auth-staging.safesystems.app Open in urlscan Pro
34.216.95.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mayoclinic-staging.safe.health/
Effective URL:
https://auth-staging.safesystems.app/u/login?state=g6Fo2SByaVI1aTA3RWxlRl9ZanlFYmNqLUVCWS1Vb0h3dkRPZqN0aWTZIFFsWF8zU1FQUDF4YVYybS1BcT...
Submission: On May 18 via automatic, source certstream-suspicious (May 18th 2020, 12:07:17 am UTC)

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 34.216.95.178, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is auth-staging.safesystems.app.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 14th 2020. Valid for: 3 months.

This is the only time auth-staging.safesystems.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2600:9000:201... 2600:9000:2016:e200:0:c858:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.223.200.195 34.223.200.195	16509 (AMAZON-02) (AMAZON-02)
1 2	34.216.95.178 34.216.95.178	16509 (AMAZON-02) (AMAZON-02)
4	52.222.177.56 52.222.177.56	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.60.193 151.101.60.193	54113 (FASTLY) (FASTLY)
1	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
13	5

5 2600:9000:2016:e200:0:c858:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

mayoclinic-staging.safe.health	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.223.200.195 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-200-195.us-west-2.compute.amazonaws.com

api-staging.getchecked.health	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.216.95.178 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-95-178.us-west-2.compute.amazonaws.com

auth-staging.safesystems.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.177.56 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-177-56.ham50.r.cloudfront.net

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.60.193 (London, United Kingdom) 1 redirects

ASN54113 (FASTLY, US)

imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	safe.health mayoclinic-staging.safe.health	3 MB
4	auth0.com cdn.auth0.com	44 KB
2	imgur.com 1 redirects imgur.com i.imgur.com	18 KB
2	safesystems.app 1 redirects auth-staging.safesystems.app	5 KB
2	getchecked.health api-staging.getchecked.health	1 KB
13	5

	Domain	Requested by
5	mayoclinic-staging.safe.health	mayoclinic-staging.safe.health
4	cdn.auth0.com	auth-staging.safesystems.app
2	auth-staging.safesystems.app	1 redirects mayoclinic-staging.safe.health
2	api-staging.getchecked.health	mayoclinic-staging.safe.health
1	i.imgur.com	auth-staging.safesystems.app
1	imgur.com	1 redirects
13	6

This site contains no links.

Subject Issuer	Validity	Valid
mayoclinic-dev.safe.health Amazon	`2020-04-29` - `2021-05-29`	a year	crt.sh
*.getchecked.health Amazon	`2020-03-27` - `2021-04-27`	a year	crt.sh
auth-staging.safesystems.app Let's Encrypt Authority X3	`2020-05-14` - `2020-08-12`	3 months	crt.sh
*.auth0.com Amazon	`2019-06-21` - `2020-07-21`	a year	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://auth-staging.safesystems.app/u/login?state=g6Fo2SByaVI1aTA3RWxlRl9ZanlFYmNqLUVCWS1Vb0h3dkRPZqN0aWTZIFFsWF8zU1FQUDF4YVYybS1BcTVhc0Z3UEdXelM2Smdxo2NpZNkgU2hDODI0NDFOQ0hEeEY3ZTJidkQzWlBXb0luYXdPaXE
Frame ID: 11FC8A50854DAFC1CE4EA42099E71355
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mayoclinic-staging.safe.health/ Page URL
https://auth-staging.safesystems.app/authorize?client_id=ShC82441NCHDxF7e2bvD3ZPWoInawOiq&audience=https%3A%2F%2F... HTTP 302
https://auth-staging.safesystems.app/u/login?state=g6Fo2SByaVI1aTA3RWxlRl9ZanlFYmNqLUVCWS1Vb0h3dkRPZqN0aWTZIFFsWF... Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Page Statistics

13
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

3340 kB
Transfer

3460 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mayoclinic-staging.safe.health/ Page URL
https://auth-staging.safesystems.app/authorize?client_id=ShC82441NCHDxF7e2bvD3ZPWoInawOiq&audience=https%3A%2F%2Fapi-uat.getchecked.health&redirect_uri=https%3A%2F%2Fmayoclinic-staging.safe.health&response_type=code&scope=openid%20profile%20email&response_mode=query&state=djNQVUQzQmJjUEdiWDdfVUFWMklKVHhVOTAyRXUtR183bEpCZWM0Uy1aNQ%3D%3D&nonce=y~uTTESzVn4KWKu0g62g7RJQ7t8MV1HNqTTCID~S654&code_challenge=ZhImgJjy3uq2rdJs6Z4PWA606_FXyqTHgd5jVZdlJkA&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuNi41In0%3D HTTP 302
https://auth-staging.safesystems.app/u/login?state=g6Fo2SByaVI1aTA3RWxlRl9ZanlFYmNqLUVCWS1Vb0h3dkRPZqN0aWTZIFFsWF8zU1FQUDF4YVYybS1BcTVhc0Z3UEdXelM2Smdxo2NpZNkgU2hDODI0NDFOQ0hEeEY3ZTJidkQzWlBXb0luYXdPaXE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://imgur.com/M5ocj2R.png HTTP 301
https://i.imgur.com/M5ocj2R.png

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
mayoclinic-staging.safe.health/ 2 KB
3 KB 810ms
733ms Document
text/html 2600:9000:2016:e200:0:c858:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mayoclinic-staging.safe.health/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:e200:0:c858:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcf5180345724e5a56e2a44ec3c7acf69fe9f9e837944478da83b1ea970286cc

Request headers

:method: GET
:authority: mayoclinic-staging.safe.health
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html
content-length: 2383
date: Mon, 18 May 2020 00:06:44 GMT
last-modified: Fri, 15 May 2020 18:01:39 GMT
etag: "f4fb15e75e4c4426d7daeb27352fa2e3"
cache-control: max-age=0
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 10f98dde1a7268d8ae3e667259705b8c.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: HF34962xHokqQv-yGEQEiiklPTfK2djpSn4Jmm_C5PCRXRR4_nofpw==

GET
H2 200 2.cbeaa07e.chunk.css
mayoclinic-staging.safe.health/static/css/ 5 KB
6 KB 715ms
714ms Stylesheet
text/css 2600:9000:2016:e200:0:c858:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mayoclinic-staging.safe.health/static/css/2.cbeaa07e.chunk.css
Requested by: Host: mayoclinic-staging.safe.health
URL: https://mayoclinic-staging.safe.health/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:e200:0:c858:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91c6f055e93cda0d2fe27ee01bfb1274c15483e9c90f00cf89887e670618ca50

Request headers

Referer: https://mayoclinic-staging.safe.health/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 00:06:45 GMT
via: 1.1 10f98dde1a7268d8ae3e667259705b8c.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 18:01:39 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
etag: "b7629a6d1099706e3e643920ece2c748"
x-cache: Miss from cloudfront
content-type: text/css
status: 200
cache-control: max-age=0
accept-ranges: bytes
content-length: 5567
x-amz-cf-id: 53jn69nhCCDBp1S-vVFSmFSvX8TM99BBJ9e87vq82GF7ee_V2w5CfQ==

GET
H2 200 main.f37db3bb.chunk.css
mayoclinic-staging.safe.health/static/css/ 670 KB
671 KB 937ms
936ms Stylesheet
text/css 2600:9000:2016:e200:0:c858:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mayoclinic-staging.safe.health/static/css/main.f37db3bb.chunk.css
Requested by: Host: mayoclinic-staging.safe.health
URL: https://mayoclinic-staging.safe.health/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:e200:0:c858:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03eeeda9236d780d88b9da781ad5369495d1060d442008a1b8ec67bfac82cd87

Request headers

Referer: https://mayoclinic-staging.safe.health/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 00:06:45 GMT
via: 1.1 10f98dde1a7268d8ae3e667259705b8c.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 18:01:39 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
etag: "ea34e8809bd27be48cb556fa43d0f201"
x-cache: Miss from cloudfront
content-type: text/css
status: 200
cache-control: max-age=0
accept-ranges: bytes
content-length: 685721
x-amz-cf-id: zsmsiOMn4lNGf8uUDAnGgIzSaw8SaCAsHudvBFo5S_gSYOs5OtVirQ==

GET
H2 200 2.e51d9fbe.chunk.js Show response
mayoclinic-staging.safe.health/static/js/ 2 MB
2 MB 937ms
936ms Script
application/javascript 2600:9000:2016:e200:0:c858:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mayoclinic-staging.safe.health/static/js/2.e51d9fbe.chunk.js
Requested by: Host: mayoclinic-staging.safe.health
URL: https://mayoclinic-staging.safe.health/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:e200:0:c858:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90e2e0c746495e1546842e9155c167e8c9af10d2a7bc470bad334179712722eb

Request headers

Referer: https://mayoclinic-staging.safe.health/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 00:06:45 GMT
via: 1.1 10f98dde1a7268d8ae3e667259705b8c.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 18:01:39 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
etag: "1386625274f36024c963c0c5348a13a5"
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=0
accept-ranges: bytes
content-length: 2295736
x-amz-cf-id: HD5Ccyz6VsNV_CM4WOngrVU6KWG48oozVDoyE5Bb3wT6QuB6SkirgQ==

GET
H2 200 main.7d3fcd4c.chunk.js Show response
mayoclinic-staging.safe.health/static/js/ 348 KB
349 KB 937ms
936ms Script
application/javascript 2600:9000:2016:e200:0:c858:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mayoclinic-staging.safe.health/static/js/main.7d3fcd4c.chunk.js
Requested by: Host: mayoclinic-staging.safe.health
URL: https://mayoclinic-staging.safe.health/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:e200:0:c858:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d17e6191bc97bc9e991ba9f29e73c3113031ad819827cf3bd5f0028147d552b

Request headers

Referer: https://mayoclinic-staging.safe.health/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 00:06:45 GMT
via: 1.1 10f98dde1a7268d8ae3e667259705b8c.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 18:01:40 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
etag: "e7344787590ea19188720af8c90fe5dd"
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=0
accept-ranges: bytes
content-length: 356251
x-amz-cf-id: yyGeDHEC1r2V2Z_ngHkYNEjcThMz35Lw7IpOfEBtoC9wrnyAW3DIdQ==

GET
H/1.1 200 public Show response
api-staging.getchecked.health/v1/admin/account/ 44 B
638 B 842ms
215ms XHR
application/json 34.223.200.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-staging.getchecked.health/v1/admin/account/public?domain=mayoclinic-staging.safe.health

Requested by

Host: mayoclinic-staging.safe.health
URL: https://mayoclinic-staging.safe.health/static/js/2.e51d9fbe.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.223.200.195 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-223-200-195.us-west-2.compute.amazonaws.com

Software

Resource Hash

9eb090aade6fe24b1ddaa4ad8cc7181d81e12c907c10ee5059c435ca484775db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://mayoclinic-staging.safe.health/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 May 2020 00:06:46 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Content-Type: application/json
Access-Control-Allow-Origin: https://mayoclinic-staging.safe.health
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
transfer-encoding: chunked
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 401 my
api-staging.getchecked.health/v1/admin/tenant/ 134 B
724 B 194ms
194ms XHR
application/json 34.223.200.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-staging.getchecked.health/v1/admin/tenant/my

Requested by

Host: mayoclinic-staging.safe.health
URL: https://mayoclinic-staging.safe.health/static/js/2.e51d9fbe.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.223.200.195 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-223-200-195.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Allow-Origin: *
Accept: application/json
Referer: https://mayoclinic-staging.safe.health/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Id_Token: [object Object]
Authorization: Bearer null

Response headers

Pragma: no-cache
Date: Mon, 18 May 2020 00:06:46 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://mayoclinic-staging.safe.health
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Length: 134
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1

200
OK

Primary Request login Show response
auth-staging.safesystems.app/u/
Redirect Chain

https://auth-staging.safesystems.app/authorize?client_id=ShC82441NCHDxF7e2bvD3ZPWoInawOiq&audience=https%3A%2F%2Fapi-uat.getchecked.health&redirect_uri=https%3A%2F%2Fmayoclinic-staging.safe.health&...
https://auth-staging.safesystems.app/u/login?state=g6Fo2SByaVI1aTA3RWxlRl9ZanlFYmNqLUVCWS1Vb0h3dkRPZqN0aWTZIFFsWF8zU1FQUDF4YVYybS1BcTVhc0Z3UEdXelM2Smdxo2NpZNkgU2hDODI0NDFOQ0hEeEY3ZTJidkQzWlBXb0luYX...

8 KB
4 KB

215ms
214ms

Document
text/html

34.216.95.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-staging.safesystems.app/u/login?state=g6Fo2SByaVI1aTA3RWxlRl9ZanlFYmNqLUVCWS1Vb0h3dkRPZqN0aWTZIFFsWF8zU1FQUDF4YVYybS1BcTVhc0Z3UEdXelM2Smdxo2NpZNkgU2hDODI0NDFOQ0hEeEY3ZTJidkQzWlBXb0luYXdPaXE

Requested by

Host: mayoclinic-staging.safe.health
URL: https://mayoclinic-staging.safe.health/static/js/2.e51d9fbe.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.216.95.178 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-95-178.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d6cef48ef7e10f86f7357d0140938d66bbce640db1b5f4d6fa646bce2b063eee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Host: auth-staging.safesystems.app
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://mayoclinic-staging.safe.health/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: did=s%3Av0%3A76f39850-989b-11ea-8cae-370718c984b5.q3WPuexPNBsYeWLYAwjaJa6bXqSqPRCkPUF5YLiQNos; auth0=s%3AgMBPq3iHSXbOAwBDftf1RuziWC-PLv_Y.ZuBsbVSXSeFG9iPslAg4Z2oNRkE1lskcph2lwM3zWzM; did_compat=s%3Av0%3A76f39850-989b-11ea-8cae-370718c984b5.q3WPuexPNBsYeWLYAwjaJa6bXqSqPRCkPUF5YLiQNos; auth0_compat=s%3AgMBPq3iHSXbOAwBDftf1RuziWC-PLv_Y.ZuBsbVSXSeFG9iPslAg4Z2oNRkE1lskcph2lwM3zWzM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://mayoclinic-staging.safe.health/

Response headers

Server: nginx
Date: Mon, 18 May 2020 00:06:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ot-tracer-spanid: 6ea1895078d3e500
ot-tracer-traceid: 409d3618617709ae
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 13140-1589760407.375-82.102.18.114-1163-535823181-2-0.000
X-Auth0-RequestId: f75a6b6aee8670956c37
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 99
X-RateLimit-Reset: 1589760408
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
X-Robots-Tag: noindex, nofollow noindex, nofollow, nosnippet, noarchive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Mon, 18 May 2020 00:06:47 GMT
Content-Language: en
ETag: W/"1f67-F/HknnsVVq9RBuUZdDf7e6gL3go"
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000

Redirect headers

Server: nginx
Date: Mon, 18 May 2020 00:06:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 376
Connection: keep-alive
ot-tracer-spanid: 49e839b81f70fdf6
ot-tracer-traceid: 0553338e6c37261f
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 13140-1589760407.109-82.102.18.114-1117-535823181-1-0.000
X-Auth0-RequestId: 7075f6bd06150d642968
Set-Cookie: did=s%3Av0%3A76f39850-989b-11ea-8cae-370718c984b5.q3WPuexPNBsYeWLYAwjaJa6bXqSqPRCkPUF5YLiQNos; Max-Age=31557600; Path=/; Expires=Tue, 18 May 2021 06:06:47 GMT; HttpOnly; Secure; SameSite=None auth0=s%3AgMBPq3iHSXbOAwBDftf1RuziWC-PLv_Y.ZuBsbVSXSeFG9iPslAg4Z2oNRkE1lskcph2lwM3zWzM; Path=/; Expires=Thu, 21 May 2020 00:06:47 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A76f39850-989b-11ea-8cae-370718c984b5.q3WPuexPNBsYeWLYAwjaJa6bXqSqPRCkPUF5YLiQNos; Max-Age=31557600; Path=/; Expires=Tue, 18 May 2021 06:06:47 GMT; HttpOnly; Secure auth0_compat=s%3AgMBPq3iHSXbOAwBDftf1RuziWC-PLv_Y.ZuBsbVSXSeFG9iPslAg4Z2oNRkE1lskcph2lwM3zWzM; Path=/; Expires=Thu, 21 May 2020 00:06:47 GMT; HttpOnly; Secure
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1589760408
Location: /u/login?state=g6Fo2SByaVI1aTA3RWxlRl9ZanlFYmNqLUVCWS1Vb0h3dkRPZqN0aWTZIFFsWF8zU1FQUDF4YVYybS1BcTVhc0Z3UEdXelM2Smdxo2NpZNkgU2hDODI0NDFOQ0hEeEY3ZTJidkQzWlBXb0luYXdPaXE
Vary: Accept
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Strict-Transport-Security: max-age=15768000

GET
H2 200 main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.1.1/css/ 166 KB
40 KB 761ms
690ms Stylesheet
text/css 52.222.177.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/ulp/react-components/1.1.1/css/main.cdn.min.css
Requested by: Host: auth-staging.safesystems.app
URL: https://auth-staging.safesystems.app/u/login?state=g6Fo2SByaVI1aTA3RWxlRl9ZanlFYmNqLUVCWS1Vb0h3dkRPZqN0aWTZIFFsWF8zU1FQUDF4YVYybS1BcTVhc0Z3UEdXelM2Smdxo2NpZNkgU2hDODI0NDFOQ0hEeEY3ZTJidkQzWlBXb0luYXdPaXE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.177.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-177-56.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71338afa04bec467520cffd098d20c527e79a496d1a4ec65065e9c3343c416ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 00:06:49 GMT
content-encoding: gzip
last-modified: Tue, 05 May 2020 15:47:06 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: gChNRpBI2kSAYDAjwlVKvwO6j3cEji6K
status: 200
cache-control: max-age=2628000,public
x-amz-replication-status: FAILED
content-type: text/css
x-amz-cf-id: rGv13XpDOj6PIqfZ-1QvgQVgRRiADYzmwbrYq0s0hDdt0ZQupltlHQ==
via: 1.1 8c7d2e4b1dd1d9cc43ca7f060033ac41.cloudfront.net (CloudFront)

GET
H2

200

M5ocj2R.png
i.imgur.com/
Redirect Chain

https://imgur.com/M5ocj2R.png
https://i.imgur.com/M5ocj2R.png

17 KB
17 KB

100ms
33ms

Image
image/png

151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/M5ocj2R.png

Requested by

Host: auth-staging.safesystems.app
URL: https://auth-staging.safesystems.app/u/login?state=g6Fo2SByaVI1aTA3RWxlRl9ZanlFYmNqLUVCWS1Vb0h3dkRPZqN0aWTZIFFsWF8zU1FQUDF4YVYybS1BcTVhc0Z3UEdXelM2Smdxo2NpZNkgU2hDODI0NDFOQ0hEeEY3ZTJidkQzWlBXb0luYXdPaXE

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

a02c2f1f8691b0d75948d4c1dc02a58bef93d87b4c03fd28d1f3bbbcc8a255b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 00:06:47 GMT
x-content-type-options: nosniff
age: 2800955
x-cache: HIT, HIT
status: 200
content-length: 17593
x-served-by: cache-bwi5131-BWI, cache-hhn4040-HHN
last-modified: Sat, 04 Apr 2020 16:07:27 GMT
server: cat factory 1.0
x-timer: S1589760408.676079,VS0,VE1
etag: "101eca6dcb8e447761c47e6497388379"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

Redirect headers

date: Mon, 18 May 2020 00:06:47 GMT
server: cat factory 1.0
x-timer: S1589760408.581086,VS0,VE0
status: 301
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/M5ocj2R.png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
x-cache-hits: 0
accept-ranges: bytes
access-control-allow-origin: https://imgur.com
content-length: 0
retry-after: 0
x-served-by: cache-lhr7335-LHR

GET
H2 200 email-icon.svg
cdn.auth0.com/ulp/react-components/1.1.1/img/theme-generic/ 585 B
1 KB 721ms
652ms Image
image/svg+xml 52.222.177.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.auth0.com/ulp/react-components/1.1.1/img/theme-generic/email-icon.svg
Requested by: Host: auth-staging.safesystems.app
URL: https://auth-staging.safesystems.app/u/login?state=g6Fo2SByaVI1aTA3RWxlRl9ZanlFYmNqLUVCWS1Vb0h3dkRPZqN0aWTZIFFsWF8zU1FQUDF4YVYybS1BcTVhc0Z3UEdXelM2Smdxo2NpZNkgU2hDODI0NDFOQ0hEeEY3ZTJidkQzWlBXb0luYXdPaXE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.177.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-177-56.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 427fcf35701c776649fa5c13342308239e7e0f49d316d39bb878a946562f9095

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://cdn.auth0.com/ulp/react-components/1.1.1/css/main.cdn.min.css
Origin: https://auth-staging.safesystems.app

Response headers

date: Mon, 18 May 2020 00:06:50 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
status: 200
x-amz-replication-status: FAILED
content-length: 585
last-modified: Tue, 05 May 2020 15:47:08 GMT
server: AmazonS3
etag: "a4764d6be4658654037001230fa32aae"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: BsL5TsVtIRmpCHr2l83RgVmTev41E8cL
access-control-allow-origin: *
cache-control: max-age=2628000,public
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: ql1XibrmRCRV_45Ct1w-hDckEiM2I_iesxx-cSyISL50Ba2HDU05fA==

GET
H2 200 lock-icon.svg
cdn.auth0.com/ulp/react-components/1.1.1/img/theme-generic/ 596 B
1 KB 699ms
649ms Image
image/svg+xml 52.222.177.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.auth0.com/ulp/react-components/1.1.1/img/theme-generic/lock-icon.svg
Requested by: Host: auth-staging.safesystems.app
URL: https://auth-staging.safesystems.app/u/login?state=g6Fo2SByaVI1aTA3RWxlRl9ZanlFYmNqLUVCWS1Vb0h3dkRPZqN0aWTZIFFsWF8zU1FQUDF4YVYybS1BcTVhc0Z3UEdXelM2Smdxo2NpZNkgU2hDODI0NDFOQ0hEeEY3ZTJidkQzWlBXb0luYXdPaXE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.177.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-177-56.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3dd799215e1437c136e9ef19541279f1a31d7b7fc84b5ad30b3b25295ab7c62d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://cdn.auth0.com/ulp/react-components/1.1.1/css/main.cdn.min.css
Origin: https://auth-staging.safesystems.app

Response headers

date: Mon, 18 May 2020 00:06:50 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
status: 200
x-amz-replication-status: FAILED
content-length: 596
last-modified: Tue, 05 May 2020 15:47:08 GMT
server: AmazonS3
etag: "f5fd4631fd7491f7454000ffcad36bee"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 7OVLmmD4f_L6ubkoBWgjJM2XMbFD9DyT
access-control-allow-origin: *
cache-control: max-age=2628000,public
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: d8xomk0_i2AS7HBnk5qWr-YjHSnyTm8EGiPcbwdAs6t8Iy6CFn-kXg==

GET
H2 200 show-password.svg
cdn.auth0.com/ulp/react-components/1.1.1/img/theme-generic/ 650 B
1 KB 697ms
647ms Image
image/svg+xml 52.222.177.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.auth0.com/ulp/react-components/1.1.1/img/theme-generic/show-password.svg
Requested by: Host: auth-staging.safesystems.app
URL: https://auth-staging.safesystems.app/u/login?state=g6Fo2SByaVI1aTA3RWxlRl9ZanlFYmNqLUVCWS1Vb0h3dkRPZqN0aWTZIFFsWF8zU1FQUDF4YVYybS1BcTVhc0Z3UEdXelM2Smdxo2NpZNkgU2hDODI0NDFOQ0hEeEY3ZTJidkQzWlBXb0luYXdPaXE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.177.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-177-56.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 093ded037c9d180dd4b18b935d666a68420bca40a1108d098e13bc697a3ed24f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://cdn.auth0.com/ulp/react-components/1.1.1/css/main.cdn.min.css
Origin: https://auth-staging.safesystems.app

Response headers

date: Mon, 18 May 2020 00:06:50 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
status: 200
x-amz-replication-status: FAILED
content-length: 650
last-modified: Tue, 05 May 2020 15:47:08 GMT
server: AmazonS3
etag: "0c525c8b716198747edd1da4982f70c7"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: bVvBGAjIX0wvm_DRHDbpjC61lhTLmNe0
access-control-allow-origin: *
cache-control: max-age=2628000,public
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: CG2OEOhZcb1lbH01uMWLRe0Ck2SgnZZjW_zvtXGleQdm3kg8DjEDqg==

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://mayoclinic-staging.safe.health/static/js/2.e51d9fbe.chunk.js(Line 2) Message: TypeError: Cannot read property 'email' of undefined
console-api	log	URL: https://mayoclinic-staging.safe.health/static/js/main.7d3fcd4c.chunk.js(Line 1) Message: ERROR Error: Request failed with status code 401

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-staging.getchecked.health
auth-staging.safesystems.app
cdn.auth0.com
i.imgur.com
imgur.com
mayoclinic-staging.safe.health
151.101.112.193
151.101.60.193
2600:9000:2016:e200:0:c858:3e80:93a1
34.216.95.178
34.223.200.195
52.222.177.56
03eeeda9236d780d88b9da781ad5369495d1060d442008a1b8ec67bfac82cd87
093ded037c9d180dd4b18b935d666a68420bca40a1108d098e13bc697a3ed24f
2d17e6191bc97bc9e991ba9f29e73c3113031ad819827cf3bd5f0028147d552b
3dd799215e1437c136e9ef19541279f1a31d7b7fc84b5ad30b3b25295ab7c62d
427fcf35701c776649fa5c13342308239e7e0f49d316d39bb878a946562f9095
71338afa04bec467520cffd098d20c527e79a496d1a4ec65065e9c3343c416ba
90e2e0c746495e1546842e9155c167e8c9af10d2a7bc470bad334179712722eb
91c6f055e93cda0d2fe27ee01bfb1274c15483e9c90f00cf89887e670618ca50
9eb090aade6fe24b1ddaa4ad8cc7181d81e12c907c10ee5059c435ca484775db
a02c2f1f8691b0d75948d4c1dc02a58bef93d87b4c03fd28d1f3bbbcc8a255b3
d6cef48ef7e10f86f7357d0140938d66bbce640db1b5f4d6fa646bce2b063eee
dcf5180345724e5a56e2a44ec3c7acf69fe9f9e837944478da83b1ea970286cc

auth-staging.safesystems.app Open in urlscan Pro 34.216.95.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

17 %IPv6

5 Domains

6 Subdomains

5 IPs

3 Countries

3340 kBTransfer

3460 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

auth-staging.safesystems.app Open in urlscan Pro
34.216.95.178 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

3340 kB
Transfer

3460 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions