urlscan.io logo urlscan.io
SecurityTrails logo

nwd-dev.authgear-staging.com Open in urlscan Pro
104.196.112.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nwd-auth-dev.pandawork.com/
Effective URL: https://nwd-dev.authgear-staging.com/signup
Submission: On February 22 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 104.196.112.111, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is nwd-dev.authgear-staging.com.
TLS certificate: Issued by R3 on February 8th 2023. Valid for: 3 months.
This is the only time nwd-dev.authgear-staging.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 21 104.196.112.111 396982 (GOOGLE-CL...)
2 104.96.130.31 16625 (AKAMAI-AS)
21 2
Apex Domain
Subdomains		 Transfer
20 authgear-staging.com
nwd-dev.authgear-staging.com
2 MB
2 sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 2668
69 KB
1 pandawork.com
nwd-auth-dev.pandawork.com
162 B
21 3
Domain Requested by
20 nwd-dev.authgear-staging.com 1 redirects nwd-dev.authgear-staging.com
2 static2.sharepointonline.com nwd-dev.authgear-staging.com
1 nwd-auth-dev.pandawork.com 1 redirects
21 3

This site contains links to these domains. Also see Links.

Domain
www.authgear.com
Subject Issuer Validity Valid
*.authgear-staging.com
R3		 2023-02-08 -
2023-05-09		 3 months crt.sh
privatecdn.sharepointonline.com
DigiCert SHA2 Secure Server CA		 2022-09-19 -
2023-09-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://nwd-dev.authgear-staging.com/signup
Frame ID: A750742D75C29EE7B11FCD33777231A7
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

nwd-dev

Page URL History Show full URLs

  1. https://nwd-auth-dev.pandawork.com/ HTTP 307
    https://nwd-dev.authgear-staging.com/ HTTP 302
    https://nwd-dev.authgear-staging.com/signup Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-controller

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

2275 kB
Transfer

2264 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nwd-auth-dev.pandawork.com/ HTTP 307
    https://nwd-dev.authgear-staging.com/ HTTP 302
    https://nwd-dev.authgear-staging.com/signup Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signup
nwd-dev.authgear-staging.com/
Redirect Chain
  • https://nwd-auth-dev.pandawork.com/
  • https://nwd-dev.authgear-staging.com/
  • https://nwd-dev.authgear-staging.com/signup
9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
6f0f0198c3225cae3eb3ac0c9180eb744b700f61390b090a29f8d809d196e42e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-HZBFJDV48629TP0J6153CQ2G51G5WS16' www.googletagmanager.com; frame-src 'self' www.googletagmanager.com; font-src 'self' cdnjs.cloudflare.com static2.sharepointonline.com fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com www.googletagmanager.com fonts.googleapis.com; img-src 'self' http: https: data:; object-src 'none'; base-uri 'none'; connect-src 'self' https://www.google-analytics.com ws://nwd-dev.authgear-staging.com wss://nwd-dev.authgear-staging.com; block-all-mixed-content; frame-ancestors 'none'
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-length
9689
content-security-policy
default-src 'self'; script-src 'self' 'nonce-HZBFJDV48629TP0J6153CQ2G51G5WS16' www.googletagmanager.com; frame-src 'self' www.googletagmanager.com; font-src 'self' cdnjs.cloudflare.com static2.sharepointonline.com fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com www.googletagmanager.com fonts.googleapis.com; img-src 'self' http: https: data:; object-src 'none'; base-uri 'none'; connect-src 'self' https://www.google-analytics.com ws://nwd-dev.authgear-staging.com wss://nwd-dev.authgear-staging.com; block-all-mixed-content; frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 11:16:43 GMT
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
vary
Cookie
x-content-type-options
nosniff

Redirect headers

cache-control
no-store
content-length
30
content-security-policy
default-src 'self'; script-src 'self' 'nonce-HZBFJDV48629TP0J6153CQ2G51G5WS16' www.googletagmanager.com; frame-src 'self' www.googletagmanager.com; font-src 'self' cdnjs.cloudflare.com static2.sharepointonline.com fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com www.googletagmanager.com fonts.googleapis.com; img-src 'self' http: https: data:; object-src 'none'; base-uri 'none'; connect-src 'self' https://www.google-analytics.com ws://nwd-dev.authgear-staging.com wss://nwd-dev.authgear-staging.com; block-all-mixed-content; frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 11:16:43 GMT
location
/signup
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
vary
Cookie
x-content-type-options
nosniff
intlTelInput.c847aac0.css
nwd-dev.authgear-staging.com/shared-assets/ 		19 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/intlTelInput.c847aac0.css
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
36be7f840c6ee6c34ec1efea86ccf3fbcb928eeec981ea118c8ab4882760e238
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nwd-dev.authgear-staging.com/signup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
19190
cropper.59e56cd5.css
nwd-dev.authgear-staging.com/shared-assets/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/cropper.59e56cd5.css
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
c9c0541c6420a40e710f23587f330e52fe6712e2ada04241e7b6e112446ea988
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nwd-dev.authgear-staging.com/signup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3558
tabler-icons.8eb47db0.css
nwd-dev.authgear-staging.com/shared-assets/ 		106 KB
107 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/tabler-icons.8eb47db0.css
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
01653be6d0717593296657f6a152262a1b419a00554f876020c017819252e78a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nwd-dev.authgear-staging.com/signup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
109018
authgear-icons.0c4f59c1.css
nwd-dev.authgear-staging.com/shared-assets/ 		572 B
839 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/authgear-icons.0c4f59c1.css
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
b6f2fd8c2983ab5a2f94be050d403785ddb95f5970a2b1d8463eae852ead3fd4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nwd-dev.authgear-staging.com/signup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
572
tailwind.383426ab.css
nwd-dev.authgear-staging.com/shared-assets/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/tailwind.383426ab.css
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
eeeef927eb10bc354947ec6667a1d72b68a5994437cb03d0f51a470ab60af746
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nwd-dev.authgear-staging.com/signup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
25482
tailwind-light-theme.b995d4a1.css
nwd-dev.authgear-staging.com/shared-assets/ 		13 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/tailwind-light-theme.b995d4a1.css
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
dd4329f6e864a5bc2280f124556ad1b3065e7d55588d86a44ec20332ef6a4006
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nwd-dev.authgear-staging.com/signup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13020
tailwind-dark-theme.230099f3.css
nwd-dev.authgear-staging.com/shared-assets/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/tailwind-dark-theme.230099f3.css
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
47aed2e926f61bf7d63a17273f3ac3e498a7c7d4fc14dcbdf7d0496580d5c113
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nwd-dev.authgear-staging.com/signup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6408
stimulus-module.74653b49.js
nwd-dev.authgear-staging.com/shared-assets/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/stimulus-module.74653b49.js
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
2dc30bd9caac62b27b49887b57bd1217678106730e56be3712bde2c7cb8866f7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://nwd-dev.authgear-staging.com/signup
Origin
https://nwd-dev.authgear-staging.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
34154
turbo-module.3d08fa7b.js
nwd-dev.authgear-staging.com/shared-assets/ 		72 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/turbo-module.3d08fa7b.js
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
790dd086461447e6e4018b5bc0ed23dc32d5c5e0a0f0d10615c97d3a6b16c4e7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://nwd-dev.authgear-staging.com/signup
Origin
https://nwd-dev.authgear-staging.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
74076
zxcvbn-module.d984294b.js
nwd-dev.authgear-staging.com/shared-assets/ 		800 KB
802 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/zxcvbn-module.d984294b.js
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
e38196767af0f782898344137abd8f0f9951785af160bdf825cc8c79e1a27ef7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://nwd-dev.authgear-staging.com/signup
Origin
https://nwd-dev.authgear-staging.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
819253
axios-module.794a67be.js
nwd-dev.authgear-staging.com/shared-assets/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/axios-module.794a67be.js
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
77d7a204078e21585e392648f4a8e727dec1035ad3fd13d02c3978d15855f46d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://nwd-dev.authgear-staging.com/signup
Origin
https://nwd-dev.authgear-staging.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
32318
colorscheme-classic.2af35552.js
nwd-dev.authgear-staging.com/shared-assets/ 		478 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/colorscheme-classic.2af35552.js
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
50b2f5a5db58111136348e98c32222a87e0d47e436413d3e7f936e4e222f6bd6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nwd-dev.authgear-staging.com/signup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
478
intlTelInput-classic.688c9d7a.js
nwd-dev.authgear-staging.com/shared-assets/ 		29 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/intlTelInput-classic.688c9d7a.js
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
48559989ef374999f09077c2a74ede078dab9701b390ae45853e29624433b020
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nwd-dev.authgear-staging.com/signup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29451
intlTelInputUtils-classic.f0ee167a.js
nwd-dev.authgear-staging.com/shared-assets/ 		243 KB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/intlTelInputUtils-classic.f0ee167a.js
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
3b15ecc4cb42604f80ed242c494d052e10c49079535981dbd9eaafa7ff78ad4a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nwd-dev.authgear-staging.com/signup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
249130
cropper-classic.61ffcfe6.js
nwd-dev.authgear-staging.com/shared-assets/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/cropper-classic.61ffcfe6.js
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
bb3e76dc8fece8604c97a63a6f843c92e8f2d5653290d7f7d34bd7b238fb0a8b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nwd-dev.authgear-staging.com/signup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
37535
authgear-module.9eb69d8f.js
nwd-dev.authgear-staging.com/shared-assets/ 		694 KB
696 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/authgear-module.9eb69d8f.js
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/signup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
dff4bd99856d0a322a2d57772a36e6da5338c885f0528096eec84788f57685d4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://nwd-dev.authgear-staging.com/signup
Origin
https://nwd-dev.authgear-staging.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
710441
watermark.76c36089.svg
nwd-dev.authgear-staging.com/shared-assets/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/watermark.76c36089.svg
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/shared-assets/tailwind.383426ab.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
d72a88c96ef0351cd8b11b9aa11bc18ebbabcd23d8e26cb9eb493569f373e1de
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nwd-dev.authgear-staging.com/shared-assets/tailwind.383426ab.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:28 GMT
access-control-max-age
900
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6474
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/shared-assets/tailwind.383426ab.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.130.31 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-130-31.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer
https://nwd-dev.authgear-staging.com/
Origin
https://nwd-dev.authgear-staging.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 22 Feb 2023 11:16:44 GMT
last-modified
Thu, 02 Nov 2017 17:22:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D522163B704E10
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
ad228def-f01e-002a-2208-20593d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=27047298
x-ms-version
2009-09-19
content-length
36344
segoeui-bold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-bold.woff2
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/shared-assets/tailwind.383426ab.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.130.31 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-130-31.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c599144a6ee494d56d4622e7cc57873a3ba7b3413e525f3e3b4aa7d8298aa2ec

Request headers

Referer
https://nwd-dev.authgear-staging.com/
Origin
https://nwd-dev.authgear-staging.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 22 Feb 2023 11:16:44 GMT
last-modified
Thu, 02 Nov 2017 17:22:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
LEcXW4kKJ4gkTbuwT9FYEA==
etag
0x8D522163B57DFC5
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
54fafd5c-e01e-0019-5972-140696000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=25773210
x-ms-version
2009-09-19
content-length
32964
flags.c61229ae.png
nwd-dev.authgear-staging.com/shared-assets/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nwd-dev.authgear-staging.com/shared-assets/flags.c61229ae.png
Requested by
Host: nwd-dev.authgear-staging.com
URL: https://nwd-dev.authgear-staging.com/shared-assets/intlTelInput.c847aac0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.112.111 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.112.196.104.bc.googleusercontent.com
Software
/
Resource Hash
a48a447cd2b56dfda4116fa515145c487daf763b709da35d459dd26cf3e0197a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nwd-dev.authgear-staging.com/shared-assets/intlTelInput.c847aac0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 05:19:18 GMT
access-control-max-age
900
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
68471

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| parcelRequirebaaf object| intlTelInputGlobals function| intlTelInput object| intlTelInputUtils function| _typeof function| Cropper object| Turbo object| _ethers

3 Cookies

Domain/Path Name / Value
.nwd-dev.authgear-staging.com/ Name: csrf_token
Value: MTY3NzA2NDYwM3xJbWxOVVM5VU5VeDRkV3hPUWpKek9VMXJMMUV6YUdOVlpVMVRNWEpLU0RRMU5tSnlTblYxTDNCWmRFazlJZ289fLvhCYVIFyQEsWHo-2G-aVrt4_l09wlxDFFVBXS3M5SB
.nwd-dev.authgear-staging.com/ Name: csp_nonce
Value: HZBFJDV48629TP0J6153CQ2G51G5WS16
.nwd-dev.authgear-staging.com/ Name: visitor_id
Value: 57d6acec-6de0-4428-9380-09589fb2c900

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-HZBFJDV48629TP0J6153CQ2G51G5WS16' www.googletagmanager.com; frame-src 'self' www.googletagmanager.com; font-src 'self' cdnjs.cloudflare.com static2.sharepointonline.com fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com www.googletagmanager.com fonts.googleapis.com; img-src 'self' http: https: data:; object-src 'none'; base-uri 'none'; connect-src 'self' https://www.google-analytics.com ws://nwd-dev.authgear-staging.com wss://nwd-dev.authgear-staging.com; block-all-mixed-content; frame-ancestors 'none'
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nwd-auth-dev.pandawork.com
nwd-dev.authgear-staging.com
static2.sharepointonline.com
104.196.112.111
104.96.130.31
01653be6d0717593296657f6a152262a1b419a00554f876020c017819252e78a
2dc30bd9caac62b27b49887b57bd1217678106730e56be3712bde2c7cb8866f7
36be7f840c6ee6c34ec1efea86ccf3fbcb928eeec981ea118c8ab4882760e238
3b15ecc4cb42604f80ed242c494d052e10c49079535981dbd9eaafa7ff78ad4a
47aed2e926f61bf7d63a17273f3ac3e498a7c7d4fc14dcbdf7d0496580d5c113
48559989ef374999f09077c2a74ede078dab9701b390ae45853e29624433b020
50b2f5a5db58111136348e98c32222a87e0d47e436413d3e7f936e4e222f6bd6
6f0f0198c3225cae3eb3ac0c9180eb744b700f61390b090a29f8d809d196e42e
77d7a204078e21585e392648f4a8e727dec1035ad3fd13d02c3978d15855f46d
790dd086461447e6e4018b5bc0ed23dc32d5c5e0a0f0d10615c97d3a6b16c4e7
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
a48a447cd2b56dfda4116fa515145c487daf763b709da35d459dd26cf3e0197a
b6f2fd8c2983ab5a2f94be050d403785ddb95f5970a2b1d8463eae852ead3fd4
bb3e76dc8fece8604c97a63a6f843c92e8f2d5653290d7f7d34bd7b238fb0a8b
c599144a6ee494d56d4622e7cc57873a3ba7b3413e525f3e3b4aa7d8298aa2ec
c9c0541c6420a40e710f23587f330e52fe6712e2ada04241e7b6e112446ea988
d72a88c96ef0351cd8b11b9aa11bc18ebbabcd23d8e26cb9eb493569f373e1de
dd4329f6e864a5bc2280f124556ad1b3065e7d55588d86a44ec20332ef6a4006
dff4bd99856d0a322a2d57772a36e6da5338c885f0528096eec84788f57685d4
e38196767af0f782898344137abd8f0f9951785af160bdf825cc8c79e1a27ef7
eeeef927eb10bc354947ec6667a1d72b68a5994437cb03d0f51a470ab60af746