4S2QhOQhKIz5su00jw==
expires
Mon, 07 Apr 2025 06:34:43 GMT
proximanova-reg-webfont.353416ed0ff540352235.woff2
ok5static.oktacdn.com/assets/loginpage/font/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-65.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ok5static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Origin
https://sso.synchronyfinancial.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1sum
2b5fcd8431953c44e410d0489899e74f6d2cfecc
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
date
Mon, 01 Apr 2024 05:08:18 GMT
x-amz-cf-pop
FRA60-P4
age
716754
x-cache
Hit from cloudfront
content-length
20416
last-modified
Tue, 07 Nov 2023 19:01:45 GMT
server
nginx
etag
"d99a7377dabb55772ca9f986b0a04b57"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
GuWMk2lO1u2Z7dunjyS9xUlIQSInDo_7BX8G3QvWWqtSvatl_IS0Kw==
expires
Tue, 01 Apr 2025 05:08:18 GMT
login_de.json
ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/labels/json/ 		97 KB
98 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/labels/json/login_de.json
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/js/okta-sign-in.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-65.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
edebf09dc94cf40fba82c41f8379fd89fc6902185e14e0b6b9b026c71b5837e4
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
text/plain
accept
application/json
Referer
https://sso.synchronyfinancial.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 00:35:16 GMT
x-amz-meta-sha1sum
834b130ed61117a64a0fd1bded09305abe8eda75
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
FRA60-P4
age
733136
x-cache
Hit from cloudfront
content-length
99809
last-modified
Tue, 29 Nov 2022 18:49:24 GMT
server
nginx
etag
"790bee7f56ce5e215bf9265905863b09"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
mSiDl0ZnGafptLG2LsrtjsTi-81iPCpCM_DV31CNA6sqpWsgS8Brsw==
expires
Tue, 01 Apr 2025 00:35:16 GMT
country_de.json
ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/labels/json/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/labels/json/country_de.json
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/js/okta-sign-in.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-65.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
text/plain
accept
application/json
Referer
https://sso.synchronyfinancial.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:14:53 GMT
x-amz-meta-sha1sum
251dd1ccca4c80570aee52db71eed703ac579ad8
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
FRA60-P4
age
701959
x-cache
Hit from cloudfront
content-length
4805
last-modified
Tue, 29 Nov 2022 18:49:23 GMT
server
nginx
etag
"51bec6463b4f7c5a26ede1fd8ee067f8"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
yqTjHv9yzZ3s5NidilBcLkCFyOxWgpzAk41MfWS5i65pfigQNgssyQ==
expires
Tue, 01 Apr 2025 09:14:53 GMT
fs0jq9eeb9lLzw0AA297
ok5static.oktacdn.com/fs/bco/1/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok5static.oktacdn.com/fs/bco/1/fs0jq9eeb9lLzw0AA297
Requested by
Host: sso.synchronyfinancial.com
URL: https://sso.synchronyfinancial.com/signin/refresh-auth-state/00uva8BSWpKXnqAJjH5_Eu9lLR83JP9nspb3PkgDyn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-65.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
a93b7c4c717c45f99eaebe7cfc800f508be1d670cfe043bd18881922ada7db6e
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://sso.synchronyfinancial.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
date
Sun, 07 Apr 2024 14:57:12 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
163020
x-cache
Hit from cloudfront
content-length
5374
last-modified
Wed, 21 Jun 2023 20:43:49 GMT
server
nginx
etag
"06426e4b62d37fba636196762b93ab31"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
9T7R5V90x3sCcYxvZM-xbx_Hzd2UvvH_LasRsxpQ1gNfjTcv8hHWaA==
expires
Mon, 07 Apr 2025 14:57:12 GMT
iframe.html
login.okta.com/discovery/ Frame E72B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-107.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sso.synchronyfinancial.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Age
53607
Connection
keep-alive
Content-Length
451
Content-Type
text/html
Date
Mon, 08 Apr 2024 21:20:46 GMT
ETag
"cb4083f71191b66321c4e0310d0383ab"
Last-Modified
Mon, 25 Mar 2024 16:51:14 GMT
Server
AmazonS3
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
gEdtCiQth0XMMMRY-G6cfZwOaJizVulP9DZnbjodYS3cEznShjx_5w==
X-Amz-Cf-Pop
FRA56-P6
X-Cache
Hit from cloudfront
introspect
sso.synchronyfinancial.com/api/v1/authn/ 		807 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sso.synchronyfinancial.com/api/v1/authn/introspect
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/js/okta-sign-in.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.206.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-206-17.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9febe5227b7065d62c8333a3f69d34b51d15d271df7de2b672ba2aa02e510981
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Okta-User-Agent-Extended
okta-auth-js/6.9.0 okta-signin-widget-6.9.0
Accept-Language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
sec-ch-ua-platform-version
"10.0.0"
Referer
https://sso.synchronyfinancial.com/signin/refresh-auth-state/00uva8BSWpKXnqAJjH5_Eu9lLR83JP9nspb3PkgDyn
sec-ch-ua-platform
"Win32"

Response headers

x-okta-request-id
ZhUxFAqbJ-Leslyvehzq-wAADQI
Date
Tue, 09 Apr 2024 12:14:12 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
x-rate-limit-limit
2500
x-content-type-options
nosniff
Content-Encoding
gzip
x-rate-limit-remaining
2482
content-security-policy-report-only
default-src 'self' synchrony.okta.com sso.synchronyfinancial.com *.oktacdn.com; connect-src 'self' synchrony.okta.com synchrony-admin.okta.com sso.synchronyfinancial.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com synchrony.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' synchrony.okta.com sso.synchronyfinancial.com *.oktacdn.com; style-src 'unsafe-inline' 'self' synchrony.okta.com sso.synchronyfinancial.com *.oktacdn.com; frame-src 'self' synchrony.okta.com synchrony-admin.okta.com sso.synchronyfinancial.com login.okta.com; img-src 'self' synchrony.okta.com sso.synchronyfinancial.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' synchrony.okta.com sso.synchronyfinancial.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
pragma
no-cache
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
Vary
Accept-Encoding,Origin
Content-Type
application/json
access-control-allow-origin
https://sso.synchronyfinancial.com
x-rate-limit-reset
1712664898
access-control-allow-credentials
true
cache-control
no-cache, no-store
access-control-allow-headers
Content-Type
Keep-Alive
timeout=5, max=99
expires
0
proximanova-sbold-webfont.41acb8650115f83780fc.woff2
ok5static.oktacdn.com/assets/loginpage/font/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/loginpage/font/assets/proximanova-sbold-webfont.41acb8650115f83780fc.woff2
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-65.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ok5static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Origin
https://sso.synchronyfinancial.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1sum
dd4beda27e8057403b27d1276ca9d68902692615
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
date
Mon, 01 Apr 2024 05:08:17 GMT
x-amz-cf-pop
FRA60-P4
age
716755
x-cache
Hit from cloudfront
content-length
20328
last-modified
Tue, 07 Nov 2023 18:59:59 GMT
server
nginx
etag
"27429b092c0595aa8803b611bd7508f3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
WT0POO_qb-HJNV4uBw80PDdFYAOyvL02ik9q6zABnPS0tUund-IZFg==
expires
Tue, 01 Apr 2025 05:08:17 GMT
favicon.ico
sso.synchronyfinancial.com/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sso.synchronyfinancial.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.206.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-206-17.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://sso.synchronyfinancial.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 09 Apr 2024 12:14:12 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 30 Mar 2024 01:31:38 GMT
Server
nginx
etag
W/"5430-1711762298000"
Content-Type
image/x-icon
Connection
Keep-Alive
accept-ranges
bytes
X-Robots-Tag
noindex,nofollow
Keep-Alive
timeout=5, max=98
Content-Length
5430

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| regeneratorRuntime function| setImmediate function| clearImmediate function| jQueryCourage object| u2f function| OktaSignIn function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil object| config object| oktaSignIn object| OktaLogin object| jQBrowser

6 Cookies

Domain/Path Name / Value
sso.tangoe.com/ Name: PF
Value: ih8GGBkeU0sba67IRarsYW
sso.tangoe.com/ Name: TS01c15cb7
Value: 01909330c4e1eee8c728387f5938f65df84d43dfa50076b3283c045206ed5d8e4b8a7319f9402ef09d8a2313c61419c2fd14a2fc16a616b4e20c1a870978a6d993b252c9c4
sso.synchronyfinancial.com/ Name: t
Value: slate
sso.synchronyfinancial.com/ Name: DT
Value: DI1q0IIjjo4QNCBJm6AD3JZLg
sso.synchronyfinancial.com/ Name: JSESSIONID
Value: 51D62157F5F8BA760FC1D7758873D356
sso.synchronyfinancial.com/ Name: oktaStateToken
Value: 00uva8BSWpKXnqAJjH5_Eu9lLR83JP9nspb3PkgDyn