logon.mykpa.com
Open in
urlscan Pro
205.209.56.178
Public Scan
Effective URL: https://logon.mykpa.com/identity/login?signin=c9222fee0d216b6f98212a445afc8440
Submission: On May 13 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 11th 2022. Valid for: a year.
This is the only time logon.mykpa.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 205.209.56.180 205.209.56.180 | 29863 (DATABANK-...) (DATABANK-LATISYS) | |
1 10 | 205.209.56.178 205.209.56.178 | 29863 (DATABANK-...) (DATABANK-LATISYS) | |
3 | 2606:4700::68... 2606:4700::6812:1634 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 2606:4700::68... 2606:4700::6810:7caf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd | 15133 (EDGECAST) (EDGECAST) | |
2 | 13.69.106.88 13.69.106.88 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
19 | 8 |
ASN29863 (DATABANK-LATISYS, US)
PTR: 205-209-56-180.static.data393.net
www.mykpaonline.com |
ASN29863 (DATABANK-LATISYS, US)
PTR: 205-209-56-178.static.data393.net
logon.mykpa.com |
ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
mykpa.com
1 redirects
logon.mykpa.com — Cisco Umbrella Rank: 477040 |
199 KB |
3 |
fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 5088 |
170 KB |
2 |
visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 827 |
304 B |
2 |
mykpaonline.com
2 redirects
www.mykpaonline.com — Cisco Umbrella Rank: 452900 |
3 KB |
1 |
msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 1925 |
22 KB |
1 |
gstatic.com
fonts.gstatic.com |
44 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46 |
1 KB |
1 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 910 |
47 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 660 |
29 KB |
19 | 9 |
Domain | Requested by | |
---|---|---|
10 | logon.mykpa.com |
1 redirects
logon.mykpa.com
|
3 | pro.fontawesome.com |
logon.mykpa.com
pro.fontawesome.com |
2 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
2 | www.mykpaonline.com | 2 redirects |
1 | az416426.vo.msecnd.net |
logon.mykpa.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
logon.mykpa.com
|
1 | unpkg.com |
logon.mykpa.com
|
1 | code.jquery.com |
logon.mykpa.com
|
19 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.verasuite.com |
support.kpaonline.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.mykpa.com Sectigo RSA Domain Validation Secure Server CA |
2022-02-11 - 2023-02-06 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-01 - 2023-01-01 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-02 - 2022-07-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-04-25 - 2022-07-18 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-04-25 - 2022-07-18 |
3 months | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2021-08-06 - 2022-08-06 |
a year | crt.sh |
in.applicationinsights.azure.com Microsoft RSA TLS CA 01 |
2022-05-07 - 2023-05-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://logon.mykpa.com/identity/login?signin=c9222fee0d216b6f98212a445afc8440
Frame ID: 839CE60A51A30D79EB6B8E515A536401
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
KPA Online PortalPage URL History Show full URLs
-
https://www.mykpaonline.com/GetDocument.axd?DocumentId=3442&AccountId=28376
HTTP 302
https://www.mykpaonline.com/Login.aspx?returnUrl=%2FGetDocument.axd%3FDocumentId%3D3442%26AccountId%3D28376 HTTP 302
https://logon.mykpa.com/identity/connect/authorize?client_id=mko&redirect_uri=https%3a%2f%2fwww.mykp... HTTP 302
https://logon.mykpa.com/identity/login?signin=c9222fee0d216b6f98212a445afc8440 Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- googleapis\.com/.+webfont
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Forgot Username
Search URL Search Domain Scan URL
Title: Forgot Password
Search URL Search Domain Scan URL
Title: Need help with sign in?
Search URL Search Domain Scan URL
Title: Employee ID Registration
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.mykpaonline.com/GetDocument.axd?DocumentId=3442&AccountId=28376
HTTP 302
https://www.mykpaonline.com/Login.aspx?returnUrl=%2FGetDocument.axd%3FDocumentId%3D3442%26AccountId%3D28376 HTTP 302
https://logon.mykpa.com/identity/connect/authorize?client_id=mko&redirect_uri=https%3a%2f%2fwww.mykpaonline.com%2fLogin.aspx&response_mode=form_post&response_type=id_token+token&scope=openid+profile+email+roles+kpa_platform_api&state=OpenIdConnect.AuthenticationProperties%3dg5PLoESlDALeU4Ann-c21xcvoSQZDbY5-Zcj77Y9S6NAHRfZ2HAyP4VFqT0rXPs588-NW2S-Jh0MOnqo_wPej1r6LwLl-gyAcnN8tL5htXOadQI1I-WyRSg9ZGm5O9LMBkckXCQDx0n8_OiSzN4D49kqVSij0730j47kaofF2hw8MO1Fy6nXxTp2rBImrLQfQdSnqUy94ThVkS5QoDW0kkY9uB_83naBdgvEAtQiEZWejTpM&nonce=637880632331723798.ZDdkOTQ4YjEtMjJjNy00OWRhLWIwMzItNTU2NjgyZDZlMjY1ZDZjNjIzNWEtMGRlMC00MWZmLWJiMTAtOTg3ODNmYzdjNjhj&x-client-SKU=ID_NET&x-client-ver=1.0.40306.1554 HTTP 302
https://logon.mykpa.com/identity/login?signin=c9222fee0d216b6f98212a445afc8440 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
logon.mykpa.com/identity/ Redirect Chain
|
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
report
logon.mykpa.com/identity/csp/ |
0 230 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light.css
pro.fontawesome.com/releases/v5.8.1/css/ |
618 B 745 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.css
pro.fontawesome.com/releases/v5.8.1/css/ |
76 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
material-components-web.css
logon.mykpa.com/Content/ |
82 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
logon.mykpa.com/Content/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.4.min.js
code.jquery.com/ |
84 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
material-components-web.min.js
unpkg.com/material-components-web@1.1.1/dist/ |
463 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
logon.mykpa.com/Scripts/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
page-login.css
logon.mykpa.com/Content/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
page-login.js
logon.mykpa.com/Scripts/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
logon.mykpa.com/Content/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
diamonds.png
logon.mykpa.com/Content/ |
166 KB 166 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-light-300.woff2
pro.fontawesome.com/releases/v5.8.1/webfonts/ |
153 KB 154 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 304 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery object| mdc object| appInsights object| AI object| Microsoft function| __extends function| _endsWith6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
logon.mykpa.com/identity | Name: SignInMessage.c9222fee0d216b6f98212a445afc8440 Value: fcI_2YmIfdDJs736irPhMOLBHg25GC7SneDslDd3UV4SepDlh8AT4X3mVXl0AhsLIC3J7uOOGyyRAIG2G2a1LjH5W1iNW8f4x9RYbMoZsfK6ufn2NeYXZwp58yxzB6uKo5GVzbBPytUAgr6Ax_hvBz3HeFHbcpCkr-QF_AEgC7b5S6sXrWSNN-wwCqoIF-9j9mQQkpZMqzXidlhHD7l6MndonBIMPtIZFuaeDZS2aqR35brf8hAhMgMp1VrGZc1oriAdDZ6_iCLGAaFjw13IDo5k9qGlRHlpFnY_-uVkdi5HBlVG3as75uQgL7xoKaORorMR8U_3k6Cj092oHwPKPko5QKJV12u3JicRc8F1Bfok1E4WnXocf6LRrvHQnMFLqwK-u3rPSXRYmIP7pZWYf0noncXfEwSCp-HD_1klnjjey079uAaR7xoClKRHgsbrGTOOGD_pcJtO0rXxp9g3wVNGcBRdoc6wbKGkIo8MdfsfxyME8m0Iqr9qQHkzvABQflx85B0WMDURCgogmfuAsaBS6QoazkvwVYQl0CRQnHXOaO5nrWBWHPivAP7u3qkn3qVVrCHSAe87ZSJGqqPw4B2ZQCasd1SAAOuvVGZ6eDz-DoHmDQee3PziJrndBz8ymwDbI39_FXQC-VCM8gGb8j532s5OcffIEE8HL-is1scG9iXgGGDftUmsNTW9N_WCbpBVklueWcmz_C9qzQ0ImTB_Jc-2Q7tdkXN53L1e_2mJ9f0HXADmGcY0YGl3_wYD4lthNQ_MpYG9sX4pXuNFd9VLXxSmhacta2P5hcT2MHFEl7_ggJPIhcAvZVsw2TzkN86QXWrGa7frhbN4nojK2a4YbSNje0kVS2eCms3Xim6oVdpGpOE3jCKvhI2WglXWVRRFF6ts4diDO74TXHsCpJhUefkYdEvUjTc3vuj22bFJHGPFSgTUYt2kSe9wYOPOWetFOBYFy-RVVgJ3e-O8CA_iQ6F0lHKHjiAj8XsqasXdahXekTogytOXsEKjeL3ZWIRv36JZt6JqmV36D-2gJfcsndNuhZ8Rv-Ex7oBmB15kDxqRDTv1ARJb-ioO17mnHrP9Tw |
|
logon.mykpa.com/identity | Name: idsrv.xsrf Value: EJusmRibnX6qsh7YWc6qjcEa3yGjtb9Lu9qUZVtqj_V1AYnelGCTuceOdgoDb8jz6GE6cQHaMsDmrE5cZqzZmXqvz-E |
|
www.mykpaonline.com/ | Name: ASP.NET_SessionId Value: 34zwsk2xz3bvopbednscipan |
|
www.mykpaonline.com/ | Name: OpenIdConnect.nonce.0uwM1gQoPPNgJM%2FPNGnKYs2Ch0%2FX%2Ba7i2%2BAtwfXDXV8%3D Value: U1BiX2VHVDdxVFVlcHplYjVKdTZkRXFxUllYN1ZrUUF4bzhBc3ZNOTcxQWNTQldjd1JJamd2bjlXYzNQbjg1bjdGQ3Z4NnFZQzZGVGtkQVoxNkhNZkl0WFloLTBXREpqLU1UOWU0R1FWUzdVSkJXd3AxbWF2bEltX01lYTFsc0Vic2dsemVRamJwT0RGcWticGFWRnNPODg0ZjQ2N1hva3ozZF8wUHlzMGlkVW5OZF82NENqYVJLRFd1akdFYjR3NmliUkNEWXZYQXgzZEpaOFVZQ0NOOU4wSU80 |
|
logon.mykpa.com/ | Name: ai_user Value: HHV9x|2022-05-13T18:27:13.547Z |
|
logon.mykpa.com/ | Name: ai_session Value: BP2x8|1652466434050.5|1652466434050.5 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; script-src 'self' 'self' unpkg.com code.jquery.com az416426.vo.msecnd.net; style-src 'self' 'unsafe-inline' 'self' fonts.googleapis.com unpkg.com pro.fontawesome.com; img-src *; font-src 'self' fonts.gstatic.com pro.fontawesome.com;connect-src 'self' dc.services.visualstudio.com; report-uri https://logon.mykpa.com/identity/csp/report |
X-Content-Security-Policy | default-src 'self'; script-src 'self' 'self' unpkg.com code.jquery.com az416426.vo.msecnd.net; style-src 'self' 'unsafe-inline' 'self' fonts.googleapis.com unpkg.com pro.fontawesome.com; img-src *; font-src 'self' fonts.gstatic.com pro.fontawesome.com;connect-src 'self' dc.services.visualstudio.com; report-uri https://logon.mykpa.com/identity/csp/report |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
az416426.vo.msecnd.net
code.jquery.com
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
logon.mykpa.com
pro.fontawesome.com
unpkg.com
www.mykpaonline.com
13.69.106.88
2001:4de0:ac18::1:a:1a
205.209.56.178
205.209.56.180
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6810:7caf
2606:4700::6812:1634
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
042c2ec0c449e1f99f1f16d17bcb389f04fdb0c7dc9b4c4012d7d54bf4956406
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
47b2e2e4c61fcab7a08aaecd3dfcb9bb9058c8ef60604a06b1ba99620c2ef8e0
51869a198d7446a3eef176bd266a8e007d13f089834a1eea9f65f01161263fd5
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5372f8fb1e8a57c2752059c5b0517d0dbaa7aad5c7c43a8a1c37f207e1b612e3
558c1708821688922a35f8105bc9b840a73ae02165d0016746c71741ab48128d
77d4443c370fb7376f3c5d0bff46a5c38d9f6933c66a7d6dd20c6ad0d97a9a03
826b0c073e4e0c04933b6a1ea5c599e3636bec5450b0dc0375f97465a3c63fb9
882cb8b8880173d60d4f8be36bd7af75261d47ecd59d88b28dadfe1505976599
899e9fb5b59e8cfe2dbc2b271d19891af2240702eeaa35eb2bf6ff2374335cc9
9417a12e5969c3156a51163796e69bae23d6296cc57729986f43dffd666cf15b
97a4a3a1fe760e09b2d46feb83d5add3a0e426b62c655c1f12a861c90e2e738d
9dcf7d69c8ff2aea6350ce996f952c9e7d8359a17c51d131ef0135b29aa711b6
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
b5b598139942c0cb8df3c41519bf6eacba39e2dae849e6c36e723c2da04c16e3
d98fd5f5353a6d0fc940cd0d1adcecb3023b9062155ca688c99189d63d6d3329
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855