auth-staging.safesystems.app
Open in
urlscan Pro
2606:4700::6810:b8f8
Public Scan
Effective URL: https://auth-staging.safesystems.app/u/login?state=hKFo2SB2UEdRcXpPZGs4UThfcmVzUDFULU1vVzJnLWRGVkx0Y6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIF...
Submission: On March 01 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 8th 2021. Valid for: a year.
This is the only time auth-staging.safesystems.app was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 2600:9000:218... 2600:9000:2182:e200:0:c858:3e80:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 34.211.32.57 34.211.32.57 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 2606:4700::68... 2606:4700::6810:b8f8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 143.204.103.120 143.204.103.120 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 52.10.136.75 52.10.136.75 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 6 |
ASN16509 (AMAZON-02, US)
mayoclinic-staging.safe.health |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-32-57.us-west-2.compute.amazonaws.com
api-staging.getchecked.health |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-120.fra50.r.cloudfront.net
cdn.auth0.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-136-75.us-west-2.compute.amazonaws.com
safehealth.me |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
safe.health
mayoclinic-staging.safe.health |
2 MB |
2 |
safehealth.me
1 redirects
safehealth.me |
640 B |
2 |
safesystems.app
auth-staging.safesystems.app Failed |
15 KB |
1 |
auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 9211 |
52 KB |
1 |
getchecked.health
api-staging.getchecked.health |
638 B |
9 | 5 |
Domain | Requested by | |
---|---|---|
4 | mayoclinic-staging.safe.health |
mayoclinic-staging.safe.health
|
2 | safehealth.me |
1 redirects
auth-staging.safesystems.app
|
2 | auth-staging.safesystems.app |
mayoclinic-staging.safe.health
|
1 | cdn.auth0.com |
auth-staging.safesystems.app
|
1 | api-staging.getchecked.health |
mayoclinic-staging.safe.health
|
9 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mayoclinic-dev.safe.health Amazon |
2021-03-31 - 2022-04-29 |
a year | crt.sh |
*.getchecked.health Amazon |
2022-01-28 - 2023-02-26 |
a year | crt.sh |
auth-staging.safesystems.app Cloudflare Inc ECC CA-3 |
2021-11-08 - 2022-11-07 |
a year | crt.sh |
*.auth0.com Amazon |
2021-04-25 - 2022-05-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth-staging.safesystems.app/u/login?state=hKFo2SB2UEdRcXpPZGs4UThfcmVzUDFULU1vVzJnLWRGVkx0Y6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFJqcDBTSV9hQ0l1VDhoX1Q4a3BacDRRNU1FWXRFeGxmo2NpZNkgU2hDODI0NDFOQ0hEeEY3ZTJidkQzWlBXb0luYXdPaXE
Frame ID: 38A9F8685FEC8E006A042C223675B50C
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Log in | Mayo-Clinic Administration ConsolePage URL History Show full URLs
- https://mayoclinic-staging.safe.health/ Page URL
-
https://auth-staging.safesystems.app/authorize?client_id=ShC82441NCHDxF7e2bvD3ZPWoInawOiq&audience=https%3A%2F%2F...
HTTP 302
https://auth-staging.safesystems.app/u/login?state=hKFo2SB2UEdRcXpPZGs4UThfcmVzUDFULU1vVzJnLWRGVkx0Y6Fur3VuaXZlcn... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://mayoclinic-staging.safe.health/ Page URL
-
https://auth-staging.safesystems.app/authorize?client_id=ShC82441NCHDxF7e2bvD3ZPWoInawOiq&audience=https%3A%2F%2Fapi-uat.getchecked.health&redirect_uri=https%3A%2F%2Fmayoclinic-staging.safe.health&response_type=code&scope=openid%20profile%20email&response_mode=query&state=V0pkcVhuTTZqZUVQUjd2dWRrcy5sMGFqN0EzRXM3cjAxMFpOU1hwV1dlSQ%3D%3D&nonce=p2So7rpr8yw7ABhvkS0.99OfbBCUACIO6Bknd9Qum3N&code_challenge=UVaE9PrWthp0kqN-HBUVSGqLlPjfgMtv_pYRILUP5k0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuNi41In0%3D
HTTP 302
https://auth-staging.safesystems.app/u/login?state=hKFo2SB2UEdRcXpPZGs4UThfcmVzUDFULU1vVzJnLWRGVkx0Y6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFJqcDBTSV9hQ0l1VDhoX1Q4a3BacDRRNU1FWXRFeGxmo2NpZNkgU2hDODI0NDFOQ0hEeEY3ZTJidkQzWlBXb0luYXdPaXE Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://safehealth.me/shs-emblem/ HTTP 301
- https://safehealth.me/wp-content/uploads/sites/2/2020/09/shs-emblem.png
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
mayoclinic-staging.safe.health/ |
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.974f73de.chunk.css
mayoclinic-staging.safe.health/static/css/ |
731 KB 732 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8.b3b9d24e.chunk.js
mayoclinic-staging.safe.health/static/js/ |
600 KB 601 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.e7dd5a74.chunk.js
mayoclinic-staging.safe.health/static/js/ |
353 KB 354 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
public
api-staging.getchecked.health/v1/admin/account/ |
44 B 638 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
logout
auth-staging.safesystems.app/v2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
login
auth-staging.safesystems.app/u/ Redirect Chain
|
13 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.58.3/css/ |
224 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shs-emblem.png
safehealth.me/wp-content/uploads/sites/2/2020/09/ Redirect Chain
|
190 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
650 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- auth-staging.safesystems.app
- URL
- https://auth-staging.safesystems.app/v2/logout?client_id=ShC82441NCHDxF7e2bvD3ZPWoInawOiq&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuNi41In0%3D
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mayoclinic-staging.safe.health/ | Name: a0.spajs.txs.V0pkcVhuTTZqZUVQUjd2dWRrcy5sMGFqN0EzRXM3cjAxMFpOU1hwV1dlSQ%3D%3D Value: {%22nonce%22:%22p2So7rpr8yw7ABhvkS0.99OfbBCUACIO6Bknd9Qum3N%22%2C%22code_verifier%22:%22eGG5lH24TICGBDCr5zJ-luDiS127bYWW1eJFUzq6gd8%22%2C%22appState%22:{%22targetUrl%22:%22/%22}%2C%22scope%22:%22openid%20profile%20email%22%2C%22audience%22:%22https://api-uat.getchecked.health%22%2C%22redirect_uri%22:%22https://mayoclinic-staging.safe.health%22} |
|
auth-staging.safesystems.app/ | Name: did Value: s%3Av0%3A88773b70-990e-11ec-a393-e1b68d993ce7.NkpwXMickUcpbuX0lywYfEj1VGi4%2BZNKopjp7WD24aw |
|
auth-staging.safesystems.app/ | Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQNljVkzrzS_7owB95Armbj3S72wOI3olf1Ov3DuLwb75Ynga1Tf6MqEpsfiiNrlaEEUWrJ2y6fGfm4bZtom8TtumY29va2llg6dleHBpcmVz1_8SW7UAYiGFeK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.S0%2Bt9SgzmKkRaVrw8%2BfTpf1gkF0rb1B39NwQPxeH93k |
|
auth-staging.safesystems.app/ | Name: did_compat Value: s%3Av0%3A88773b70-990e-11ec-a393-e1b68d993ce7.NkpwXMickUcpbuX0lywYfEj1VGi4%2BZNKopjp7WD24aw |
|
auth-staging.safesystems.app/ | Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQNljVkzrzS_7owB95Armbj3S72wOI3olf1Ov3DuLwb75Ynga1Tf6MqEpsfiiNrlaEEUWrJ2y6fGfm4bZtom8TtumY29va2llg6dleHBpcmVz1_8SW7UAYiGFeK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.S0%2Bt9SgzmKkRaVrw8%2BfTpf1gkF0rb1B39NwQPxeH93k |
|
safehealth.me/ | Name: AWSALBCORS Value: vxcol5i4lp8IM3d7iPjeFaegr8/an5iX7CI9Cgi6VONIXSnFQbHHJlLF1katlJL2Xxrpi7d/Ir1zPd1pcCK/SCSga7em/jj9JG40RsxrBmUAS/PhTQl8PKjNSWFH |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-staging.getchecked.health
auth-staging.safesystems.app
cdn.auth0.com
mayoclinic-staging.safe.health
safehealth.me
auth-staging.safesystems.app
143.204.103.120
2600:9000:2182:e200:0:c858:3e80:93a1
2606:4700::6810:b8f8
34.211.32.57
52.10.136.75
62fcf0f1c31e1a423d0f138e57d82909c44dd861cb5b267a75d1907141f68ab1
69fe4bae5bd1866460d7b95218898eaa76be1475adb67c3d7aa210d3221409e8
6b5ae395943fa19714183cec7479693dae548807d05cd30090a6cfe7c7f0bed0
8355d9806f71f28f4f0e624bdd1b3154b2c73dd38db5e1675fe12b753120742c
883df0e1a42f58252218472a31eec5451de5edc0142b7bac1ae1cc512d7812f7
9eb090aade6fe24b1ddaa4ad8cc7181d81e12c907c10ee5059c435ca484775db
a68fdf4dacefe6fede1b58d63e225aba671b45394002be01d34580f240dd38cd
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce