test.sso.protectgroup.com
Open in
urlscan Pro
51.104.28.68
Public Scan
Effective URL: https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%2...
Submission: On August 23 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Gandi RSA Domain Validation Secure Se... on February 15th 2024. Valid for: a year.
This is the only time test.sso.protectgroup.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 35.171.238.11 35.171.238.11 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 14 | 51.104.28.68 51.104.28.68 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
13 | 2 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-238-11.compute-1.amazonaws.com
test.refunds.protectgroup.co |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
test.refunds.protectgroup.com | |
test.sso.protectgroup.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
protectgroup.com
2 redirects
test.refunds.protectgroup.com test.sso.protectgroup.com |
4 MB |
1 |
protectgroup.co
1 redirects
test.refunds.protectgroup.co |
320 B |
0 |
cloudflare.com
Failed
cdnjs.cloudflare.com Failed |
|
13 | 3 |
Domain | Requested by | |
---|---|---|
13 | test.sso.protectgroup.com |
1 redirects
test.sso.protectgroup.com
|
1 | test.refunds.protectgroup.com | 1 redirects |
1 | test.refunds.protectgroup.co | 1 redirects |
0 | cdnjs.cloudflare.com Failed |
test.sso.protectgroup.com
|
13 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
test.sso.protectgroup.com Gandi RSA Domain Validation Secure Server CA 3 |
2024-02-15 - 2025-03-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0
Frame ID: 32A00F1EF23A0E103138CFB4F6779D3A
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Login - Protect GroupPage URL History Show full URLs
-
https://test.refunds.protectgroup.co/
HTTP 301
https://test.refunds.protectgroup.com/ HTTP 302
https://test.sso.protectgroup.com/connect/authorize?client_id=Evp.RefundPlatform.Web&redirect_uri=https%3A%2F%... HTTP 302
https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://test.refunds.protectgroup.co/
HTTP 301
https://test.refunds.protectgroup.com/ HTTP 302
https://test.sso.protectgroup.com/connect/authorize?client_id=Evp.RefundPlatform.Web&redirect_uri=https%3A%2F%2Ftest.refunds.protectgroup.com%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=dwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w&code_challenge_method=S256&response_mode=form_post&nonce=638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5&state=CfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.10.0.0 HTTP 302
https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Login
test.sso.protectgroup.com/Account/ Redirect Chain
|
5 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
test.sso.protectgroup.com/lib/bootstrap-5.0.0-beta2-dist/css/ |
199 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.css
test.sso.protectgroup.com/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome.css
test.sso.protectgroup.com/lib/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome.js
test.sso.protectgroup.com/lib/ |
1 MB 574 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
protectGroupLogo.svg
test.sso.protectgroup.com/img/ |
18 KB 18 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popper.js
test.sso.protectgroup.com/lib/ |
18 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
test.sso.protectgroup.com/lib/bootstrap-5.0.0-beta2-dist/js/ |
152 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Raleway-VariableFont_wght.ttf
test.sso.protectgroup.com/font/ |
302 KB 303 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bgVid.mp4
test.sso.protectgroup.com/img/ |
3 MB 3 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
test.sso.protectgroup.com/ |
25 KB 26 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
test.sso.protectgroup.com/ |
25 KB 0 |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdnjs.cloudflare.com
- URL
- https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| Popper number| uidEvent object| bootstrap7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
test.refunds.protectgroup.com/signin-oidc | Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8D0oNiHbxW1Gr-HQr_Ic2W9520i7KxDNKlIxtOpwx3mxaKp64Sb_P904NWNi4EKQae0y7SeBLBlYEdGKF1XW3dtlifLaZek0I_GlIgSmfKOnSUsf59OFfHHA-QJZD9-g4dk2RuogLE1g6EIS4sahOAEn3QxgOFRv-0854vn3GZfRwU-vV2_DLOmankY3d9wlNz_yMSv1qcK5W8DBSrOe0HDtF17GvIIEJoQTOUiE1322E7zGpxHxSQ6CCAgusb3Gv5xJICSripyXWErNQzDj3QY Value: N |
|
test.refunds.protectgroup.com/signin-oidc | Name: .AspNetCore.Correlation.RY3MMOLbErT8FjAGtKoadwtoDQIIL4wjNGyAF9lanKA Value: N |
|
.test.refunds.protectgroup.com/ | Name: ARRAffinity Value: 8deff527c0ababa089921a5affcc4f13bf273f884d161fe9945c0a609330b02e |
|
.test.refunds.protectgroup.com/ | Name: ARRAffinitySameSite Value: 8deff527c0ababa089921a5affcc4f13bf273f884d161fe9945c0a609330b02e |
|
.test.sso.protectgroup.com/ | Name: ARRAffinity Value: 1e09d237d3999964ca6819ef06a4e51aa4b33e834c790026650a41fa8d3b3617 |
|
.test.sso.protectgroup.com/ | Name: ARRAffinitySameSite Value: 1e09d237d3999964ca6819ef06a4e51aa4b33e834c790026650a41fa8d3b3617 |
|
test.sso.protectgroup.com/ | Name: .AspNetCore.Antiforgery.9fXoN5jHCXs Value: CfDJ8ITgvwsH1J1Mse0aymDvpftY2x7Z_p_BaElxQDYQq2phnF69Ii_Ag1OOmAfprKk4EU7d7VG9O8L1qQGKKED3I2XQ3D5KdC-tawG3ERyEgZKr_OD-wEsiaa8kQFwOLDFScvMIsHxXl--yyD4FwzeZq6k |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; |
X-Content-Security-Policy | default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
test.refunds.protectgroup.co
test.refunds.protectgroup.com
test.sso.protectgroup.com
cdnjs.cloudflare.com
35.171.238.11
51.104.28.68
00a29d8e4c79d7a0653ce4ac8dec654567b0f6954944370198b90d7873010823
117258be79bd130a6c51556017e4fbaac43a14109cbfbc51834ee90aaf1b0189
51675eaecb6b4bd50b393823480da9b6ead1c7baeccbe254e3950760570818da
56cbfba3d94ba88224d5b555c194465899b26ed9855302be6051213fe4a8caf2
6866fdc0e3780d81f8457bf6d142a8ee6ddfafc27baeeff8b822e85671dfc41d
9ae78243b0d05695689debbf3bbd479f96a014452a93a06abda1dcdb72e204f5
9ef22e4f9091c73ac72b68f00fe0345387819a426d2c85deecd3b0656bfb466e
ae8053f5ed049bcad7f9878c57b1b155f25c09bb99c070693863025a101d24b6
c7376304f77729d06eb5c53afde55f05458e02738289f7a7c668d52885d11488
d5de2a117907ec3e63576c88337b546dbb46aa9d2c17d3d20143086c2e676e63
eed5dc453dec5c3b4083279c4b0e3dd6f91dc5175f70c448491eab26dc58bb8c