securelogin.cpai.com
Open in
urlscan Pro
72.32.163.165
Public Scan
Effective URL: https://securelogin.cpai.com/sso/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dfirmplatform%26redirect_uri%...
Submission: On November 04 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 8th 2022. Valid for: a year.
This is the only time securelogin.cpai.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 72.32.163.161 72.32.163.161 | 33070 (RMH-14) (RMH-14) | |
1 17 | 72.32.163.165 72.32.163.165 | 33070 (RMH-14) (RMH-14) | |
4 | 2a02:e0c0:100... 2a02:e0c0:1007:a106::43 | 9100 (ASPECTRA ...) (ASPECTRA Zurich) | |
20 | 2 |
ASN33070 (RMH-14, US)
PTR: web3.netsolutionsna.com
myfirm.cpai.com |
ASN33070 (RMH-14, US)
PTR: web3.netsolutionsna.com
securelogin.cpai.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
cpai.com
3 redirects
myfirm.cpai.com securelogin.cpai.com |
686 KB |
4 |
unblu.cloud
unblu.cloud |
721 KB |
20 | 2 |
Domain | Requested by | |
---|---|---|
17 | securelogin.cpai.com |
1 redirects
securelogin.cpai.com
|
4 | unblu.cloud |
securelogin.cpai.com
unblu.cloud |
2 | myfirm.cpai.com | 2 redirects |
20 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.cpai.com |
www.scanalert.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
securelogin.cpai.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-08 - 2023-10-09 |
a year | crt.sh |
*.unblu.cloud DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-11 - 2023-01-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://securelogin.cpai.com/sso/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dfirmplatform%26redirect_uri%3Dhttps%253A%252F%252Fmyfirm.cpai.com%26response_mode%3Dform_post%26response_type%3Dcode%2520id_token%2520token%26scope%3Dopenid%2520profile%2520email%2520offline_access%26state%3DOpenIdConnect.AuthenticationProperties%253DXDkp-kRUnCutQgBqqKaW4j68iO08hir8Zsk0Wqxi0XIwuzqh7IhBw1SvE5RucOeuggAKaokVah8J-xci_LJKb83oHau0s7Yxvkib4N96ZRP-CGoBWUHKKG43mZU4-whcEb1Nh1A8a1YIgC69o3zI-OndUOAqE97q5olT4kxUs6PkLJtYa7pxdEfEQVU-nHX0LEHL7A%26nonce%3D638031652160405661.YTZiYmZiYjEtNmQ2Mi00NjMxLTliMmUtMzk2ZDlhMzczYzAwMWU2ZDkyNGYtZWMxNS00ODhlLWJlOWYtMmYxODNlY2QzZDky
Frame ID: 2FFC270BB4196DED4CE5702201B4A5F2
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
CPAI-Secure LoginPage URL History Show full URLs
-
http://myfirm.cpai.com/
HTTP 302
https://myfirm.cpai.com/ HTTP 302
https://securelogin.cpai.com/connect/authorize?client_id=firmplatform&redirect_uri=https%3a%2f%2fmyfirm.c... HTTP 302
https://securelogin.cpai.com/sso/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dfirmplat... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: CPAI Home
Search URL Search Domain Scan URL
Title: Insurance License Information
Search URL Search Domain Scan URL
Title: Privacy Statement
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://myfirm.cpai.com/
HTTP 302
https://myfirm.cpai.com/ HTTP 302
https://securelogin.cpai.com/connect/authorize?client_id=firmplatform&redirect_uri=https%3a%2f%2fmyfirm.cpai.com&response_mode=form_post&response_type=code+id_token+token&scope=openid+profile+email+offline_access&state=OpenIdConnect.AuthenticationProperties%3dXDkp-kRUnCutQgBqqKaW4j68iO08hir8Zsk0Wqxi0XIwuzqh7IhBw1SvE5RucOeuggAKaokVah8J-xci_LJKb83oHau0s7Yxvkib4N96ZRP-CGoBWUHKKG43mZU4-whcEb1Nh1A8a1YIgC69o3zI-OndUOAqE97q5olT4kxUs6PkLJtYa7pxdEfEQVU-nHX0LEHL7A&nonce=638031652160405661.YTZiYmZiYjEtNmQ2Mi00NjMxLTliMmUtMzk2ZDlhMzczYzAwMWU2ZDkyNGYtZWMxNS00ODhlLWJlOWYtMmYxODNlY2QzZDky HTTP 302
https://securelogin.cpai.com/sso/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dfirmplatform%26redirect_uri%3Dhttps%253A%252F%252Fmyfirm.cpai.com%26response_mode%3Dform_post%26response_type%3Dcode%2520id_token%2520token%26scope%3Dopenid%2520profile%2520email%2520offline_access%26state%3DOpenIdConnect.AuthenticationProperties%253DXDkp-kRUnCutQgBqqKaW4j68iO08hir8Zsk0Wqxi0XIwuzqh7IhBw1SvE5RucOeuggAKaokVah8J-xci_LJKb83oHau0s7Yxvkib4N96ZRP-CGoBWUHKKG43mZU4-whcEb1Nh1A8a1YIgC69o3zI-OndUOAqE97q5olT4kxUs6PkLJtYa7pxdEfEQVU-nHX0LEHL7A%26nonce%3D638031652160405661.YTZiYmZiYjEtNmQ2Mi00NjMxLTliMmUtMzk2ZDlhMzczYzAwMWU2ZDkyNGYtZWMxNS00ODhlLWJlOWYtMmYxODNlY2QzZDky Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
securelogin.cpai.com/sso/ Redirect Chain
|
8 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.2.1.min.js
securelogin.cpai.com/js/ |
85 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
securelogin.cpai.com/js/ |
36 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-datepicker.js
securelogin.cpai.com/js/ |
51 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visitor.js
unblu.cloud/unblu/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
securelogin.cpai.com/css/ |
118 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
securelogin.cpai.com/css/ |
31 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-datepicker.min.css
securelogin.cpai.com/css/ |
17 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-select.css
securelogin.cpai.com/css/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aicpa-aon-logo.png
securelogin.cpai.com/images/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-image-secure-login-img.jpg
securelogin.cpai.com/images/ |
362 KB 362 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
year-of-service.png
securelogin.cpai.com/images/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
McAfee.png
securelogin.cpai.com/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
securelogin.cpai.com/js/ |
552 B 847 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-sprite.png
securelogin.cpai.com/images/ |
31 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RobotoRegular.woff2
securelogin.cpai.com/fonts/ |
65 KB 65 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RobotoLight.woff2
securelogin.cpai.com/fonts/ |
64 KB 64 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Initializer.min.js
unblu.cloud/unblu/static/js/wp/xmd1666735673826/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SiteIntegrationLazyMain.cfg
unblu.cloud/unblu/config/xmd1667568414149/all/null/null/de-DE/https$securelogin.cpai.com/Whoqlc4dRaWNnz6lVVM9oA/null/null/null/ |
15 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SiteIntegrationLazyMain.min.js
unblu.cloud/unblu/static/js/wp/xmd1666735673826/ |
691 KB 696 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery string| x-unblu-tmp-window-name object| unblu object| _unblu_572F594F_21AA_4D30_8081_40F2793592AF string| _unblu_572F594F_21AA_4D30_8081_40F2793592AF253744e3-1874_4669_b286_e7ecf75aeb5f object| webpackChunkcom_unblu_meta_server_webpack object| Rx5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
myfirm.cpai.com/ | Name: ASP.NET_SessionId Value: wgij4cmwdinsoer1x1amk042 |
|
myfirm.cpai.com/ | Name: OpenIdConnect.nonce.iNwYVbe3LYoCwoJmk5W3ycJVVV2ZQd2ij7ntTUYAY%2F0%3D Value: cTRTc3NWWlpucDJYckI4RG9zUGg2VWxWaS1oX1gxTV9qUUFiMXRVUmEza21tR3FWVmdxUFJPMERqWUtCa0lTTnJSNF9TTHE0ZkRFRjM4eE1ZSm5mcGpMakQ0UzdmcUJ1NVMyZUN4UGZHa1RSUTUteG5RTU92RXdVeFpyUV84MjIyUmJrOWRWVm52WUlmTFBRdkVWV2Y5MEpFQVRMTVZRLVRFakgzMGtlVE0xQXdBVjJpeTR2d1lMTU5La1p5MzJqX05xcldVUnpIQkdvQURmZjhmMmNzdjBrSll3 |
|
securelogin.cpai.com/ | Name: .AspNetCore.Antiforgery.NzNOoAwZKaY Value: CfDJ8LnaG6uWr6ZGv5u3DgXZ0JQ-refaLAHjn6pt3poGRMMqilCsHlb-1f5IYX0OmWFCn2OSfUffY8mQPNCKGM5gNuOX6om2cmUJZqlKGy0qqCAj7wSPol6nOZtkOtPAF9R7RFzYgu2FpJHmUcgMJoMGdJY |
|
securelogin.cpai.com/ | Name: .AspNetCore.Session Value: CfDJ8LnaG6uWr6ZGv5u3DgXZ0JRWMjVwjFw2Sp3n5%2Br8iZLgNygeHucVHvLluzypnr1Nm%2Bri4%2F5EXnBGN5J1i6F633W4%2BwZa4AUeRdyDsXaFudPtPW%2Fp4V4JyXVGlZRKOWeLg4hV5eFFbYiBLtvU3vplK6RVVxd%2Fa%2BHRMKLM%2FH%2B2qFWZ |
|
unblu.cloud/ | Name: x-unblu-device Value: "FsDcQ26eTrmjiue3w2odNA" |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | script-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com unblu.cloud 'unsafe-inline';style-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com unblu.cloud 'unsafe-inline' |
Strict-Transport-Security | max-age=31536000 |
X-Content-Security-Policy | default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.aspnetcdn.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; |
X-Content-Type-Options | nosniff nosniff |
X-Frame-Options | SAMEORIGIN SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
myfirm.cpai.com
securelogin.cpai.com
unblu.cloud
2a02:e0c0:1007:a106::43
72.32.163.161
72.32.163.165
01a2d70c44d360552709539006a6e8f801196798f30b88133c50d142b0a18eba
021564a5c2a1309fec4e0533ef1980ca6fce2ec4cc5aa737fc9b3d117dd5d244
06e83c3bbf9c198cd27903124bae51d7f7bdbeac91a9a5ef9882f637f90c3860
1145691f42e01331c0e21d148d16b24db6ca6fd790a2e7be27739f168ecdd938
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
443f1a636fb52044a58fd27973f15a00dc6704a38c93af0b9fe2643239cd05b5
53b65edfd5a4dd445856d6631065e0d7eaa41c03417c5a8bd2c6c50157143852
5d8577aa5bcd511006d5ef6e76ff401464de1d10a5ed5129b7d49f002960668b
63aff0dd6a6f62a8b785960e29baeaf4a20674eca0f4b5fad0bb6d03617750b4
6ad27c3f233085ff40713d36ec8060b97e8275654d0cf76b9e6c45f9d0c78a20
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
770b2d7b4dc98cf3c5eb92cc572c07869fe068f75a08baeef50da3d82a065a9b
844065ac84f410624b2dbd17e36558bdd6fda4a15aa09a0094ebc6664f3af08b
9c7f0233f64674d89d923eae195662d32761340ef2f3a06b3f120586721e1376
a408a0b37913bcf952296c833eca90164bbd554505c8cf9ffc2c68954da77de0
a48ecb81ee224019057a4cf4264c47b4dffd66c3739ecf4f48532858c4b17f5d
af005068528c69fffe96dc7b9a9f3593fad5f603e8a8cf6495c1f2ed2a374e62
b12b5fafc66a273dcd9cd634a545720670383e0f2cd42dbe12da6accf1fd27b6
d1bdb74cc164a8a3195c9fd4593ab92c08381849e4f15ed5f61f21c9a41e548a
f57d86e547eebedbfc959a2116e8a98160451f9e9745f7ed9f494b2458d00d6a