test.sso.protectgroup.com Open in urlscan Pro
51.104.28.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://test.refunds.protectgroup.co/
Effective URL:
https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%2...
Submission: On August 23 via automatic, source certstream-suspicious (August 23rd 2024, 4:24:04 am UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 51.104.28.68, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is test.sso.protectgroup.com.
TLS certificate: Issued by Gandi RSA Domain Validation Secure Se... on February 15th 2024. Valid for: a year.

This is the only time test.sso.protectgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.171.238.11 35.171.238.11	14618 (AMAZON-AES) (AMAZON-AES)
2 14	51.104.28.68 51.104.28.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	2

1 35.171.238.11 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-238-11.compute-1.amazonaws.com

test.refunds.protectgroup.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 51.104.28.68 (London, United Kingdom) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

test.refunds.protectgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
test.sso.protectgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	protectgroup.com 2 redirects test.refunds.protectgroup.com test.sso.protectgroup.com	4 MB
1	protectgroup.co 1 redirects test.refunds.protectgroup.co	320 B
0	cloudflare.com Failed cdnjs.cloudflare.com Failed
13	3

	Domain	Requested by
13	test.sso.protectgroup.com	1 redirects test.sso.protectgroup.com
1	test.refunds.protectgroup.com	1 redirects
1	test.refunds.protectgroup.co	1 redirects
0	cdnjs.cloudflare.com Failed	test.sso.protectgroup.com
13	4

This site contains no links.

Subject Issuer	Validity	Valid
test.sso.protectgroup.com Gandi RSA Domain Validation Secure Server CA 3	`2024-02-15` - `2025-03-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0
Frame ID: 32A00F1EF23A0E103138CFB4F6779D3A
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Protect Group

Page URL History Show full URLs

https://test.refunds.protectgroup.co/ HTTP 301
https://test.refunds.protectgroup.com/ HTTP 302
https://test.sso.protectgroup.com/connect/authorize?client_id=Evp.RefundPlatform.Web&redirect_uri=https%3A%2F%... HTTP 302
https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

13
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

4076 kB
Transfer

4981 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://test.refunds.protectgroup.co/ HTTP 301
https://test.refunds.protectgroup.com/ HTTP 302
https://test.sso.protectgroup.com/connect/authorize?client_id=Evp.RefundPlatform.Web&redirect_uri=https%3A%2F%2Ftest.refunds.protectgroup.com%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=dwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w&code_challenge_method=S256&response_mode=form_post&nonce=638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5&state=CfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.10.0.0 HTTP 302
https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Login Show response
test.sso.protectgroup.com/Account/
Redirect Chain

https://test.refunds.protectgroup.co/
https://test.refunds.protectgroup.com/
https://test.sso.protectgroup.com/connect/authorize?client_id=Evp.RefundPlatform.Web&redirect_uri=https%3A%2F%2Ftest.refunds.protectgroup.com%2Fsignin-oidc&response_type=code&scope=openid%20profile...
https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%2...

5 KB
4 KB

82ms
81ms

Document
text/html

51.104.28.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.104.28.68 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

117258be79bd130a6c51556017e4fbaac43a14109cbfbc51834ee90aaf1b0189

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Security-Policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
Content-Type: text/html; charset=utf-8
Date: Fri, 23 Aug 2024 04:24:00 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Security-Policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

Redirect headers

Content-Length: 0
Date: Fri, 23 Aug 2024 04:24:00 GMT
Location: https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK bootstrap.css
test.sso.protectgroup.com/lib/bootstrap-5.0.0-beta2-dist/css/ 199 KB
39 KB 43ms
40ms Stylesheet
text/css 51.104.28.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://test.sso.protectgroup.com/lib/bootstrap-5.0.0-beta2-dist/css/bootstrap.css
Requested by: Host: test.sso.protectgroup.com
URL: https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.104.28.68 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6866fdc0e3780d81f8457bf6d142a8ee6ddfafc27baeeff8b822e85671dfc41d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 23 Aug 2024 04:24:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2024 12:01:34 GMT
Server: Microsoft-IIS/10.0
ETag: "1dac3d2c2d1fe03"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK site.css
test.sso.protectgroup.com/css/ 7 KB
2 KB 153ms
39ms Stylesheet
text/css 51.104.28.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://test.sso.protectgroup.com/css/site.css
Requested by: Host: test.sso.protectgroup.com
URL: https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.104.28.68 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d5de2a117907ec3e63576c88337b546dbb46aa9d2c17d3d20143086c2e676e63

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 23 Aug 2024 04:24:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2024 12:01:34 GMT
Server: Microsoft-IIS/10.0
ETag: "1dac3d2c2d2fff4"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK fontawesome.css
test.sso.protectgroup.com/lib/ 6 KB
2 KB 193ms
79ms Stylesheet
text/css 51.104.28.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://test.sso.protectgroup.com/lib/fontawesome.css
Requested by: Host: test.sso.protectgroup.com
URL: https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.104.28.68 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eed5dc453dec5c3b4083279c4b0e3dd6f91dc5175f70c448491eab26dc58bb8c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 23 Aug 2024 04:24:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2024 12:01:34 GMT
Server: Microsoft-IIS/10.0
ETag: "1dac3d2c2d2fbdb"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK fontawesome.js Show response
test.sso.protectgroup.com/lib/ 1 MB
574 KB 194ms
78ms Script
application/javascript 51.104.28.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://test.sso.protectgroup.com/lib/fontawesome.js
Requested by: Host: test.sso.protectgroup.com
URL: https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.104.28.68 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ae8053f5ed049bcad7f9878c57b1b155f25c09bb99c070693863025a101d24b6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 23 Aug 2024 04:24:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2024 12:01:34 GMT
Server: Microsoft-IIS/10.0
ETag: "1dac3d2c2c0da3f"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes

GET
H/1.1 200
OK protectGroupLogo.svg
test.sso.protectgroup.com/img/ 18 KB
18 KB 194ms
77ms Image
image/svg+xml 51.104.28.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test.sso.protectgroup.com/img/protectGroupLogo.svg
Requested by: Host: test.sso.protectgroup.com
URL: https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.104.28.68 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9ae78243b0d05695689debbf3bbd479f96a014452a93a06abda1dcdb72e204f5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 23 Aug 2024 04:24:00 GMT
Last-Modified: Fri, 21 Jun 2024 12:01:34 GMT
Server: Microsoft-IIS/10.0
ETag: "1dac3d2c2d2a537"
X-Powered-By: ASP.NET
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 17975

GET
H/1.1 200
OK popper.js Show response
test.sso.protectgroup.com/lib/ 18 KB
8 KB 195ms
73ms Script
application/javascript 51.104.28.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://test.sso.protectgroup.com/lib/popper.js
Requested by: Host: test.sso.protectgroup.com
URL: https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.104.28.68 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 56cbfba3d94ba88224d5b555c194465899b26ed9855302be6051213fe4a8caf2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 23 Aug 2024 04:24:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2024 12:01:34 GMT
Server: Microsoft-IIS/10.0
ETag: "1dac3d2c2d2ab4f"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes

GET
H/1.1 200
OK bootstrap.js Show response
test.sso.protectgroup.com/lib/bootstrap-5.0.0-beta2-dist/js/ 152 KB
44 KB 88ms
87ms Script
application/javascript 51.104.28.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://test.sso.protectgroup.com/lib/bootstrap-5.0.0-beta2-dist/js/bootstrap.js
Requested by: Host: test.sso.protectgroup.com
URL: https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.104.28.68 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9ef22e4f9091c73ac72b68f00fe0345387819a426d2c85deecd3b0656bfb466e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 23 Aug 2024 04:24:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2024 12:01:34 GMT
Server: Microsoft-IIS/10.0
ETag: "1dac3d2c2d082f6"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes

GET jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/ 0
0

GET
H/1.1 200
OK Raleway-VariableFont_wght.ttf
test.sso.protectgroup.com/font/ 302 KB
303 KB 68ms
68ms Font
application/x-font-ttf 51.104.28.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://test.sso.protectgroup.com/font/Raleway-VariableFont_wght.ttf
Requested by: Host: test.sso.protectgroup.com
URL: https://test.sso.protectgroup.com/css/site.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.104.28.68 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 51675eaecb6b4bd50b393823480da9b6ead1c7baeccbe254e3950760570818da

Request headers

Referer: https://test.sso.protectgroup.com/css/site.css
Origin: https://test.sso.protectgroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 23 Aug 2024 04:24:00 GMT
Last-Modified: Fri, 21 Jun 2024 12:01:34 GMT
Server: Microsoft-IIS/10.0
ETag: "1dac3d2c2d65ad8"
X-Powered-By: ASP.NET
Content-Type: application/x-font-ttf
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 309720

GET
H/1.1 206
Partial Content bgVid.mp4
test.sso.protectgroup.com/img/ 3 MB
3 MB 66ms
66ms Media
video/mp4 51.104.28.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://test.sso.protectgroup.com/img/bgVid.mp4
Requested by: Host: test.sso.protectgroup.com
URL: https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.104.28.68 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c7376304f77729d06eb5c53afde55f05458e02738289f7a7c668d52885d11488

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 23 Aug 2024 04:24:00 GMT
Last-Modified: Fri, 21 Jun 2024 12:01:34 GMT
Server: Microsoft-IIS/10.0
ETag: "1dac3d2c2fd231b"
X-Powered-By: ASP.NET
Content-Type: video/mp4
Content-Range: bytes 0-3129370/3129371
Accept-Ranges: bytes
Content-Length: 3129371

GET
H/1.1 200
OK favicon.ico
test.sso.protectgroup.com/ 25 KB
26 KB 39ms
39ms Other
image/x-icon 51.104.28.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://test.sso.protectgroup.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.104.28.68 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 00a29d8e4c79d7a0653ce4ac8dec654567b0f6954944370198b90d7873010823

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 23 Aug 2024 04:24:00 GMT
Last-Modified: Fri, 21 Jun 2024 12:01:34 GMT
Server: Microsoft-IIS/10.0
ETag: "1dac3d2c2d2866b"
X-Powered-By: ASP.NET
Content-Type: image/x-icon
Accept-Ranges: bytes
Content-Length: 25963

GET
H/1.1 200
OK favicon.ico
test.sso.protectgroup.com/ 25 KB
0 0ms
0ms Other
image/x-icon 51.104.28.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://test.sso.protectgroup.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.104.28.68 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 00a29d8e4c79d7a0653ce4ac8dec654567b0f6954944370198b90d7873010823

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 23 Aug 2024 04:24:00 GMT
Last-Modified: Fri, 21 Jun 2024 12:01:34 GMT
Server: Microsoft-IIS/10.0
ETag: "1dac3d2c2d2866b"
X-Powered-By: ASP.NET
Content-Type: image/x-icon
Accept-Ranges: bytes
Content-Length: 25963

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
test.refunds.protectgroup.com/signin-oidc	1970-01-20 22:59:47	Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8D0oNiHbxW1Gr-HQr_Ic2W9520i7KxDNKlIxtOpwx3mxaKp64Sb_P904NWNi4EKQae0y7SeBLBlYEdGKF1XW3dtlifLaZek0I_GlIgSmfKOnSUsf59OFfHHA-QJZD9-g4dk2RuogLE1g6EIS4sahOAEn3QxgOFRv-0854vn3GZfRwU-vV2_DLOmankY3d9wlNz_yMSv1qcK5W8DBSrOe0HDtF17GvIIEJoQTOUiE1322E7zGpxHxSQ6CCAgusb3Gv5xJICSripyXWErNQzDj3QY Value: N
test.refunds.protectgroup.com/signin-oidc	1970-01-20 22:59:47	Name: .AspNetCore.Correlation.RY3MMOLbErT8FjAGtKoadwtoDQIIL4wjNGyAF9lanKA Value: N
.test.refunds.protectgroup.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 8deff527c0ababa089921a5affcc4f13bf273f884d161fe9945c0a609330b02e
.test.refunds.protectgroup.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 8deff527c0ababa089921a5affcc4f13bf273f884d161fe9945c0a609330b02e
.test.sso.protectgroup.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 1e09d237d3999964ca6819ef06a4e51aa4b33e834c790026650a41fa8d3b3617
.test.sso.protectgroup.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 1e09d237d3999964ca6819ef06a4e51aa4b33e834c790026650a41fa8d3b3617
test.sso.protectgroup.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.9fXoN5jHCXs Value: CfDJ8ITgvwsH1J1Mse0aymDvpftY2x7Z_p_BaElxQDYQq2phnF69Ii_Ag1OOmAfprKk4EU7d7VG9O8L1qQGKKED3I2XQ3D5KdC-tawG3ERyEgZKr_OD-wEsiaa8kQFwOLDFScvMIsHxXl--yyD4FwzeZq6k

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://test.sso.protectgroup.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DEvp.RefundPlatform.Web%26redirect_uri%3Dhttps%253A%252F%252Ftest.refunds.protectgroup.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%26code_challenge%3DdwQ1rAA_Roy_nxj0A6NWSU56-Ca1bOfOG_F_JouAY6w%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638599838398262909.MDUyODM4MzAtZmQzNC00ZDkxLWFmMjEtY2RiZGM2ODE1YmE4ZTkwM2YxOTItNDQ0My00YzA5LWI4YjItMGRhZDhjZjBhNTc5%26state%3DCfDJ8D0oNiHbxW1Gr-HQr_Ic2W-Un8SBCLRYar2L3ukquGJqkKzN50Lf1BaFVh6HGahTEKf9AGBaF-qE558G-9mBiEagPisFK0jHuJmBohUnRUrMXO1bxwwEZrXqVu69vENZr6nZdFkK5ndYyWEwPoofNOH8URUPr4chcg2m8DlVFPsBbG8fbMGm8mpXwe2ntd46Cz92VngcOXF5zvaW-0T1zY1sWgH3C6XoxH6oZuyBIB4keBvgmN2D2DmhBk-orAeQ60g9KXq1lUtj5rQ1RWDMVmRje1vXrfJwwGKDOctaQ78vZZy2g5ekQWvcXdAMu8XKodz90O9am9nzAeluy4AsVzaS6rzHcZgWKd1Ru8a20EZukS2i66OVNmpfqh5_Cpba1NqSgClnvFIuUh5Ws0eESTU%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0 Message: Refused to load the script 'https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
test.refunds.protectgroup.co
test.refunds.protectgroup.com
test.sso.protectgroup.com
cdnjs.cloudflare.com
35.171.238.11
51.104.28.68
00a29d8e4c79d7a0653ce4ac8dec654567b0f6954944370198b90d7873010823
117258be79bd130a6c51556017e4fbaac43a14109cbfbc51834ee90aaf1b0189
51675eaecb6b4bd50b393823480da9b6ead1c7baeccbe254e3950760570818da
56cbfba3d94ba88224d5b555c194465899b26ed9855302be6051213fe4a8caf2
6866fdc0e3780d81f8457bf6d142a8ee6ddfafc27baeeff8b822e85671dfc41d
9ae78243b0d05695689debbf3bbd479f96a014452a93a06abda1dcdb72e204f5
9ef22e4f9091c73ac72b68f00fe0345387819a426d2c85deecd3b0656bfb466e
ae8053f5ed049bcad7f9878c57b1b155f25c09bb99c070693863025a101d24b6
c7376304f77729d06eb5c53afde55f05458e02738289f7a7c668d52885d11488
d5de2a117907ec3e63576c88337b546dbb46aa9d2c17d3d20143086c2e676e63
eed5dc453dec5c3b4083279c4b0e3dd6f91dc5175f70c448491eab26dc58bb8c

test.sso.protectgroup.com Open in urlscan Pro 51.104.28.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

2 IPs

2 Countries

4076 kBTransfer

4981 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

7 Cookies

2 Console Messages

Security Headers

Indicators

test.sso.protectgroup.com Open in urlscan Pro
51.104.28.68 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

4076 kB
Transfer

4981 kB
Size

7
Cookies

13 HTTP transactions
0 data transactions