auth-staging.safesystems.app
Open in
urlscan Pro
2606:4700::6810:b9f8
Public Scan
Effective URL: https://auth-staging.safesystems.app/u/login?state=hKFo2SBnSGlYVVBaWElkcGJ3aGxhSWhBSy1PNEgxNk8yVjBwaaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG...
Submission: On March 22 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 8th 2021. Valid for: a year.
This is the only time auth-staging.safesystems.app was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 2600:9000:220... 2600:9000:2204:f400:2:45f:7900:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.148.201.21 54.148.201.21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 2606:4700::68... 2606:4700::6810:b9f8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 143.204.202.119 143.204.202.119 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 52.10.136.75 52.10.136.75 | 16509 (AMAZON-02) (AMAZON-02) | |
10 | 6 |
ASN16509 (AMAZON-02, US)
healthcheck-staging.safe.health |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-201-21.us-west-2.compute.amazonaws.com
api-staging.getchecked.health |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-119.fra53.r.cloudfront.net
cdn.auth0.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-136-75.us-west-2.compute.amazonaws.com
safehealth.me |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
safe.health
healthcheck-staging.safe.health |
2 MB |
2 |
safehealth.me
1 redirects
safehealth.me |
629 B |
2 |
safesystems.app
auth-staging.safesystems.app Failed |
16 KB |
1 |
auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 9372 |
52 KB |
1 |
getchecked.health
api-staging.getchecked.health |
620 B |
10 | 5 |
Domain | Requested by | |
---|---|---|
4 | healthcheck-staging.safe.health |
healthcheck-staging.safe.health
|
2 | safehealth.me |
1 redirects
auth-staging.safesystems.app
|
2 | auth-staging.safesystems.app |
healthcheck-staging.safe.health
|
1 | cdn.auth0.com |
auth-staging.safesystems.app
|
1 | api-staging.getchecked.health |
healthcheck-staging.safe.health
|
10 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.healthcheck.la Amazon |
2021-04-21 - 2022-05-20 |
a year | crt.sh |
*.getchecked.health Amazon |
2022-01-28 - 2023-02-26 |
a year | crt.sh |
auth-staging.safesystems.app Cloudflare Inc ECC CA-3 |
2021-11-08 - 2022-11-07 |
a year | crt.sh |
*.auth0.com Amazon |
2021-04-25 - 2022-05-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth-staging.safesystems.app/u/login?state=hKFo2SBnSGlYVVBaWElkcGJ3aGxhSWhBSy1PNEgxNk8yVjBwaaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGpzbE9zRjdaenpXZlJ1c24tb3c1YkZCVkdjakJnT3Awo2NpZNkgQmtCMk5iZlkyb09TZEIzNXg3NVRtU2FMUkJ6R2tFNGo
Frame ID: 16D3C870B5E3A25352D8CBABC5530092
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Log in | Healthcheck Administration ConsolePage URL History Show full URLs
- https://healthcheck-staging.safe.health/ Page URL
-
https://auth-staging.safesystems.app/authorize?client_id=BkB2NbfY2oOSdB35x75TmSaLRBzGkE4j&audience=https%3A%2F%2F...
HTTP 302
https://auth-staging.safesystems.app/u/login?state=hKFo2SBnSGlYVVBaWElkcGJ3aGxhSWhBSy1PNEgxNk8yVjBwaaFur3VuaXZlcn... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://healthcheck-staging.safe.health/ Page URL
-
https://auth-staging.safesystems.app/authorize?client_id=BkB2NbfY2oOSdB35x75TmSaLRBzGkE4j&audience=https%3A%2F%2Fapi-uat.getchecked.health&redirect_uri=https%3A%2F%2Fhealthcheck-staging.safe.health&response_type=code&scope=openid%20profile%20email&response_mode=query&state=bU1YTDgtVkhQNV9Bd1NkSXYuQTIudWlKLVliRVpKQVVDWmtXbzFYM1E2SQ%3D%3D&nonce=NTUoRuqARGkG5SW3YV49TQaIFDY0T2BTNjrZ7EFIE0N&code_challenge=uR3XAsr0_tf3lz6jNkwkvaiDXnNQtjjyN6t173fIDvY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuNi41In0%3D
HTTP 302
https://auth-staging.safesystems.app/u/login?state=hKFo2SBnSGlYVVBaWElkcGJ3aGxhSWhBSy1PNEgxNk8yVjBwaaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGpzbE9zRjdaenpXZlJ1c24tb3c1YkZCVkdjakJnT3Awo2NpZNkgQmtCMk5iZlkyb09TZEIzNXg3NVRtU2FMUkJ6R2tFNGo Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://safehealth.me/shs-emblem/ HTTP 301
- https://safehealth.me/wp-content/uploads/sites/2/2020/09/shs-emblem.png
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
healthcheck-staging.safe.health/ |
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.974f73de.chunk.css
healthcheck-staging.safe.health/static/css/ |
731 KB 733 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8.b3b9d24e.chunk.js
healthcheck-staging.safe.health/static/js/ |
600 KB 601 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.e7dd5a74.chunk.js
healthcheck-staging.safe.health/static/js/ |
353 KB 354 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
public
api-staging.getchecked.health/v1/admin/account/ |
44 B 620 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
service-worker.js
healthcheck-staging.safe.health/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
logout
auth-staging.safesystems.app/v2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
login
auth-staging.safesystems.app/u/ Redirect Chain
|
14 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.58.13/css/ |
224 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shs-emblem.png
safehealth.me/wp-content/uploads/sites/2/2020/09/ Redirect Chain
|
35 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
650 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- healthcheck-staging.safe.health
- URL
- https://healthcheck-staging.safe.health/service-worker.js
- Domain
- auth-staging.safesystems.app
- URL
- https://auth-staging.safesystems.app/v2/logout?client_id=BkB2NbfY2oOSdB35x75TmSaLRBzGkE4j&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuNi41In0%3D
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
healthcheck-staging.safe.health/ | Name: a0.spajs.txs.bU1YTDgtVkhQNV9Bd1NkSXYuQTIudWlKLVliRVpKQVVDWmtXbzFYM1E2SQ%3D%3D Value: {%22nonce%22:%22NTUoRuqARGkG5SW3YV49TQaIFDY0T2BTNjrZ7EFIE0N%22%2C%22code_verifier%22:%22LEOWqky6PL62A3-KfwhZO1QE-AbO9ecTZy~2IjNqRgq%22%2C%22appState%22:{%22targetUrl%22:%22/%22}%2C%22scope%22:%22openid%20profile%20email%22%2C%22audience%22:%22https://api-uat.getchecked.health%22%2C%22redirect_uri%22:%22https://healthcheck-staging.safe.health%22} |
|
auth-staging.safesystems.app/ | Name: did Value: s%3Av0%3A88b7ba90-a99b-11ec-a128-c3587b81edbc.6jtEiVQax9qyEQxRg3hIKNIgREukxgf3ZGNhF6gBSJc |
|
auth-staging.safesystems.app/ | Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQAbNqOA9fyiWKmX4lvnXjJeC9jmQ02fHGoU38qRkmYbsYg0P2GDiidMv87miGPEcF-91XW2fja7Hq_3himje2iamY29va2llg6dleHBpcmVz1_8lq44AYj1J-q5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Bv9%2FDRVQPHhSyLeMiE2zG4nxR6fSxbMLAAs%2BWuRgzOw |
|
auth-staging.safesystems.app/ | Name: did_compat Value: s%3Av0%3A88b7ba90-a99b-11ec-a128-c3587b81edbc.6jtEiVQax9qyEQxRg3hIKNIgREukxgf3ZGNhF6gBSJc |
|
auth-staging.safesystems.app/ | Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQAbNqOA9fyiWKmX4lvnXjJeC9jmQ02fHGoU38qRkmYbsYg0P2GDiidMv87miGPEcF-91XW2fja7Hq_3himje2iamY29va2llg6dleHBpcmVz1_8lq44AYj1J-q5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Bv9%2FDRVQPHhSyLeMiE2zG4nxR6fSxbMLAAs%2BWuRgzOw |
|
safehealth.me/ | Name: AWSALBCORS Value: ggX9h58qlztkM+QLT2D60PjRZUdOVIi7EzbTOvp7pdk058T9XsFc7XNBj5NOo+V5OEo6ck6v4zRqXTaOhDSlOXCw7GYV4bJcnKJfTu+mJ0d9hhVFyVWCc3fR+biu |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-staging.getchecked.health
auth-staging.safesystems.app
cdn.auth0.com
healthcheck-staging.safe.health
safehealth.me
auth-staging.safesystems.app
healthcheck-staging.safe.health
143.204.202.119
2600:9000:2204:f400:2:45f:7900:93a1
2606:4700::6810:b9f8
52.10.136.75
54.148.201.21
62fcf0f1c31e1a423d0f138e57d82909c44dd861cb5b267a75d1907141f68ab1
6b5ae395943fa19714183cec7479693dae548807d05cd30090a6cfe7c7f0bed0
883df0e1a42f58252218472a31eec5451de5edc0142b7bac1ae1cc512d7812f7
93de14acae54d898ef5ff9bc3913a2912f02034216197ea14109d5dc6d6d5e93
a68fdf4dacefe6fede1b58d63e225aba671b45394002be01d34580f240dd38cd
a6a347b9a380d57e1ae5b3f13c6dda63d703ed8e11381492643ed9b45d480661
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce