urlscan.io logo urlscan.io
SecurityTrails logo

frbanks-ext.okta.com Open in urlscan Pro
3.15.36.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.supervisioncentral.org/banker/
Effective URL: https://frbanks-ext.okta.com/oauth2/aus57kwleaSzVZZhU4h6/v1/authorize?response_type=id_token%20token&client_id=c23db094f3ae4d...
Submission: On March 08 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 3.15.36.226, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is frbanks-ext.okta.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 1st 2021. Valid for: a year.
This is the only time frbanks-ext.okta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2a02:26f0:710... 20940 (AKAMAI-ASN1)
3 3.15.36.226 16509 (AMAZON-02)
3 18.66.112.88 ()
15 4
Domain Requested by
8 www.supervisioncentral.org www.supervisioncentral.org
3 ok10static.oktacdn.com frbanks-ext.okta.com
3 frbanks-ext.okta.com www.supervisioncentral.org
frbanks-ext.okta.com
15 3

This site contains no links.

Subject Issuer Validity Valid
service.fedexchange-api.supervisioncentral.org
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
*.okta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-05-02		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-22 -
2023-01-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://frbanks-ext.okta.com/oauth2/aus57kwleaSzVZZhU4h6/v1/authorize?response_type=id_token%20token&client_id=c23db094f3ae4d648574fee6e4be06e5&state=U2lVMnpESzRBcTRvdG5yakhUNy55M3RBNk1xY19VcUt6STdfR2dPU1BYQnM1&redirect_uri=https%3A%2F%2Fwww.supervisioncentral.org%2Fbanker%2F&scope=openid&nonce=U2lVMnpESzRBcTRvdG5yakhUNy55M3RBNk1xY19VcUt6STdfR2dPU1BYQnM1
Frame ID: 2D8DB8E9BF6FC05917A771E189689EF1
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.supervisioncentral.org/banker/ Page URL
  2. https://frbanks-ext.okta.com/oauth2/aus57kwleaSzVZZhU4h6/v1/authorize?response_type=id_token%20token&clie... Page URL

Page Statistics

15
Requests

93 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

4433 kB
Transfer

6035 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.supervisioncentral.org/banker/ Page URL
  2. https://frbanks-ext.okta.com/oauth2/aus57kwleaSzVZZhU4h6/v1/authorize?response_type=id_token%20token&client_id=c23db094f3ae4d648574fee6e4be06e5&state=U2lVMnpESzRBcTRvdG5yakhUNy55M3RBNk1xY19VcUt6STdfR2dPU1BYQnM1&redirect_uri=https%3A%2F%2Fwww.supervisioncentral.org%2Fbanker%2F&scope=openid&nonce=U2lVMnpESzRBcTRvdG5yakhUNy55M3RBNk1xY19VcUt6STdfR2dPU1BYQnM1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.supervisioncentral.org/banker/ 		619 B
841 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.supervisioncentral.org/banker/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:2490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
df948db9eaaeae19e2bb7f6ea06df109867dcd96b8fa5a43c1f092c4a82d823e
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
content-length
619
server
nginx/1.19.0
last-modified
Sat, 26 Feb 2022 02:55:36 GMT
etag
"621996a8-26b"
accept-ranges
bytes
date
Tue, 08 Mar 2022 17:40:31 GMT
strict-transport-security
max-age=86400
styles.bb6c3f28dfdae8379a50.css
www.supervisioncentral.org/banker/ 		328 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.supervisioncentral.org/banker/styles.bb6c3f28dfdae8379a50.css
Requested by
Host: www.supervisioncentral.org
URL: https://www.supervisioncentral.org/banker/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:2490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
b88998957e03fd99109b374eaacf562c3fd9ce2fcec70434683c871350f36891
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.supervisioncentral.org/banker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 17:40:32 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 15:13:38 GMT
server
nginx/1.19.0
etag
"620a71a2-52165"
vary
Accept-Encoding
content-type
text/css
strict-transport-security
max-age=86400
accept-ranges
bytes
runtime.af926895becd2bb7ee74.js
www.supervisioncentral.org/banker/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.supervisioncentral.org/banker/runtime.af926895becd2bb7ee74.js
Requested by
Host: www.supervisioncentral.org
URL: https://www.supervisioncentral.org/banker/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:2490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
194c8bad02142a043102df810e59e59e342bc83ac3a98a7f607e77e134928e23
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.supervisioncentral.org/banker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 17:40:32 GMT
last-modified
Mon, 14 Feb 2022 15:13:38 GMT
server
nginx/1.19.0
etag
"620a71a2-97d"
strict-transport-security
max-age=86400
content-type
application/javascript
accept-ranges
bytes
content-length
2429
polyfills.fecda6f08001f936bc42.js
www.supervisioncentral.org/banker/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.supervisioncentral.org/banker/polyfills.fecda6f08001f936bc42.js
Requested by
Host: www.supervisioncentral.org
URL: https://www.supervisioncentral.org/banker/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:2490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
683d025970d354c61840a60d218cf788004acb6fdec330dc3bee41374f2a23a6
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.supervisioncentral.org/banker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 17:40:32 GMT
last-modified
Mon, 14 Feb 2022 15:13:38 GMT
server
nginx/1.19.0
etag
"620a71a2-8ffe"
strict-transport-security
max-age=86400
content-type
application/javascript
accept-ranges
bytes
content-length
36862
main.1506b321b412b891b0ea.js
www.supervisioncentral.org/banker/ 		4 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.supervisioncentral.org/banker/main.1506b321b412b891b0ea.js
Requested by
Host: www.supervisioncentral.org
URL: https://www.supervisioncentral.org/banker/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:2490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
032918ca49caf08ce961c41fa57b6eec8b858ea911f1b5b4eb940462a31026af
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.supervisioncentral.org/banker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 17:40:32 GMT
last-modified
Mon, 14 Feb 2022 15:13:38 GMT
server
nginx/1.19.0
etag
"620a71a2-394fa2"
strict-transport-security
max-age=86400
content-type
application/javascript
accept-ranges
bytes
content-length
3755938
main-menu.json
www.supervisioncentral.org/banker/assets/config/ 		42 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.supervisioncentral.org/banker/assets/config/main-menu.json
Requested by
Host: www.supervisioncentral.org
URL: https://www.supervisioncentral.org/banker/polyfills.fecda6f08001f936bc42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:2490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
f344b7c6fa7b222112b3a3479b183532efe2a3c90baffaaa2575245eed16ae10
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.supervisioncentral.org/banker/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 17:41:00 GMT
last-modified
Mon, 14 Feb 2022 15:13:39 GMT
server
nginx/1.19.0
etag
"620a71a3-2a"
strict-transport-security
max-age=86400
content-type
application/json
accept-ranges
bytes
content-length
42
app-config.json
www.supervisioncentral.org/banker/assets/config/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.supervisioncentral.org/banker/assets/config/app-config.json?cache=1646761260269
Requested by
Host: www.supervisioncentral.org
URL: https://www.supervisioncentral.org/banker/polyfills.fecda6f08001f936bc42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:2490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
af421409315da4632adff053c833dc74073601a10240d3a34fb6fad7d73f583a
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.supervisioncentral.org/banker/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 17:41:00 GMT
last-modified
Fri, 25 Feb 2022 15:45:32 GMT
server
nginx/1.19.0
etag
"6218f99c-50b"
strict-transport-security
max-age=86400
content-type
application/json
accept-ranges
bytes
content-length
1291
fa-solid-900.7d49f26e261fa35ed52a.woff2
www.supervisioncentral.org/banker/ 		115 KB
115 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.supervisioncentral.org/banker/fa-solid-900.7d49f26e261fa35ed52a.woff2
Requested by
Host: www.supervisioncentral.org
URL: https://www.supervisioncentral.org/banker/styles.bb6c3f28dfdae8379a50.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:2490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
5538a328926c9517ffb8670fccce94f6137d58c21ff4b10ecd772abfa16a012b
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.supervisioncentral.org/banker/styles.bb6c3f28dfdae8379a50.css
Origin
https://www.supervisioncentral.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 17:41:00 GMT
last-modified
Mon, 14 Feb 2022 15:13:38 GMT
server
nginx/1.19.0
etag
"620a71a2-1cb20"
strict-transport-security
max-age=86400
content-type
font/woff2
accept-ranges
bytes
content-length
117536
openid-configuration
frbanks-ext.okta.com/oauth2/aus57kwleaSzVZZhU4h6/.well-known/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://frbanks-ext.okta.com/oauth2/aus57kwleaSzVZZhU4h6/.well-known/openid-configuration
Requested by
Host: www.supervisioncentral.org
URL: https://www.supervisioncentral.org/banker/polyfills.fecda6f08001f936bc42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.36.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-36-226.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0b4fb84a768236c67c4ffdc0325ac8cde003ea60677ef81f2b11f4994cb97c8a
Security Headers
Name Value
Content-Security-Policy default-src 'self' frbanks-ext.okta.com *.oktacdn.com; connect-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com frbanks-ext.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' frbanks-ext.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' frbanks-ext.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com login.okta.com; img-src 'self' frbanks-ext.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' frbanks-ext.okta.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.supervisioncentral.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-okta-request-id
YieVLScBeViH2hdLblXwMgAADB8
date
Tue, 08 Mar 2022 17:41:01 GMT
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' frbanks-ext.okta.com *.oktacdn.com; connect-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com frbanks-ext.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' frbanks-ext.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' frbanks-ext.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com login.okta.com; img-src 'self' frbanks-ext.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' frbanks-ext.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
p3p
CP="HONK"
vary
Origin
x-xss-protection
0
server
nginx
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
strict-transport-security
max-age=315360000; includeSubDomains
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
https://www.supervisioncentral.org
cache-control
max-age=86400, must-revalidate
access-control-allow-credentials
true
content-security-policy
default-src 'self' frbanks-ext.okta.com *.oktacdn.com; connect-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com frbanks-ext.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' frbanks-ext.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' frbanks-ext.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com login.okta.com; img-src 'self' frbanks-ext.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' frbanks-ext.okta.com data: *.oktacdn.com fonts.gstatic.com
content-type
application/json
expires
Wed, 09 Mar 2022 17:41:01 GMT
keys
frbanks-ext.okta.com/oauth2/aus57kwleaSzVZZhU4h6/v1/ 		462 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://frbanks-ext.okta.com/oauth2/aus57kwleaSzVZZhU4h6/v1/keys
Requested by
Host: www.supervisioncentral.org
URL: https://www.supervisioncentral.org/banker/polyfills.fecda6f08001f936bc42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.36.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-36-226.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' frbanks-ext.okta.com *.oktacdn.com; connect-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com frbanks-ext.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' frbanks-ext.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' frbanks-ext.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com login.okta.com; img-src 'self' frbanks-ext.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' frbanks-ext.okta.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.supervisioncentral.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-okta-request-id
YieVLScLq@n8ljeFvmn6YwAABE8
date
Tue, 08 Mar 2022 17:41:01 GMT
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' frbanks-ext.okta.com *.oktacdn.com; connect-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com frbanks-ext.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' frbanks-ext.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' frbanks-ext.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com login.okta.com; img-src 'self' frbanks-ext.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' frbanks-ext.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
p3p
CP="HONK"
vary
Origin
x-xss-protection
0
server
nginx
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
strict-transport-security
max-age=315360000; includeSubDomains
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
https://www.supervisioncentral.org
cache-control
max-age=2020787, must-revalidate
access-control-allow-credentials
true
content-security-policy
default-src 'self' frbanks-ext.okta.com *.oktacdn.com; connect-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com frbanks-ext.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' frbanks-ext.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' frbanks-ext.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com login.okta.com; img-src 'self' frbanks-ext.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' frbanks-ext.okta.com data: *.oktacdn.com fonts.gstatic.com
content-type
application/json
expires
Fri, 01 Apr 2022 03:00:48 GMT
Primary Request authorize
frbanks-ext.okta.com/oauth2/aus57kwleaSzVZZhU4h6/v1/ 		16 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://frbanks-ext.okta.com/oauth2/aus57kwleaSzVZZhU4h6/v1/authorize?response_type=id_token%20token&client_id=c23db094f3ae4d648574fee6e4be06e5&state=U2lVMnpESzRBcTRvdG5yakhUNy55M3RBNk1xY19VcUt6STdfR2dPU1BYQnM1&redirect_uri=https%3A%2F%2Fwww.supervisioncentral.org%2Fbanker%2F&scope=openid&nonce=U2lVMnpESzRBcTRvdG5yakhUNy55M3RBNk1xY19VcUt6STdfR2dPU1BYQnM1
Requested by
Host: www.supervisioncentral.org
URL: https://www.supervisioncentral.org/banker/main.1506b321b412b891b0ea.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.36.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-36-226.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
95f8ae324380494f7d6220c3cd0263deb759c5c71310da05b36c6a78ebabfd6e
Security Headers
Name Value
Content-Security-Policy default-src 'self' frbanks-ext.okta.com *.oktacdn.com; connect-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com frbanks-ext.kerberos.okta.com frbanks-ext.mtls.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' frbanks-ext.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' frbanks-ext.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com login.okta.com; img-src 'self' frbanks-ext.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' frbanks-ext.okta.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.supervisioncentral.org/

Response headers

date
Tue, 08 Mar 2022 17:41:01 GMT
content-type
text/html;charset=utf-8
server
nginx
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
vary
Accept-Encoding
x-okta-request-id
YieVLacQVIfxneVyrUA72QAACx8
x-xss-protection
0
p3p
CP="HONK"
x-rate-limit-limit
1200
x-rate-limit-remaining
1184
x-rate-limit-reset
1646761313
content-security-policy-report-only
default-src 'self' frbanks-ext.okta.com *.oktacdn.com; connect-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com frbanks-ext.kerberos.okta.com frbanks-ext.mtls.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' frbanks-ext.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' frbanks-ext.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com login.okta.com; img-src 'self' frbanks-ext.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' frbanks-ext.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'; report-uri https://okta.report-uri.com/r/d/csp/reportOnly; report-to csp
content-security-policy
default-src 'self' frbanks-ext.okta.com *.oktacdn.com; connect-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com frbanks-ext.kerberos.okta.com frbanks-ext.mtls.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' frbanks-ext.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' frbanks-ext.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' frbanks-ext.okta.com frbanks-ext-admin.okta.com login.okta.com; img-src 'self' frbanks-ext.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' frbanks-ext.okta.com data: *.oktacdn.com fonts.gstatic.com
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
referrer-policy
no-referrer
cache-control
no-cache, no-store
pragma
no-cache
expires
0
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://okta.report-uri.com/a/d/g"}],"include_subdomains":true}
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-ua-compatible
IE=edge
content-language
de
strict-transport-security
max-age=315360000; includeSubDomains
x-robots-tag
noindex,nofollow
content-encoding
gzip
okta-sign-in.min.js
ok10static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.0.1/js/ 		2 MB
484 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok10static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.0.1/js/okta-sign-in.min.js
Requested by
Host: frbanks-ext.okta.com
URL: https://frbanks-ext.okta.com/oauth2/aus57kwleaSzVZZhU4h6/v1/authorize?response_type=id_token%20token&client_id=c23db094f3ae4d648574fee6e4be06e5&state=U2lVMnpESzRBcTRvdG5yakhUNy55M3RBNk1xY19VcUt6STdfR2dPU1BYQnM1&redirect_uri=https%3A%2F%2Fwww.supervisioncentral.org%2Fbanker%2F&scope=openid&nonce=U2lVMnpESzRBcTRvdG5yakhUNy55M3RBNk1xY19VcUt6STdfR2dPU1BYQnM1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.88 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 04:16:23 GMT
content-encoding
gzip
vary
Accept-Encoding
age
566678
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Mar 2022 03:58:02 GMT
server
nginx
etag
W/"fa1f453e0d61cf50307e2407c990350b"
strict-transport-security
max-age=315360000; includeSubDomains
content-type
application/javascript
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
8adOXlHRC1i_pfBcxYmVIERtjsHdVsyFBL4eNHgPkoEL15caBohRSg==
expires
Thu, 02 Mar 2023 04:16:23 GMT
okta-sign-in.min.css
ok10static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.0.1/css/ 		211 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok10static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.0.1/css/okta-sign-in.min.css
Requested by
Host: frbanks-ext.okta.com
URL: https://frbanks-ext.okta.com/oauth2/aus57kwleaSzVZZhU4h6/v1/authorize?response_type=id_token%20token&client_id=c23db094f3ae4d648574fee6e4be06e5&state=U2lVMnpESzRBcTRvdG5yakhUNy55M3RBNk1xY19VcUt6STdfR2dPU1BYQnM1&redirect_uri=https%3A%2F%2Fwww.supervisioncentral.org%2Fbanker%2F&scope=openid&nonce=U2lVMnpESzRBcTRvdG5yakhUNy55M3RBNk1xY19VcUt6STdfR2dPU1BYQnM1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.88 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b4fc54d50050569b1d8681f13fb572e544c4caa844528184ea52b40c00bb38f4
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 04:16:23 GMT
content-encoding
gzip
vary
Accept-Encoding
age
566677
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Mar 2022 03:57:53 GMT
server
nginx
etag
W/"24ca9f27c2dd9e2cfc2195627c1c1130"
strict-transport-security
max-age=315360000; includeSubDomains
content-type
text/css
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
SxCyRMR9JDC0OUI-27exdiPr13jpUC0uZ-OxmxEZ0UuXiXmcyyCaNQ==
expires
Thu, 02 Mar 2023 04:16:23 GMT
loginpage-theme.fe35d60e3e7ac95814eda9241d23b189.css
ok10static.oktacdn.com/assets/loginpage/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok10static.oktacdn.com/assets/loginpage/css/loginpage-theme.fe35d60e3e7ac95814eda9241d23b189.css
Requested by
Host: frbanks-ext.okta.com
URL: https://frbanks-ext.okta.com/oauth2/aus57kwleaSzVZZhU4h6/v1/authorize?response_type=id_token%20token&client_id=c23db094f3ae4d648574fee6e4be06e5&state=U2lVMnpESzRBcTRvdG5yakhUNy55M3RBNk1xY19VcUt6STdfR2dPU1BYQnM1&redirect_uri=https%3A%2F%2Fwww.supervisioncentral.org%2Fbanker%2F&scope=openid&nonce=U2lVMnpESzRBcTRvdG5yakhUNy55M3RBNk1xY19VcUt6STdfR2dPU1BYQnM1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.88 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
df2efa3d33999fae1714ea840f8bdef8cdafe1813c4f2470edf625c13b7d3495
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
etag
W/"fe35d60e3e7ac95814eda9241d23b189"
age
678650
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 03 Aug 2021 17:07:30 GMT
server
nginx
date
Mon, 28 Feb 2022 21:10:11 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
Cmq7o1A2fUNkCQymFwIQnx640O6m7OVx0qUrosEzCk_KtNiBbOXROg==
expires
Tue, 28 Feb 2023 21:10:11 GMT
style-sheet
frbanks-ext.okta.com/api/internal/brand/theme/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
frbanks-ext.okta.com
URL
https://frbanks-ext.okta.com/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=28d025743b8fc0765a7cfe4c08fdf2a9

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

1 Cookies

Domain/Path Name / Value
www.supervisioncentral.org/ Name: cookiesession1
Value: 678A3E12345E4FE204C9BA935E8B8C17

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400