auth.staging.hkl-dev.pandawork.com Open in urlscan Pro
52.229.158.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://auth.staging.hkl-dev.pandawork.com/
Effective URL:
https://auth.staging.hkl-dev.pandawork.com/signup
Submission: On October 15 via automatic, source certstream-suspicious (October 15th 2021, 6:33:57 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 52.229.158.86, located in Central, Hong Kong and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is auth.staging.hkl-dev.pandawork.com.
TLS certificate: Issued by R3 on August 16th 2021. Valid for: 3 months.

This is the only time auth.staging.hkl-dev.pandawork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	52.229.158.86 52.229.158.86	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.111.225.185 104.111.225.185	16625 (AKAMAI-AS) (AKAMAI-AS)
12	3

12 52.229.158.86 (Central, Hong Kong) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

auth.staging.hkl-dev.pandawork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.225.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-225-185.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	pandawork.com 1 redirects auth.staging.hkl-dev.pandawork.com	1 MB
1	sharepointonline.com static2.sharepointonline.com	36 KB
12	2

	Domain	Requested by
12	auth.staging.hkl-dev.pandawork.com	1 redirects auth.staging.hkl-dev.pandawork.com
1	static2.sharepointonline.com	auth.staging.hkl-dev.pandawork.com
12	2

This site contains links to these domains. Also see Links.

Domain
www.authgear.com

Subject Issuer	Validity	Valid
auth.staging.hkl-dev.pandawork.com R3	`2021-08-16` - `2021-11-14`	3 months	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 01	`2021-07-08` - `2022-07-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://auth.staging.hkl-dev.pandawork.com/signup
Frame ID: 9071D60FAD6E6FC3E536671E8C165FF7
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HKL Broker Staging

Page URL History Show full URLs

https://auth.staging.hkl-dev.pandawork.com/ HTTP 302
https://auth.staging.hkl-dev.pandawork.com/signup Page URL

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1436 kB
Transfer

1444 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.authgear.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.authgear.com/data-privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.authgear.com/?utm_campaign=uibrand

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://auth.staging.hkl-dev.pandawork.com/ HTTP 302
https://auth.staging.hkl-dev.pandawork.com/signup Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request signup Show response
auth.staging.hkl-dev.pandawork.com/
Redirect Chain

https://auth.staging.hkl-dev.pandawork.com/
https://auth.staging.hkl-dev.pandawork.com/signup

9 KB
10 KB

329ms
328ms

Document
text/html

52.229.158.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.staging.hkl-dev.pandawork.com/signup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.229.158.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7e3a28c6419bace96e1b06a412909db3ef4d8a7b7d9473496e3d0350ab26e159

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self' cdnjs.cloudflare.com static2.sharepointonline.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com; img-src 'self' data:; object-src 'none'; base-uri 'none'; connect-src 'self' ws://auth.staging.hkl-dev.pandawork.com wss://auth.staging.hkl-dev.pandawork.com; block-all-mixed-content; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Host: auth.staging.hkl-dev.pandawork.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Cookie: csrf_token=MTYzNDI3OTYzMXxJa3d4TlV0TFIwOTViMmRtZHpkQ1UzSjVWekJvUkdacFRXRnVlVTl2T1d3eVYyRXZaRmd6Y3pkQmFsRTlJZ289fF_CjkKZZPZ80iSWduI_lDAoGGOeVBYkt99s48B47Mti; visitor_id=53fe65be-6a1a-41cf-89f4-2ad82d9007d2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 15 Oct 2021 06:33:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 9233
Connection: keep-alive
Cache-Control: no-store
Content-Security-Policy: default-src 'self'; font-src 'self' cdnjs.cloudflare.com static2.sharepointonline.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com; img-src 'self' data:; object-src 'none'; base-uri 'none'; connect-src 'self' ws://auth.staging.hkl-dev.pandawork.com wss://auth.staging.hkl-dev.pandawork.com; block-all-mixed-content; frame-ancestors 'none'
Pragma: no-cache
Turbolinks-Location: /signup
Vary: Cookie
X-Content-Type-Options: nosniff
X-Frame-Options: DENY

Redirect headers

Date: Fri, 15 Oct 2021 06:33:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 30
Connection: keep-alive
Cache-Control: no-store
Content-Security-Policy: default-src 'self'; font-src 'self' cdnjs.cloudflare.com static2.sharepointonline.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com; img-src 'self' data:; object-src 'none'; base-uri 'none'; connect-src 'self' ws://auth.staging.hkl-dev.pandawork.com wss://auth.staging.hkl-dev.pandawork.com; block-all-mixed-content; frame-ancestors 'none'
Location: /signup
Pragma: no-cache
Set-Cookie: csrf_token=MTYzNDI3OTYzMXxJa3d4TlV0TFIwOTViMmRtZHpkQ1UzSjVWekJvUkdacFRXRnVlVTl2T1d3eVYyRXZaRmd6Y3pkQmFsRTlJZ289fF_CjkKZZPZ80iSWduI_lDAoGGOeVBYkt99s48B47Mti; Path=/; Domain=staging.hkl-dev.pandawork.com; Expires=Fri, 15 Oct 2021 18:33:51 GMT; Max-Age=43200; HttpOnly; Secure; SameSite=None visitor_id=53fe65be-6a1a-41cf-89f4-2ad82d9007d2; Path=/; Domain=staging.hkl-dev.pandawork.com; Max-Age=1200; HttpOnly; Secure; SameSite=None
Turbolinks-Location: /
Vary: Cookie
X-Content-Type-Options: nosniff
X-Frame-Options: DENY

GET
H/1.1 200
OK normalize.min.de4c67662a43cb0f3d5ba37b804b5d70.css
auth.staging.hkl-dev.pandawork.com/static/ 2 KB
2 KB 193ms
192ms Stylesheet
text/css 52.229.158.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.staging.hkl-dev.pandawork.com/static/normalize.min.de4c67662a43cb0f3d5ba37b804b5d70.css
Requested by: Host: auth.staging.hkl-dev.pandawork.com
URL: https://auth.staging.hkl-dev.pandawork.com/signup
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.229.158.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5df6923012e5a2448f426c4fe42d7fdd2c1e620d2f9e02e422ac229c9e346509

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.staging.hkl-dev.pandawork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
Cookie: csrf_token=MTYzNDI3OTYzMXxJa3d4TlV0TFIwOTViMmRtZHpkQ1UzSjVWekJvUkdacFRXRnVlVTl2T1d3eVYyRXZaRmd6Y3pkQmFsRTlJZ289fF_CjkKZZPZ80iSWduI_lDAoGGOeVBYkt99s48B47Mti; visitor_id=53fe65be-6a1a-41cf-89f4-2ad82d9007d2
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 06:33:51 GMT
Last-Modified: Fri, 15 Oct 2021 06:33:51 GMT
Etag: W/1895-e5b54237e42e0f7e2d9f079c7d997d2023ddea8f
Vary: Origin
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1895

GET
H/1.1 200
OK tabler-icons.min.2347f0effc6ecbfb53b9bdd993fe077c.css
auth.staging.hkl-dev.pandawork.com/static/ 50 KB
51 KB 389ms
196ms Stylesheet
text/css 52.229.158.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.staging.hkl-dev.pandawork.com/static/tabler-icons.min.2347f0effc6ecbfb53b9bdd993fe077c.css
Requested by: Host: auth.staging.hkl-dev.pandawork.com
URL: https://auth.staging.hkl-dev.pandawork.com/signup
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.229.158.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6f56fe56d961318229efeb3738c234651eeb0a08dd3f2e6be993704f29f9c218

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.staging.hkl-dev.pandawork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
Cookie: csrf_token=MTYzNDI3OTYzMXxJa3d4TlV0TFIwOTViMmRtZHpkQ1UzSjVWekJvUkdacFRXRnVlVTl2T1d3eVYyRXZaRmd6Y3pkQmFsRTlJZ289fF_CjkKZZPZ80iSWduI_lDAoGGOeVBYkt99s48B47Mti; visitor_id=53fe65be-6a1a-41cf-89f4-2ad82d9007d2
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 06:33:51 GMT
Last-Modified: Fri, 15 Oct 2021 06:33:51 GMT
Etag: W/51414-9e51752aa4cb5197df8f83b98b7fbe35075c4cab
Vary: Origin
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51414

GET
H/1.1 200
OK intlTelInput.min.73056cb6c6bbd41d21475a41dee414ac.css
auth.staging.hkl-dev.pandawork.com/static/intl-tel-input/css/ 19 KB
19 KB 754ms
374ms Stylesheet
text/css 52.229.158.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.staging.hkl-dev.pandawork.com/static/intl-tel-input/css/intlTelInput.min.73056cb6c6bbd41d21475a41dee414ac.css
Requested by: Host: auth.staging.hkl-dev.pandawork.com
URL: https://auth.staging.hkl-dev.pandawork.com/signup
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.229.158.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b31f54311164de57c81dfe560ef65073b5bedd9cfac2dbb1bb63333251ee5381

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.staging.hkl-dev.pandawork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
Cookie: csrf_token=MTYzNDI3OTYzMXxJa3d4TlV0TFIwOTViMmRtZHpkQ1UzSjVWekJvUkdacFRXRnVlVTl2T1d3eVYyRXZaRmd6Y3pkQmFsRTlJZ289fF_CjkKZZPZ80iSWduI_lDAoGGOeVBYkt99s48B47Mti; visitor_id=53fe65be-6a1a-41cf-89f4-2ad82d9007d2
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 06:33:52 GMT
Last-Modified: Fri, 15 Oct 2021 06:33:52 GMT
Etag: W/19158-333da7a87d78427fd7f7b26f3332d049f531bc44
Vary: Origin
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19158

GET
H/1.1 200
OK authgear-light-theme.fa27c63f4d48200713eceff91d4bf837.css
auth.staging.hkl-dev.pandawork.com/static/ 13 KB
14 KB 582ms
203ms Stylesheet
text/css 52.229.158.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.staging.hkl-dev.pandawork.com/static/authgear-light-theme.fa27c63f4d48200713eceff91d4bf837.css
Requested by: Host: auth.staging.hkl-dev.pandawork.com
URL: https://auth.staging.hkl-dev.pandawork.com/signup
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.229.158.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5d553665e10d2d2fc648503ff4adf0afe98bacc8a3428d19a71e3c6b33a0a9bc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.staging.hkl-dev.pandawork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
Cookie: csrf_token=MTYzNDI3OTYzMXxJa3d4TlV0TFIwOTViMmRtZHpkQ1UzSjVWekJvUkdacFRXRnVlVTl2T1d3eVYyRXZaRmd6Y3pkQmFsRTlJZ289fF_CjkKZZPZ80iSWduI_lDAoGGOeVBYkt99s48B47Mti; visitor_id=53fe65be-6a1a-41cf-89f4-2ad82d9007d2
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 06:33:52 GMT
Last-Modified: Fri, 15 Oct 2021 06:33:52 GMT
Etag: W/13565-3ff1c4f7ea2630ca9f961810a72b1713f208446c
Vary: Origin
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13565

GET
H/1.1 200
OK authgear.0e1675deb2b992c8766002b2636ec0ec.css
auth.staging.hkl-dev.pandawork.com/static/ 46 KB
46 KB 756ms
377ms Stylesheet
text/css 52.229.158.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.staging.hkl-dev.pandawork.com/static/authgear.0e1675deb2b992c8766002b2636ec0ec.css
Requested by: Host: auth.staging.hkl-dev.pandawork.com
URL: https://auth.staging.hkl-dev.pandawork.com/signup
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.229.158.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 11c620ae89a8bc77b788557c62d572a9eb35081a8e45e6f2db62495e50b6965c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.staging.hkl-dev.pandawork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
Cookie: csrf_token=MTYzNDI3OTYzMXxJa3d4TlV0TFIwOTViMmRtZHpkQ1UzSjVWekJvUkdacFRXRnVlVTl2T1d3eVYyRXZaRmd6Y3pkQmFsRTlJZ289fF_CjkKZZPZ80iSWduI_lDAoGGOeVBYkt99s48B47Mti; visitor_id=53fe65be-6a1a-41cf-89f4-2ad82d9007d2
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 06:33:52 GMT
Last-Modified: Fri, 15 Oct 2021 06:33:52 GMT
Etag: W/46798-41612b1b58246013a00fe446d466d9cbcd4e4973
Vary: Origin
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46798

GET
H/1.1 200
OK intlTelInput.min.9ef007b75b22888fc786cba416df87fd.js Show response
auth.staging.hkl-dev.pandawork.com/static/intl-tel-input/js/ 29 KB
29 KB 760ms
379ms Script
application/javascript 52.229.158.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.staging.hkl-dev.pandawork.com/static/intl-tel-input/js/intlTelInput.min.9ef007b75b22888fc786cba416df87fd.js
Requested by: Host: auth.staging.hkl-dev.pandawork.com
URL: https://auth.staging.hkl-dev.pandawork.com/signup
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.229.158.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4d0c2acd537c9e80090761553feb7a889f14d64493aae67e4ee4f964729ecd99

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.staging.hkl-dev.pandawork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
Cookie: csrf_token=MTYzNDI3OTYzMXxJa3d4TlV0TFIwOTViMmRtZHpkQ1UzSjVWekJvUkdacFRXRnVlVTl2T1d3eVYyRXZaRmd6Y3pkQmFsRTlJZ289fF_CjkKZZPZ80iSWduI_lDAoGGOeVBYkt99s48B47Mti; visitor_id=53fe65be-6a1a-41cf-89f4-2ad82d9007d2
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 06:33:52 GMT
Last-Modified: Fri, 15 Oct 2021 06:33:52 GMT
Etag: W/29538-1056eb622682933fd59a14f0156e134c99ee0c39
Vary: Origin
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29538

GET
H/1.1 200
OK utils.cf66f06499d26584dd4271c0446bbfdf.js Show response
auth.staging.hkl-dev.pandawork.com/static/intl-tel-input/js/ 244 KB
244 KB 776ms
392ms Script
application/javascript 52.229.158.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.staging.hkl-dev.pandawork.com/static/intl-tel-input/js/utils.cf66f06499d26584dd4271c0446bbfdf.js
Requested by: Host: auth.staging.hkl-dev.pandawork.com
URL: https://auth.staging.hkl-dev.pandawork.com/signup
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.229.158.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 211223aca96b4107721108c5672c6831f25bed1b0c9e9cc08b20ef7ab4036f47

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.staging.hkl-dev.pandawork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
Cookie: csrf_token=MTYzNDI3OTYzMXxJa3d4TlV0TFIwOTViMmRtZHpkQ1UzSjVWekJvUkdacFRXRnVlVTl2T1d3eVYyRXZaRmd6Y3pkQmFsRTlJZ289fF_CjkKZZPZ80iSWduI_lDAoGGOeVBYkt99s48B47Mti; visitor_id=53fe65be-6a1a-41cf-89f4-2ad82d9007d2
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 06:33:52 GMT
Last-Modified: Fri, 15 Oct 2021 06:33:52 GMT
Etag: W/249868-85f827059eccbb83daeb720177385ae49e5ff2e1
Vary: Origin
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 249868

GET
H/1.1 200
OK authgear.7fa8b574b7396c64db0d8ef389ac249c.js Show response
auth.staging.hkl-dev.pandawork.com/static/ 121 KB
121 KB 766ms
195ms Script
application/javascript 52.229.158.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.staging.hkl-dev.pandawork.com/static/authgear.7fa8b574b7396c64db0d8ef389ac249c.js
Requested by: Host: auth.staging.hkl-dev.pandawork.com
URL: https://auth.staging.hkl-dev.pandawork.com/signup
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.229.158.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7287468b86829adb91a72e1c23867d08eb109aacda0d3aa74771d258417af598

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.staging.hkl-dev.pandawork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
Cookie: csrf_token=MTYzNDI3OTYzMXxJa3d4TlV0TFIwOTViMmRtZHpkQ1UzSjVWekJvUkdacFRXRnVlVTl2T1d3eVYyRXZaRmd6Y3pkQmFsRTlJZ289fF_CjkKZZPZ80iSWduI_lDAoGGOeVBYkt99s48B47Mti; visitor_id=53fe65be-6a1a-41cf-89f4-2ad82d9007d2
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 06:33:52 GMT
Last-Modified: Fri, 15 Oct 2021 06:33:52 GMT
Etag: W/123624-2c1b0ab1e1f539ff11f7e0b061a9c37da81bcf97
Vary: Origin
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 123624

GET
H/1.1 200
OK password-policy.9ada813e22581a827404b575dee9c813.js Show response
auth.staging.hkl-dev.pandawork.com/static/ 801 KB
802 KB 216ms
216ms Script
application/javascript 52.229.158.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.staging.hkl-dev.pandawork.com/static/password-policy.9ada813e22581a827404b575dee9c813.js
Requested by: Host: auth.staging.hkl-dev.pandawork.com
URL: https://auth.staging.hkl-dev.pandawork.com/signup
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.229.158.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a807a9a7afdbf86e277f78a47beabeef1f2b4bd155d6f48952d686caeb76e0ff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.staging.hkl-dev.pandawork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
Cookie: csrf_token=MTYzNDI3OTYzMXxJa3d4TlV0TFIwOTViMmRtZHpkQ1UzSjVWekJvUkdacFRXRnVlVTl2T1d3eVYyRXZaRmd6Y3pkQmFsRTlJZ289fF_CjkKZZPZ80iSWduI_lDAoGGOeVBYkt99s48B47Mti; visitor_id=53fe65be-6a1a-41cf-89f4-2ad82d9007d2
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 06:33:52 GMT
Last-Modified: Fri, 15 Oct 2021 06:33:52 GMT
Etag: W/820435-08fc6e209339768f50565b254fdad7cb65088827
Vary: Origin
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 820435

GET
H/1.1 200
OK app_logo.3474f7697f5123b361dc4043bf737e00.png
auth.staging.hkl-dev.pandawork.com/static/en/ 63 KB
63 KB 201ms
201ms Image
image/png 52.229.158.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth.staging.hkl-dev.pandawork.com/static/en/app_logo.3474f7697f5123b361dc4043bf737e00.png
Requested by: Host: auth.staging.hkl-dev.pandawork.com
URL: https://auth.staging.hkl-dev.pandawork.com/signup
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.229.158.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0644fb6e5025e3b3e0165aae14429bcab4d5891e4430806fa6e5eddba5e4e136

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.staging.hkl-dev.pandawork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
Cookie: csrf_token=MTYzNDI3OTYzMXxJa3d4TlV0TFIwOTViMmRtZHpkQ1UzSjVWekJvUkdacFRXRnVlVTl2T1d3eVYyRXZaRmd6Y3pkQmFsRTlJZ289fF_CjkKZZPZ80iSWduI_lDAoGGOeVBYkt99s48B47Mti; visitor_id=53fe65be-6a1a-41cf-89f4-2ad82d9007d2
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.staging.hkl-dev.pandawork.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 06:33:53 GMT
Last-Modified: Fri, 15 Oct 2021 06:33:53 GMT
Etag: W/64689-3d3c43b9f7e0ed2693e04b28baffbca2199f8813
Vary: Origin
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64689

GET
DATA 200
OK truncated
/ 397 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc8cb3e20eda1da2e9fec469b3d87d717e0fe74610e9a727f3cecd5f422d4789

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5fe8519316ee358a4508392fa749900a5a968ddc840ee57d79e09de82cc6596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 35 KB
36 KB 81ms
19ms Font
application/font-woff2 104.111.225.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by: Host: auth.staging.hkl-dev.pandawork.com
URL: https://auth.staging.hkl-dev.pandawork.com/static/authgear.0e1675deb2b992c8766002b2636ec0ec.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.225.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-185.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer: https://auth.staging.hkl-dev.pandawork.com/
Origin: https://auth.staging.hkl-dev.pandawork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 15 Oct 2021 06:33:53 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: acf6ab5b-401e-0096-046c-528ffc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=19077516
x-ms-version: 2009-09-19
content-length: 36344

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.staging.hkl-dev.pandawork.com/	1970-01-19 21:58:42	Name: csrf_token Value: MTYzNDI3OTYzMXxJa3d4TlV0TFIwOTViMmRtZHpkQ1UzSjVWekJvUkdacFRXRnVlVTl2T1d3eVYyRXZaRmd6Y3pkQmFsRTlJZ289fF_CjkKZZPZ80iSWduI_lDAoGGOeVBYkt99s48B47Mti
			.staging.hkl-dev.pandawork.com/	1970-01-19 21:58:00	Name: visitor_id Value: 53fe65be-6a1a-41cf-89f4-2ad82d9007d2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; font-src 'self' cdnjs.cloudflare.com static2.sharepointonline.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com; img-src 'self' data:; object-src 'none'; base-uri 'none'; connect-src 'self' ws://auth.staging.hkl-dev.pandawork.com wss://auth.staging.hkl-dev.pandawork.com; block-all-mixed-content; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.staging.hkl-dev.pandawork.com
static2.sharepointonline.com
104.111.225.185
52.229.158.86
0644fb6e5025e3b3e0165aae14429bcab4d5891e4430806fa6e5eddba5e4e136
11c620ae89a8bc77b788557c62d572a9eb35081a8e45e6f2db62495e50b6965c
211223aca96b4107721108c5672c6831f25bed1b0c9e9cc08b20ef7ab4036f47
4d0c2acd537c9e80090761553feb7a889f14d64493aae67e4ee4f964729ecd99
5d553665e10d2d2fc648503ff4adf0afe98bacc8a3428d19a71e3c6b33a0a9bc
5df6923012e5a2448f426c4fe42d7fdd2c1e620d2f9e02e422ac229c9e346509
6f56fe56d961318229efeb3738c234651eeb0a08dd3f2e6be993704f29f9c218
7287468b86829adb91a72e1c23867d08eb109aacda0d3aa74771d258417af598
7e3a28c6419bace96e1b06a412909db3ef4d8a7b7d9473496e3d0350ab26e159
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
a807a9a7afdbf86e277f78a47beabeef1f2b4bd155d6f48952d686caeb76e0ff
b31f54311164de57c81dfe560ef65073b5bedd9cfac2dbb1bb63333251ee5381
b5fe8519316ee358a4508392fa749900a5a968ddc840ee57d79e09de82cc6596
cc8cb3e20eda1da2e9fec469b3d87d717e0fe74610e9a727f3cecd5f422d4789

auth.staging.hkl-dev.pandawork.com Open in urlscan Pro 52.229.158.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1436 kBTransfer

1444 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

auth.staging.hkl-dev.pandawork.com Open in urlscan Pro
52.229.158.86 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1436 kB
Transfer

1444 kB
Size

2
Cookies

12 HTTP transactions
2 data transactions