Submitted URL: https://sso.pilot1.kyid.ky.gov/
Effective URL: https://sso.pilot1.kyid.ky.gov/login/
Submission: On November 03 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 31 HTTP transactions. The main IP is 34.49.236.178, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is sso.pilot1.kyid.ky.gov.
TLS certificate: Issued by WR3 on November 3rd 2024. Valid for: 3 months.
This is the only time sso.pilot1.kyid.ky.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 34.49.236.178 396982 (GOOGLE-CL...)
3 2400:52e0:1e0... 60068 (CDN77 _)
1 205.204.197.26 10921 (KIHNETWORK)
3 18.244.18.57 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
31 7
Apex Domain
Subdomains
Transfer
22 ky.gov
sso.pilot1.kyid.ky.gov
kog.chfs.ky.gov — Cisco Umbrella Rank: 238962
3 MB
3 oktacdn.com
ok10static.oktacdn.com — Cisco Umbrella Rank: 24069
121 KB
3 bunny.net
fonts.bunny.net — Cisco Umbrella Rank: 10663
33 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
971 B
1 gstatic.com
www.gstatic.com
217 KB
0 withgoogle.com Failed
csp.withgoogle.com Failed
31 6
Domain Requested by
21 sso.pilot1.kyid.ky.gov 1 redirects sso.pilot1.kyid.ky.gov
3 ok10static.oktacdn.com
3 fonts.bunny.net sso.pilot1.kyid.ky.gov
fonts.bunny.net
2 www.google.com sso.pilot1.kyid.ky.gov
www.gstatic.com
1 www.gstatic.com www.google.com
1 kog.chfs.ky.gov
0 csp.withgoogle.com Failed
31 7

This site contains links to these domains. Also see Links.

Domain
ide.kog.ky.gov
dev.kog.ky.gov
www.kentucky.gov
kentucky.gov
Subject Issuer Validity Valid
openam-kyid-pilot1.forgeblocks.com
WR3
2024-11-03 -
2025-02-01
3 months crt.sh
fonts.bunny.net
R10
2024-10-02 -
2024-12-31
3 months crt.sh
kog.chfs.ky.gov
Entrust Certification Authority - L1K
2024-08-22 -
2025-09-22
a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-15 -
2025-01-02
a year crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 2 frames:

Primary Page: https://sso.pilot1.kyid.ky.gov/login/
Frame ID: 689E3D0ACF438BC9F7AFDE3BB814964F
Requests: 30 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8_U0qAAAAAMSrgkLCQCJj8sV9ht5e59_DJyDm&co=aHR0cHM6Ly9zc28ucGlsb3QxLmt5aWQua3kuZ292OjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=6fr7piyyklhc
Frame ID: 48784C962300FD93938E9399692D543E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Login

Page URL History Show full URLs

  1. https://sso.pilot1.kyid.ky.gov/ HTTP 301
    https://sso.pilot1.kyid.ky.gov/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

31
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

3034 kB
Transfer

3426 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sso.pilot1.kyid.ky.gov/ HTTP 301
    https://sso.pilot1.kyid.ky.gov/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sso.pilot1.kyid.ky.gov/login/
Redirect Chain
  • https://sso.pilot1.kyid.ky.gov/
  • https://sso.pilot1.kyid.ky.gov/login/
974 B
1 KB
Document
General
Full URL
https://sso.pilot1.kyid.ky.gov/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
73f5ee20762a6e0c0afe01a892cb2a53163bc8db02ca9458792e02df3a3a5b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache no-store
content-length
974
content-security-policy-report-only
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
content-type
text/html
date
Sun, 03 Nov 2024 18:09:53 GMT
etag
"67211e1a-3ce"
expires
Sun, 03 Nov 2024 18:09:52 GMT
last-modified
Tue, 29 Oct 2024 17:40:42 GMT
pragma
no-cache
referrer-policy
origin
strict-transport-security
max-age=31536000; includeSubDomains; preload;
via
1.1 google
x-content-type-options
nosniff
x-robots-tag
none

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 03 Nov 2024 18:09:53 GMT
location
/login/
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
css
fonts.bunny.net/
50 KB
3 KB
Stylesheet
General
Full URL
https://fonts.bunny.net/css?family=open-sans:300,300i,400,400i,600,600i,700,700i&display=swap
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
4ce27d0c3ccb98258f618746687f099c9fe9bc0e94b594cb320c4c795bb41975

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
alt-svc
h3=":443"
date
Sun, 03 Nov 2024 18:09:54 GMT
last-modified
Sat, 19 Oct 2024 12:46:16 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
10/19/2024 12:46:17
cache-control
public, max-age=2592000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid
f9b59733accfd9c02059215464eaced1
cdn-pullzone
781720
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1077
server
BunnyCDN-DE1-1077
cdn-requestcountrycode
DE
chunk-vendors.e2e45673.js
sso.pilot1.kyid.ky.gov/login/js/
1 MB
1 MB
Script
General
Full URL
https://sso.pilot1.kyid.ky.gov/login/js/chunk-vendors.e2e45673.js
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
e629a189b5854af565c133c2f376126b5256c7e811c4c9a388e39227a9626f2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
etag
"67253399-13eb9b"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1305499
date
Sun, 03 Nov 2024 18:09:53 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 20:01:29 GMT
app.657cd20e.js
sso.pilot1.kyid.ky.gov/login/js/
164 KB
164 KB
Script
General
Full URL
https://sso.pilot1.kyid.ky.gov/login/js/app.657cd20e.js
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
2730775610611076482ecb8e5aa83a2fe028ca52792da22518deaf57162c1cce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
etag
"672533b4-2913e"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168254
date
Sun, 03 Nov 2024 18:09:53 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 20:01:56 GMT
chunk-vendors.d2b307bd.css
sso.pilot1.kyid.ky.gov/login/css/
79 KB
79 KB
Stylesheet
General
Full URL
https://sso.pilot1.kyid.ky.gov/login/css/chunk-vendors.d2b307bd.css
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
dd642d1262d449cc048ee11d91a4ee61631b366d7d341da97687f7207454ddf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
etag
"67211e1a-13cf5"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81141
date
Sun, 03 Nov 2024 18:09:53 GMT
content-type
text/css
last-modified
Tue, 29 Oct 2024 17:40:42 GMT
app.9d3922eb.css
sso.pilot1.kyid.ky.gov/login/css/
196 KB
196 KB
Stylesheet
General
Full URL
https://sso.pilot1.kyid.ky.gov/login/css/app.9d3922eb.css
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
1575a4d5b46c9fbc0b076df78338a7e696ab19bc1a09b227e5a5e76155ff581d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
etag
"67211e1a-30fb7"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200631
date
Sun, 03 Nov 2024 18:09:53 GMT
content-type
text/css
last-modified
Tue, 29 Oct 2024 17:40:42 GMT
uiconfig
sso.pilot1.kyid.ky.gov/openidm/info/
842 B
867 B
XHR
General
Full URL
https://sso.pilot1.kyid.ky.gov/openidm/info/uiconfig
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/chunk-vendors.e2e45673.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
70ccfe428ab2496fae956881db9ac0d4b34f701636ea51e280f0f6a17cfd57ae
Security Headers
Name Value
Content-Security-Policy default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

x-robots-tag
none
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 18:09:54 GMT
content-api-version
protocol=2.1,resource=1.0
content-type
application/json;charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-security-policy
default-src 'none';frame-ancestors 'none';sandbox
cache-control
no-store
cross-origin-opener-policy
same-origin
pragma
no-cache
cross-origin-resource-policy
same-origin
via
1.1 google
x-forgerock-transactionid
68fe7d3f-71e5-4cec-9a48-16827a7b42b1
content-length
842
favicon.ico
sso.pilot1.kyid.ky.gov/
184 B
199 B
Other
General
Full URL
https://sso.pilot1.kyid.ky.gov/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
ab5b03441676ec2257062800d1387c86389c8a36619866a4e7dd2ae93bd319bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

via
1.1 google
strict-transport-security
max-age=31536000;includeSubDomains;preload
cache-control
private, no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 18:09:54 GMT
content-type
text/html
x-frame-options
SAMEORIGIN
en-US
sso.pilot1.kyid.ky.gov/openidm/config/uilocale/
566 B
590 B
XHR
General
Full URL
https://sso.pilot1.kyid.ky.gov/openidm/config/uilocale/en-US?_fields=login,shared
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/chunk-vendors.e2e45673.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
ef11a87a98960ad03624d6a207cbbb441ee08081d4e9e8c5b23d4d1044f7f43a
Security Headers
Name Value
Content-Security-Policy default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

x-robots-tag
none
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 18:09:54 GMT
content-type
application/json;charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-security-policy
default-src 'none';frame-ancestors 'none';sandbox
cache-control
no-store
cross-origin-opener-policy
same-origin
pragma
no-cache
cross-origin-resource-policy
same-origin
via
1.1 google
x-forgerock-transactionid
0476b08c-07cb-4263-ae5f-1b1c2d3f33e5
content-length
566
en
sso.pilot1.kyid.ky.gov/openidm/config/uilocale/
563 B
587 B
XHR
General
Full URL
https://sso.pilot1.kyid.ky.gov/openidm/config/uilocale/en?_fields=login,shared
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/chunk-vendors.e2e45673.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
3f3bf5351708dabbedcbe9684a719181c845a354ea1f685bdcec497cb6fce6b0
Security Headers
Name Value
Content-Security-Policy default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

x-robots-tag
none
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 18:09:54 GMT
content-type
application/json;charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-security-policy
default-src 'none';frame-ancestors 'none';sandbox
cache-control
no-store
cross-origin-opener-policy
same-origin
pragma
no-cache
cross-origin-resource-policy
same-origin
via
1.1 google
x-forgerock-transactionid
76281f5b-0697-4cc8-9cdc-399c66af5e3b
content-length
563
811.30fa0bcb.js
sso.pilot1.kyid.ky.gov/login/js/
23 KB
23 KB
Script
General
Full URL
https://sso.pilot1.kyid.ky.gov/login/js/811.30fa0bcb.js
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/app.657cd20e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
5f7d177ec009ac88241fc4788124b46ef26d1685f8894b855209f0409add7e9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
etag
"672533b4-5d4f"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23887
date
Sun, 03 Nov 2024 18:09:54 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 20:01:56 GMT
337.4469b31e.css
sso.pilot1.kyid.ky.gov/login/css/
11 KB
11 KB
Stylesheet
General
Full URL
https://sso.pilot1.kyid.ky.gov/login/css/337.4469b31e.css
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/app.657cd20e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
7bd3ae5aaec07abedd495bfbc56b703b9df4f4baf692da7b7411236ddeacb7b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
etag
"67211e1a-2dc7"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11719
date
Sun, 03 Nov 2024 18:09:54 GMT
content-type
text/css
last-modified
Tue, 29 Oct 2024 17:40:42 GMT
337.6eb9247e.js
sso.pilot1.kyid.ky.gov/login/js/
58 KB
58 KB
Script
General
Full URL
https://sso.pilot1.kyid.ky.gov/login/js/337.6eb9247e.js
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/app.657cd20e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
749327106cb32fdd253a90cfc3bd5fc43cc02ea0342e3f6966e59c68dc7c4366
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
etag
"672533b4-e60c"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58892
date
Sun, 03 Nov 2024 18:09:54 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 20:01:56 GMT
*
sso.pilot1.kyid.ky.gov/am/json/serverinfo/
528 B
555 B
XHR
General
Full URL
https://sso.pilot1.kyid.ky.gov/am/json/serverinfo/*
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/chunk-vendors.e2e45673.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
c7075a2a5d8613e6a93933ea505641cc102798c6785c00cf1126f9a6c39f54ff
Security Headers
Name Value
Content-Security-Policy default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://sso.pilot1.kyid.ky.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
accept-api-version
protocol=1.0,resource=1.1

Response headers

x-robots-tag
none
etag
"1706029495"
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 18:09:54 GMT
content-api-version
resource=1.1
content-type
application/json;charset=UTF-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-security-policy
default-src 'none';frame-ancestors 'none';sandbox
cache-control
no-store
cross-origin-opener-policy
same-origin
pragma
no-cache
cross-origin-resource-policy
same-origin
content-security-policy-report-only
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
via
1.1 google
x-forgerock-transactionid
8ea5410b-1acd-458f-886d-efa97d7d5383
content-length
528
open-sans-latin-400-normal.woff2
fonts.bunny.net/open-sans/files/
18 KB
19 KB
Font
General
Full URL
https://fonts.bunny.net/open-sans/files/open-sans-latin-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=open-sans:300,300i,400,400i,600,600i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://sso.pilot1.kyid.ky.gov
Referer
https://fonts.bunny.net/css?family=open-sans:300,300i,400,400i,600,600i,700,700i&display=swap

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66f072c3-48ec"
cdn-fileserver
660
date
Sun, 03 Nov 2024 18:09:54 GMT
cdn-storageserver
DE-382
content-type
font/woff2
last-modified
Sun, 22 Sep 2024 19:40:51 GMT
cdn-cachedat
10/19/2024 12:46:07
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=2592000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid
3b6bd05e2bfd27f04a3a12b59209c88a
cdn-pullzone
781720
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
18668
cdn-edgestorageid
1077
server
BunnyCDN-DE1-1077
cdn-requestcountrycode
DE
authenticate
sso.pilot1.kyid.ky.gov/am/json/realms/root/realms/alpha/
5 KB
5 KB
Fetch
General
Full URL
https://sso.pilot1.kyid.ky.gov/am/json/realms/root/realms/alpha/authenticate?
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/chunk-vendors.e2e45673.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
da99737389685a08d4c7c6de18ce8513fe34edfe1b60bb4eb5b15b917b502a7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-forgerock-transactionid
150963e8-2985-4dd9-a0a9-a7beded02e82-request-1
Referer
https://sso.pilot1.kyid.ky.gov/
x-requested-with
forgerock-sdk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
accept-api-version
protocol=1.0,resource=2.1
content-type
application/json

Response headers

x-robots-tag
none
access-control-expose-headers
content-api-version
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 18:09:55 GMT
content-api-version
resource=2.1
content-type
application/json
vary
Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload;
cache-control
private
pragma
no-cache
access-control-allow-credentials
true
content-security-policy-report-only
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
via
1.1 google
x-forgerock-transactionid
150963e8-2985-4dd9-a0a9-a7beded02e82-request-1
access-control-allow-origin
https://sso.pilot1.kyid.ky.gov
content-length
5506
themerealm
sso.pilot1.kyid.ky.gov/openidm/config/ui/
216 KB
216 KB
XHR
General
Full URL
https://sso.pilot1.kyid.ky.gov/openidm/config/ui/themerealm
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/chunk-vendors.e2e45673.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
17624c888ddebb4c095ee56999654f4f2baeb7e6ec2f1d131ebd6b90f942975f
Security Headers
Name Value
Content-Security-Policy default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sso.pilot1.kyid.ky.gov/
x-requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

x-robots-tag
none
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 18:09:55 GMT
content-api-version
protocol=2.1,resource=1.0
content-type
application/json;charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-security-policy
default-src 'none';frame-ancestors 'none';sandbox
cache-control
no-store
cross-origin-opener-policy
same-origin
pragma
no-cache
cross-origin-resource-policy
same-origin
via
1.1 google
x-forgerock-transactionid
534d6330-b988-4693-a038-1e72186057da
open-sans-symbols-400-normal.woff2
fonts.bunny.net/open-sans/files/
10 KB
11 KB
Font
General
Full URL
https://fonts.bunny.net/open-sans/files/open-sans-symbols-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=open-sans:300,300i,400,400i,600,600i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
37c813e5c95a107d3992c300f1b03a488e70570166eb45687fedab8d1f3b6c7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://sso.pilot1.kyid.ky.gov
Referer
https://fonts.bunny.net/css?family=open-sans:300,300i,400,400i,600,600i,700,700i&display=swap

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66f072e9-27c4"
cdn-fileserver
658
date
Sun, 03 Nov 2024 18:09:55 GMT
cdn-storageserver
DE-51
content-type
font/woff2
last-modified
Sun, 22 Sep 2024 19:41:29 GMT
cdn-cachedat
10/19/2024 12:46:07
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=2592000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid
b70ec97fdd572b85623ec131bfa85543
cdn-pullzone
781720
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
10180
cdn-edgestorageid
1077
server
BunnyCDN-DE1-1077
cdn-requestcountrycode
DE
56.9efaefad.js
sso.pilot1.kyid.ky.gov/login/js/
10 KB
10 KB
Script
General
Full URL
https://sso.pilot1.kyid.ky.gov/login/js/56.9efaefad.js
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/app.657cd20e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
cf51c6cbd5cd689669aee22de895e6138afeb9e37e6775d7d941d5d8acbf3299
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
etag
"672533b4-26a8"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9896
date
Sun, 03 Nov 2024 18:09:56 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 20:01:56 GMT
79.f8b9bf79.css
sso.pilot1.kyid.ky.gov/login/css/
117 KB
117 KB
Stylesheet
General
Full URL
https://sso.pilot1.kyid.ky.gov/login/css/79.f8b9bf79.css
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/app.657cd20e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
fd6ca6c971c21d170807abb0e5e58049d61f0a4f8cdf2f18e45462067f3972f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
etag
"67211e1a-1d3a3"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119715
date
Sun, 03 Nov 2024 18:09:56 GMT
content-type
text/css
last-modified
Tue, 29 Oct 2024 17:40:42 GMT
79.e79d41b2.js
sso.pilot1.kyid.ky.gov/login/js/
472 KB
472 KB
Script
General
Full URL
https://sso.pilot1.kyid.ky.gov/login/js/79.e79d41b2.js
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/app.657cd20e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
05bb9dbd4edb3a2c9a7ef7f73b4a029c91a59ca31cff739a5ad6c8aeb7117c23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
etag
"672533b4-75fc7"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
483271
date
Sun, 03 Nov 2024 18:09:56 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 20:01:56 GMT
395.e40f6f4d.js
sso.pilot1.kyid.ky.gov/login/js/
1 KB
1 KB
Script
General
Full URL
https://sso.pilot1.kyid.ky.gov/login/js/395.e40f6f4d.js
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/app.657cd20e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
ab9262916c952b8a136cb0fa3cd8596955ddf8143f4bdec786cb24f993a3181d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
etag
"672533b4-54c"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1356
date
Sun, 03 Nov 2024 18:09:56 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 20:01:56 GMT
SiteFooterLogo.png
kog.chfs.ky.gov/public/content/images/
20 KB
21 KB
Image
General
Full URL
https://kog.chfs.ky.gov/public/content/images/SiteFooterLogo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.204.197.26 Hopkinsville, United States, ASN10921 (KIHNETWORK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d6e5afa05ea0c70db97424e5efbdcb5cc609d155941223f3546fcc275e0b6378

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

ETag
"0442bbfedbdb1:0"
Accept-Ranges
bytes
Content-Length
20435
Date
Sun, 03 Nov 2024 18:09:49 GMT
Content-Type
image/png
Last-Modified
Sat, 21 Sep 2024 06:16:08 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
fs04kpe3k1MBrWB2y4h7
ok10static.oktacdn.com/fs/bco/1/
20 KB
21 KB
Image
General
Full URL
https://ok10static.oktacdn.com/fs/bco/1/fs04kpe3k1MBrWB2y4h7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-57.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a82b69184c46c6ce7c5f4241142eb844cb29f3535e98b45ad128563e93b4ac89
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

etag
"34cf97305b794f5105e37ce99ecde1da"
age
400268
expires
Thu, 30 Oct 2025 02:58:48 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
lvZrvn0xvcPqQgxgZXz0Bz9SznGRz-7NfRMlP18DQTqkvoNokGOdQw==
date
Wed, 30 Oct 2024 02:58:48 GMT
content-type
image/png
last-modified
Wed, 21 Jun 2023 21:04:11 GMT
strict-transport-security
max-age=315360000; includeSubDomains
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
via
1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
20591
x-amz-cf-pop
FRA56-P11
server
nginx
fs04kpe3kedbi8WB04h7
ok10static.oktacdn.com/fs/bco/7/
100 KB
101 KB
Image
General
Full URL
https://ok10static.oktacdn.com/fs/bco/7/fs04kpe3kedbi8WB04h7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-57.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
371cf1ceb3cfd2bb924cdba0400fcbeb42ef999fea02eb8b91375bc32cdf5ee9
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

etag
"b3e63b9fde4b1b53cc5682fd7ba86335"
age
101137
expires
Sun, 02 Nov 2025 14:04:19 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
1tHukF1nhfqNbf4KYKtqqJpuFYb_OWPWPinf1yG8hVEgNsFGTM2yQQ==
date
Sat, 02 Nov 2024 14:04:19 GMT
content-type
image/jpeg
last-modified
Wed, 21 Jun 2023 21:04:11 GMT
strict-transport-security
max-age=315360000; includeSubDomains
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
via
1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
102480
x-amz-cf-pop
FRA56-P11
server
nginx
fs04kpe3k1MBrWB2y4h7
ok10static.oktacdn.com/fs/bco/1/
20 KB
0
Other
General
Full URL
https://ok10static.oktacdn.com/fs/bco/1/fs04kpe3k1MBrWB2y4h7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-57.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a82b69184c46c6ce7c5f4241142eb844cb29f3535e98b45ad128563e93b4ac89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
etag
"34cf97305b794f5105e37ce99ecde1da"
age
400268
via
1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
expires
Thu, 30 Oct 2025 02:58:48 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
20591
x-amz-cf-id
lvZrvn0xvcPqQgxgZXz0Bz9SznGRz-7NfRMlP18DQTqkvoNokGOdQw==
date
Wed, 30 Oct 2024 02:58:48 GMT
content-type
image/png
last-modified
Wed, 21 Jun 2023 21:04:11 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
290.8410ec98.js
sso.pilot1.kyid.ky.gov/login/js/
8 KB
8 KB
Script
General
Full URL
https://sso.pilot1.kyid.ky.gov/login/js/290.8410ec98.js
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/app.657cd20e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.236.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
178.236.49.34.bc.googleusercontent.com
Software
/
Resource Hash
f2fd4348969eded00f0639076e0df3ad146ed646e40ad3d9b12bb9b0e16ef4ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
etag
"672533b4-2057"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8279
date
Sun, 03 Nov 2024 18:09:56 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 20:01:56 GMT
api.js
www.google.com/recaptcha/
1 KB
971 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: sso.pilot1.kyid.ky.gov
URL: https://sso.pilot1.kyid.ky.gov/login/js/chunk-vendors.e2e45673.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9ef4a6fb0f4ec50c94eaab29a60df1bcab1b5707dafa62b40dfaf39804ddef63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 18:09:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Sun, 03 Nov 2024 18:09:56 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/
547 KB
217 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://sso.pilot1.kyid.ky.gov
Referer
https://sso.pilot1.kyid.ky.gov/

Response headers

content-encoding
gzip
age
63656
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Mon, 03 Nov 2025 00:29:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 00:29:00 GMT
last-modified
Tue, 22 Oct 2024 00:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222594
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/api2/ Frame 4878
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8_U0qAAAAAMSrgkLCQCJj8sV9ht5e59_DJyDm&co=aHR0cHM6Ly9zc28ucGlsb3QxLmt5aWQua3kuZ292OjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=6fr7piyyklhc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-84ZdGh_9zYl_1Ubkv2UKXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sso.pilot1.kyid.ky.gov/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-84ZdGh_9zYl_1Ubkv2UKXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-security-policy-report-only
frame-ancestors 'self';report-uri https://csp.withgoogle.com/csp/frame-ancestors/38fac9d5b82543fc4729580d18ff2d3d
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Nov 2024 18:09:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
38fac9d5b82543fc4729580d18ff2d3d
csp.withgoogle.com/csp/frame-ancestors/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/frame-ancestors/38fac9d5b82543fc4729580d18ff2d3d

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunk_forgerock_platform_login function| clearImmediate function| setImmediate object| regeneratorRuntime object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__ function| _ object| __VUE_DEVTOOLS_PLUGINS__ function| redirect function| a object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Prism object| core object| recaptcha object| closure_lm_363763

6 Cookies

Domain/Path Name / Value
.ky.gov/ Name: UserLanguagePreference
Value: en-US
.sso.pilot1.kyid.ky.gov/ Name: clocale
Value: ""
.sso.pilot1.kyid.ky.gov/ Name: locale
Value: ""
.sso.pilot1.kyid.ky.gov/ Name: amlbcookie
Value: 01
.ky.gov/ Name: dtCookie
Value: v_4_srv_1_sn_E61F8AD131F1552B555183C58ECF1554_perc_100000_ol_0_mul_1_app-3Ad05cf8cd620d04fe_0_rcs-3Acss_0
kog.chfs.ky.gov/ Name: BIGipServer~CHFS~kog.chfs.ky.gov-ext-443
Value: !iuVgqXDws9z+2eQpN3EQAoFTEnz9nDR1cLc4RblPet7GQl3oh/atLsebgVLxhdgCEIPmgSQguTXE264=

4 Console Messages

Source Level URL
Text
network error URL: https://sso.pilot1.kyid.ky.gov/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://sso.pilot1.kyid.ky.gov/login/js/chunk-vendors.e2e45673.js(Line 16)
Message:
[Report Only] Refused to load the script 'https://www.google.com/recaptcha/api.js?render=explicit' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.google.com/recaptcha/api.js?render=explicit
Message:
[Report Only] Refused to load the script 'https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error
Message:
[Report Only] Refused to frame 'https://www.google.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csp.withgoogle.com
fonts.bunny.net
kog.chfs.ky.gov
ok10static.oktacdn.com
sso.pilot1.kyid.ky.gov
www.google.com
www.gstatic.com
csp.withgoogle.com
18.244.18.57
205.204.197.26
2400:52e0:1e00::1077:1
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2003
34.49.236.178
05bb9dbd4edb3a2c9a7ef7f73b4a029c91a59ca31cff739a5ad6c8aeb7117c23
1575a4d5b46c9fbc0b076df78338a7e696ab19bc1a09b227e5a5e76155ff581d
17624c888ddebb4c095ee56999654f4f2baeb7e6ec2f1d131ebd6b90f942975f
2730775610611076482ecb8e5aa83a2fe028ca52792da22518deaf57162c1cce
371cf1ceb3cfd2bb924cdba0400fcbeb42ef999fea02eb8b91375bc32cdf5ee9
37c813e5c95a107d3992c300f1b03a488e70570166eb45687fedab8d1f3b6c7b
3f3bf5351708dabbedcbe9684a719181c845a354ea1f685bdcec497cb6fce6b0
4ce27d0c3ccb98258f618746687f099c9fe9bc0e94b594cb320c4c795bb41975
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
5f7d177ec009ac88241fc4788124b46ef26d1685f8894b855209f0409add7e9a
70ccfe428ab2496fae956881db9ac0d4b34f701636ea51e280f0f6a17cfd57ae
73f5ee20762a6e0c0afe01a892cb2a53163bc8db02ca9458792e02df3a3a5b92
749327106cb32fdd253a90cfc3bd5fc43cc02ea0342e3f6966e59c68dc7c4366
7bd3ae5aaec07abedd495bfbc56b703b9df4f4baf692da7b7411236ddeacb7b2
9ef4a6fb0f4ec50c94eaab29a60df1bcab1b5707dafa62b40dfaf39804ddef63
a82b69184c46c6ce7c5f4241142eb844cb29f3535e98b45ad128563e93b4ac89
ab5b03441676ec2257062800d1387c86389c8a36619866a4e7dd2ae93bd319bc
ab9262916c952b8a136cb0fa3cd8596955ddf8143f4bdec786cb24f993a3181d
c7075a2a5d8613e6a93933ea505641cc102798c6785c00cf1126f9a6c39f54ff
cf51c6cbd5cd689669aee22de895e6138afeb9e37e6775d7d941d5d8acbf3299
d6e5afa05ea0c70db97424e5efbdcb5cc609d155941223f3546fcc275e0b6378
da99737389685a08d4c7c6de18ce8513fe34edfe1b60bb4eb5b15b917b502a7d
dd642d1262d449cc048ee11d91a4ee61631b366d7d341da97687f7207454ddf8
e629a189b5854af565c133c2f376126b5256c7e811c4c9a388e39227a9626f2e
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
ef11a87a98960ad03624d6a207cbbb441ee08081d4e9e8c5b23d4d1044f7f43a
f2fd4348969eded00f0639076e0df3ad146ed646e40ad3d9b12bb9b0e16ef4ca
fd6ca6c971c21d170807abb0e5e58049d61f0a4f8cdf2f18e45462067f3972f5