auth-dev.safesystems.app
Open in
urlscan Pro
2606:4700::6810:b8f8
Public Scan
Effective URL: https://auth-dev.safesystems.app/u/login?state=hKFo2SBrRDNiYVB6V0FNd2xub0ZIdl95UHhEXzBueklOR25mRqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIH...
Submission: On March 01 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 8th 2021. Valid for: a year.
This is the only time auth-dev.safesystems.app was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 2600:9000:215... 2600:9000:2156:8800:13:3b76:90c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.88.216.5 52.88.216.5 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 2606:4700::68... 2606:4700::6810:b8f8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 34.120.195.249 34.120.195.249 | 15169 (GOOGLE) (GOOGLE) | |
1 | 143.204.103.120 143.204.103.120 | 16509 (AMAZON-02) (AMAZON-02) | |
10 | 6 |
ASN16509 (AMAZON-02, US)
mayoclinic-dev.safe.health |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-216-5.us-west-2.compute.amazonaws.com
api-dev.getchecked.health |
ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o463450.ingest.sentry.io |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-120.fra50.r.cloudfront.net
cdn.auth0.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
safe.health
mayoclinic-dev.safe.health |
2 MB |
2 |
safesystems.app
auth-dev.safesystems.app Failed |
15 KB |
1 |
auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 9211 |
52 KB |
1 |
sentry.io
o463450.ingest.sentry.io |
292 B |
1 |
getchecked.health
api-dev.getchecked.health |
433 B |
0 |
safehealth.me
Failed
safehealth.me Failed |
|
10 | 6 |
Domain | Requested by | |
---|---|---|
4 | mayoclinic-dev.safe.health |
mayoclinic-dev.safe.health
|
2 | auth-dev.safesystems.app |
mayoclinic-dev.safe.health
|
1 | cdn.auth0.com |
auth-dev.safesystems.app
|
1 | o463450.ingest.sentry.io |
mayoclinic-dev.safe.health
|
1 | api-dev.getchecked.health |
mayoclinic-dev.safe.health
|
0 | safehealth.me Failed |
auth-dev.safesystems.app
|
10 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mayoclinic-dev.safe.health Amazon |
2021-03-31 - 2022-04-29 |
a year | crt.sh |
*.getchecked.health Amazon |
2022-01-28 - 2023-02-26 |
a year | crt.sh |
auth-dev.safesystems.app Cloudflare Inc ECC CA-3 |
2021-11-08 - 2022-11-07 |
a year | crt.sh |
*.ingest.sentry.io R3 |
2022-02-21 - 2022-05-22 |
3 months | crt.sh |
*.auth0.com Amazon |
2021-04-25 - 2022-05-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth-dev.safesystems.app/u/login?state=hKFo2SBrRDNiYVB6V0FNd2xub0ZIdl95UHhEXzBueklOR25mRqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHM4LW9xVEVpYVQ0dlRoRTF4YmU4MHZmaS1JRUNHa05so2NpZNkga3pSWVRUbDN0SklDVndXc05Yb0RDWkZ0UkVlbkdwZDU
Frame ID: 853D389B97C87EDA4891E566A00231C8
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Log in | Mayo-Clinic Administration ConsolePage URL History Show full URLs
- https://mayoclinic-dev.safe.health/ Page URL
-
https://auth-dev.safesystems.app/authorize?client_id=kzRYTTl3tJICVwWsNXoDCZFtREenGpd5&audience=https%3A%2F%2F...
HTTP 302
https://auth-dev.safesystems.app/u/login?state=hKFo2SBrRDNiYVB6V0FNd2xub0ZIdl95UHhEXzBueklOR25mRqFur3VuaXZlcn... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://mayoclinic-dev.safe.health/ Page URL
-
https://auth-dev.safesystems.app/authorize?client_id=kzRYTTl3tJICVwWsNXoDCZFtREenGpd5&audience=https%3A%2F%2Fapi-dev.getchecked.health&redirect_uri=https%3A%2F%2Fmayoclinic-dev.safe.health&response_type=code&scope=openid%20profile%20email&response_mode=query&state=T0dVckZYRWEtUzYtdW1iNm9%2BM0x2amVPSGJudGlJWjJaZjl5V3VaSkpMMw%3D%3D&nonce=1~T49YY38nXLUFuEh802vQ.zt1UZhhuJ8rGP9LjnTY1&code_challenge=GxAzslHeB7XUgWW2waAkUok0wp1oAjGLQmzsZrMmD4Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuNi41In0%3D
HTTP 302
https://auth-dev.safesystems.app/u/login?state=hKFo2SBrRDNiYVB6V0FNd2xub0ZIdl95UHhEXzBueklOR25mRqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHM4LW9xVEVpYVQ0dlRoRTF4YmU4MHZmaS1JRUNHa05so2NpZNkga3pSWVRUbDN0SklDVndXc05Yb0RDWkZ0UkVlbkdwZDU Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
mayoclinic-dev.safe.health/ |
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.6224dddd.chunk.css
mayoclinic-dev.safe.health/static/css/ |
732 KB 733 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9.679ac14f.chunk.js
mayoclinic-dev.safe.health/static/js/ |
850 KB 852 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.bb7dcdb8.chunk.js
mayoclinic-dev.safe.health/static/js/ |
456 KB 457 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
public
api-dev.getchecked.health/dev/v1/admin/account/ |
44 B 433 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
logout
auth-dev.safesystems.app/v2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
login
auth-dev.safesystems.app/u/ Redirect Chain
|
13 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
o463450.ingest.sentry.io/api/5493447/envelope/ |
41 B 292 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.58.3/css/ |
224 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
safehealth.me/shs-emblem/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
650 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- auth-dev.safesystems.app
- URL
- https://auth-dev.safesystems.app/v2/logout?client_id=kzRYTTl3tJICVwWsNXoDCZFtREenGpd5&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuNi41In0%3D
- Domain
- safehealth.me
- URL
- https://safehealth.me/shs-emblem/
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mayoclinic-dev.safe.health/ | Name: a0.spajs.txs.T0dVckZYRWEtUzYtdW1iNm9+M0x2amVPSGJudGlJWjJaZjl5V3VaSkpMMw%3D%3D Value: {%22nonce%22:%221~T49YY38nXLUFuEh802vQ.zt1UZhhuJ8rGP9LjnTY1%22%2C%22code_verifier%22:%22wiKeAA4dc8krtr3D6QNO3JZZRYHY7tRgS7ESVyjOESk%22%2C%22appState%22:{%22targetUrl%22:%22/%22}%2C%22scope%22:%22openid%20profile%20email%22%2C%22audience%22:%22https://api-dev.getchecked.health%22%2C%22redirect_uri%22:%22https://mayoclinic-dev.safe.health%22} |
|
auth-dev.safesystems.app/ | Name: did Value: s%3Av0%3A92ec3bf0-990e-11ec-91fe-fbe1645f4dd0.gaGjzZ0mbMon8zkLKhzhpg3i2OouYyOKN7AvB8aqfS8 |
|
auth-dev.safesystems.app/ | Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMr5fJ-Eo_9pS6cto3morC-HuPTOMHNdDMd66O-dwhEzqj4sBZ8c8Nva4Tigdw-B6LtwC8rOeBuuZX7qOEuvntmmY29va2llg6dleHBpcmVz1_-oj9sAYiGFia5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.awU%2FUNGRpgXbMW7n7G3ki1E2VUvDKZ6hJNzBPdtY%2B7g |
|
auth-dev.safesystems.app/ | Name: did_compat Value: s%3Av0%3A92ec3bf0-990e-11ec-91fe-fbe1645f4dd0.gaGjzZ0mbMon8zkLKhzhpg3i2OouYyOKN7AvB8aqfS8 |
|
auth-dev.safesystems.app/ | Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMr5fJ-Eo_9pS6cto3morC-HuPTOMHNdDMd66O-dwhEzqj4sBZ8c8Nva4Tigdw-B6LtwC8rOeBuuZX7qOEuvntmmY29va2llg6dleHBpcmVz1_-oj9sAYiGFia5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.awU%2FUNGRpgXbMW7n7G3ki1E2VUvDKZ6hJNzBPdtY%2B7g |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-dev.getchecked.health
auth-dev.safesystems.app
cdn.auth0.com
mayoclinic-dev.safe.health
o463450.ingest.sentry.io
safehealth.me
auth-dev.safesystems.app
safehealth.me
143.204.103.120
2600:9000:2156:8800:13:3b76:90c0:93a1
2606:4700::6810:b8f8
34.120.195.249
52.88.216.5
3ea7ed3658714f3079eff9bccbb2d32d5392b7669b18d5cbf01e5d27ff095e2f
6860e2833d024848f07226a20da8fbc562588594efdf42ef662080112c53e3e5
69fe4bae5bd1866460d7b95218898eaa76be1475adb67c3d7aa210d3221409e8
8c449dde312e732be71450171e6734d9afc5d1803c53a163f9287ba7248d21ca
990c76db83d4cb3695cbc6c22290c63103340bace2ab72bcb0bfa251c7e50007
9dbbe4ed9d2c7289ccd8372c4f5c7becf459adbde7aad34648dc0c1c8e43c010
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
fd5b7503e2d536aa9f7fb4541ae9ded918f6eedce461489b5c14ac00bc84773d