my.ny.gov
Open in
urlscan Pro
161.11.222.92
Public Scan
Effective URL: https://my.ny.gov/LoginV4/login.xhtml
Submission: On December 07 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 27th 2023. Valid for: a year.
This is the only time my.ny.gov was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 161.11.227.207 161.11.227.207 | 26854 (NYS) (NYS) | |
1 | 34.223.206.29 34.223.206.29 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 18.66.147.97 18.66.147.97 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 161.11.222.92 161.11.222.92 | 26854 (NYS) (NYS) | |
8 | 4 |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-206-29.us-west-2.compute.amazonaws.com
login.ny.gov |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-97.fra60.r.cloudfront.net
ok5static.oktacdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
ny.gov
2 redirects
www.cs.ny.gov — Cisco Umbrella Rank: 429353 login.ny.gov — Cisco Umbrella Rank: 86244 my.ny.gov — Cisco Umbrella Rank: 82046 |
182 KB |
4 |
oktacdn.com
ok5static.oktacdn.com — Cisco Umbrella Rank: 26060 |
249 KB |
8 | 2 |
Domain | Requested by | |
---|---|---|
4 | ok5static.oktacdn.com |
login.ny.gov
|
3 | my.ny.gov |
my.ny.gov
|
2 | www.cs.ny.gov | 2 redirects |
1 | login.ny.gov | |
8 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.ny.gov R3 |
2023-11-15 - 2024-02-13 |
3 months | crt.sh |
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-03 - 2024-01-02 |
a year | crt.sh |
*.ny.gov DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-03-27 - 2024-04-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://my.ny.gov/LoginV4/login.xhtml
Frame ID: 6F1A5A64C0EEC248007F5AAC1B17B2B6
Requests: 12 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.cs.ny.gov/elmspublic/secure/canvasses.cfm
HTTP 302
https://www.cs.ny.gov/elmspublic/secure/canvasses.cfm HTTP 302
https://login.ny.gov/oauth2/default/v1/authorize?response_type=code&scope=openid%20profile%20SM&c... Page URL
- https://my.ny.gov/LoginV4/login.xhtml Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.cs.ny.gov/elmspublic/secure/canvasses.cfm
HTTP 302
https://www.cs.ny.gov/elmspublic/secure/canvasses.cfm HTTP 302
https://login.ny.gov/oauth2/default/v1/authorize?response_type=code&scope=openid%20profile%20SM&client_id=0oa79d7y2yOZyNGJF297&state=-ZV7GCGkz0sv03xJc_e_7vhEUzA&redirect_uri=https%3A%2F%2Fwww.cs.ny.gov%2Fhome%2Fmyaccount%2Fsecure%2Fredirect&nonce=NrHTZtvK92mfOyAhGoOllqqBqkwn5Mn-tpxWBREdKSg Page URL
- https://my.ny.gov/LoginV4/login.xhtml Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.cs.ny.gov/elmspublic/secure/canvasses.cfm HTTP 302
- https://www.cs.ny.gov/elmspublic/secure/canvasses.cfm HTTP 302
- https://login.ny.gov/oauth2/default/v1/authorize?response_type=code&scope=openid%20profile%20SM&client_id=0oa79d7y2yOZyNGJF297&state=-ZV7GCGkz0sv03xJc_e_7vhEUzA&redirect_uri=https%3A%2F%2Fwww.cs.ny.gov%2Fhome%2Fmyaccount%2Fsecure%2Fredirect&nonce=NrHTZtvK92mfOyAhGoOllqqBqkwn5Mn-tpxWBREdKSg
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
authorize
login.ny.gov/oauth2/default/v1/ Redirect Chain
|
29 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.2ef93d9aedc4198ec425a799a371292d.js
ok5static.oktacdn.com/assets/js/ |
289 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.c280c95e9e8c971dad6d6dd597ab23f8.css
ok5static.oktacdn.com/assets/css/sections/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial-dark-blue-brand.d4ca51b5579d1772af159f12276beb72.gif
ok5static.oktacdn.com/assets/img/ui/indicators/ |
143 KB 144 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.474dce61acfac4a4d016921943cf2a68.js
ok5static.oktacdn.com/assets/js/app/sso/ |
678 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
login.xhtml
my.ny.gov/LoginV4/ |
11 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
084c043756ab20005ac16a6aa626d08e038407964abd5e1bdfb822558c43f8948b73158779a29370
my.ny.gov/TSPD/ |
425 KB 121 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
084c043756ab20005ac16a6aa626d08e038407964abd5e1bdfb822558c43f8948b73158779a29370
my.ny.gov/TSPD/ |
52 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
34 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
67 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
34 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
35 KB 0 |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture string| bobcmn string| failureConfig boolean| bEIi object| so6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.cs.ny.gov/ | Name: mod_auth_openidc_state_-ZV7GCGkz0sv03xJc_e_7vhEUzA Value: eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..KckNqsbcXf_CI2qW.6v24zrIi3FvE8uPSQ2RvNmDTJBp3bVl_sOTQoZVzJ3oouf87wS6MfIz7zUhmjuDvF3EcEgZYLeKqFT8H7lweGI6LYaPIe5ofbjhldAZ4ts40Gjn5nE_Q6gfo6UKQeIbKxao2o5pZchhDqmhzEAmVFYwNG0jpMgIvK4zbkyODu_UdYpO_t1w9LLjOzWef3Iu1WVARbRTcD73p95JqkAbtLx1r8nU4ok5MMY02ZtdyvMrmfrAuymdTdPpAUEN0xn1Xx2E3sDMv3BlIcSuNFaq7bu8VAz_kxm6plGx_Vkuz-YoQABLMIwXX-LuWDUF-mNGG4ZvNgvZ7SVbumyO6o5U1g-hJYes8Ci65dci-emr2A5X-PC3NsV5JzXRo8bF09isIwscswSLdYpArQrok-HGc6Di3wF3uhij5Gabxm82VNR7aMzU.12Z9-UuEcQH39Wq3KRnz0Q |
|
login.ny.gov/ | Name: JSESSIONID Value: BA2371F22890D6390354676998382F20 |
|
login.ny.gov/ | Name: t Value: default |
|
login.ny.gov/ | Name: DT Value: DI12Fp3VBhlSZm7CGPXK4SHJg |
|
my.ny.gov/ | Name: TS443d8d13029 Value: 084c043756ab2800273bc5dbdc7d6bf2764ed1d66434c0b650cb2b6cc27141a2a761fb422642edc687320d0aa62a022d |
|
my.ny.gov/ | Name: TS55d6f691027 Value: 084c043756ab200077bed92cd54b0ba046911a16b2471110d880e1fe03544eaa2afdc38da86d10190801055ce511300044bbe3669c2aed3e34d01140bf5d3804ac67fb13220f2d8c5b04ab30a3420f2b517e16dd1647730bfcfd8dc3d56e5030 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=315360000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.ny.gov
my.ny.gov
ok5static.oktacdn.com
www.cs.ny.gov
161.11.222.92
161.11.227.207
18.66.147.97
34.223.206.29
05ddd5e99229b89ba5d3e8be2722b31635e94fcff2423ea4c42ef4e1881a398d
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
3911e7c9d421c5b4435541e78ea1ea99b9975249fe7dc21cddad7418e666be02
43e51f129fb6eb0f52aee5fb4857f14796f9a5b38e66f445658db1ac1fb7298e
552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3
60d20c34efdd7103c273f54369cfc42c6d0a39126ce22298f2d31924b4ca5a56
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
7ba90caa1a517ef28ff478ec64c14850a31537935ef6587cef87e4ca544cdf8a
d952fafe2ace405711d16dd5b78225162c199fffc0132fb1d85b612b629c5e22
e05e339f75ae22ad482eaa2968e62e4d63258cc7da522c0216730b4b6b8356c3