staging-auth.safeguardglobal.com
Open in
urlscan Pro
2606:4700::6813:9913
Public Scan
Effective URL: https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRP...
Submission: On December 28 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by E1 on December 20th 2023. Valid for: 3 months.
This is the only time staging-auth.safeguardglobal.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 18.239.69.36 18.239.69.36 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2606:4700::68... 2606:4700::6810:5514 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42::649 2a04:4e42::649 | 54113 (FASTLY) (FASTLY) | |
3 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 5 | 2606:4700::68... 2606:4700::6813:9913 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2600:9000:214... 2600:9000:214f:d200:10:474e:104a:2961 | 16509 (AMAZON-02) (AMAZON-02) | |
16 | 8 |
ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-36.ams58.r.cloudfront.net
app.banking.ful-uat.safeguardglobal.com |
ASN13335 (CLOUDFLARENET, US)
staging-auth.safeguardglobal.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
safeguardglobal.com
1 redirects
app.banking.ful-uat.safeguardglobal.com staging-auth.safeguardglobal.com |
191 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204 |
95 KB |
2 |
auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6793 |
262 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313 |
49 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36 |
44 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 735 |
24 KB |
16 | 6 |
Domain | Requested by | |
---|---|---|
5 | staging-auth.safeguardglobal.com |
1 redirects
app.banking.ful-uat.safeguardglobal.com
cdn.auth0.com |
3 | cdnjs.cloudflare.com |
app.banking.ful-uat.safeguardglobal.com
staging-auth.safeguardglobal.com cdnjs.cloudflare.com |
3 | app.banking.ful-uat.safeguardglobal.com |
app.banking.ful-uat.safeguardglobal.com
|
2 | cdn.auth0.com |
staging-auth.safeguardglobal.com
cdn.auth0.com |
2 | cdn.jsdelivr.net |
app.banking.ful-uat.safeguardglobal.com
|
1 | www.googletagmanager.com |
staging-auth.safeguardglobal.com
|
1 | code.jquery.com |
app.banking.ful-uat.safeguardglobal.com
|
16 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.safeguardglobal.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
app.banking.ful-uat.safeguardglobal.com Amazon RSA 2048 M02 |
2023-12-28 - 2025-01-26 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
staging-auth.safeguardglobal.com E1 |
2023-12-20 - 2024-03-19 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.auth0.com Amazon RSA 2048 M01 |
2023-02-24 - 2024-03-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRPWDcyR3Z4QnJIRzJva2o5LWdHS2qjY2lk2SA3TVpVTm90TUpER0EwQ2M3UXBBUUpTeGxMMzRid2c1eQ&client=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&protocol=oauth2&audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&redirect_uri=https%3A%2F%2Fapp.banking.ful-uat.safeguardglobal.com&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=VGFwZzVFWE1hTlltVDNZQm44NFlVZWFWbzB3Z3hyYmhNeVR4MzRfZlM2Mg%3D%3D&code_challenge=N4PemWMxZVLD6S-uV61wsGsSeeBllhB_jv04xv2AV4A&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Frame ID: A9D6715E9A5043A0B96616AC984AB35B
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Global Unity from Safeguard GlobalPage URL History Show full URLs
- https://app.banking.ful-uat.safeguardglobal.com/ Page URL
-
https://staging-auth.safeguardglobal.com/authorize?audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&client_...
HTTP 302
https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3Rp... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Auth0 Lock (Miscellaneous) Expand
Detected patterns
- /lock/([\d.]+)/lock(?:.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Popper (Miscellaneous) Expand
Detected patterns
- /popper\.js/([0-9.]+)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Notice
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Copyright
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://app.banking.ful-uat.safeguardglobal.com/ Page URL
-
https://staging-auth.safeguardglobal.com/authorize?audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&client_id=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&redirect_uri=https%3A%2F%2Fapp.banking.ful-uat.safeguardglobal.com&scope=openid%20profile%20email&response_type=code&response_mode=query&state=V3NiUDVZS0ZGR0VjWjUwdUxETk5DMFhuU0ZESmxPc0xQaHI0alhHcDEyMQ%3D%3D&nonce=VGFwZzVFWE1hTlltVDNZQm44NFlVZWFWbzB3Z3hyYmhNeVR4MzRfZlM2Mg%3D%3D&code_challenge=N4PemWMxZVLD6S-uV61wsGsSeeBllhB_jv04xv2AV4A&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
HTTP 302
https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRPWDcyR3Z4QnJIRzJva2o5LWdHS2qjY2lk2SA3TVpVTm90TUpER0EwQ2M3UXBBUUpTeGxMMzRid2c1eQ&client=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&protocol=oauth2&audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&redirect_uri=https%3A%2F%2Fapp.banking.ful-uat.safeguardglobal.com&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=VGFwZzVFWE1hTlltVDNZQm44NFlVZWFWbzB3Z3hyYmhNeVR4MzRfZlM2Mg%3D%3D&code_challenge=N4PemWMxZVLD6S-uV61wsGsSeeBllhB_jv04xv2AV4A&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
app.banking.ful-uat.safeguardglobal.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ |
160 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.e7ddf96f.js
app.banking.ful-uat.safeguardglobal.com/static/js/ |
386 KB 121 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.eabe617a.css
app.banking.ful-uat.safeguardglobal.com/static/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ |
76 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login
staging-auth.safeguardglobal.com/ Redirect Chain
|
65 KB 65 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
112 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock.min.js
cdn.auth0.com/js/lock/11.30/ |
904 KB 259 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ |
76 KB 77 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.js
cdn.auth0.com/js/lock/11.30.6/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y.js
staging-auth.safeguardglobal.com/client/ |
462 B 631 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
challenge
staging-auth.safeguardglobal.com/usernamepassword/ |
18 B 378 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ssodata
staging-auth.safeguardglobal.com/user/ |
0 238 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| Auth0 function| Auth0Lock function| Auth0LockPasswordless object| config undefined| connection object| languageDictionary string| language undefined| loginHint object| colors function| getUrlParameter function| getLanguage function| createFooter function| insertParam function| createLanguageSwitch boolean| isSignup undefined| initialInterest undefined| initialInterestIsBeta object| lock string| css object| style6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
staging-auth.safeguardglobal.com/usernamepassword/login | Name: _csrf Value: kDgOB-4aiTsV0V84vhQk4UeF |
|
staging-auth.safeguardglobal.com/ | Name: did Value: s%3Av0%3Ac1c70a00-a5b3-11ee-aae9-13214b9f91bb.tB9bHtACfpjdImYP0OCjhCnXeNB%2BXYpJ6CilbtR3BEA |
|
staging-auth.safeguardglobal.com/ | Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQFNL9Vg6iXSiizF3ygQZUk3aQw3nuz8rGcfWTi5kv-toz7LuCVQXWnTrfCrPFPvu-pwhUE-JkuIevgv_UoLDCNGmY29va2llg6dleHBpcmVz1_9wiJgAZZG69K5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.3OTzSblab9zhtmSbImApTmmeu0J1A2w1tQ9WCcbiaMI |
|
staging-auth.safeguardglobal.com/ | Name: did_compat Value: s%3Av0%3Ac1c70a00-a5b3-11ee-aae9-13214b9f91bb.tB9bHtACfpjdImYP0OCjhCnXeNB%2BXYpJ6CilbtR3BEA |
|
staging-auth.safeguardglobal.com/ | Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQFNL9Vg6iXSiizF3ygQZUk3aQw3nuz8rGcfWTi5kv-toz7LuCVQXWnTrfCrPFPvu-pwhUE-JkuIevgv_UoLDCNGmY29va2llg6dleHBpcmVz1_9wiJgAZZG69K5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.3OTzSblab9zhtmSbImApTmmeu0J1A2w1tQ9WCcbiaMI |
|
.staging-auth.safeguardglobal.com/ | Name: __cf_bm Value: wBwfAMLuvzR2dw8LKtuD3zmu_QB4Y_dhz7ArNrKfcmQ-1703790196-1-Ac5K17uhGDEBll7olhW+4dD1cmjavndyc/k2FDZsPo+M5kJdYUqYmLgqCrjFO4E4jIiA1sDqNpVcoR26/adD0Mw= |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.banking.ful-uat.safeguardglobal.com
cdn.auth0.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
staging-auth.safeguardglobal.com
www.googletagmanager.com
18.239.69.36
2600:9000:214f:d200:10:474e:104a:2961
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6813:9913
2a00:1450:4001:830::2008
2a04:4e42::649
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
1826687383a01836cf9646389944eeda18895ade134aacd27a541e77a0616db2
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
274a08ddc700fc754cb977c38b9fa34cc0dac17b9d768da40c81b502b97862f6
2db2b7fce3b48d520a4bb186e63e7612e73c6152eef7096f60961779f7a6ad70
2f4a080890717a7d6b2c86fc69c51032babb6f05c1660af473e370f1e1560ab2
4bdadffbc1a4258f66c940fe87c8e5ae912d875f37113cb970c71ede83a7b570
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf
8f7fa89c3062ce9fda42af7f648964a3753108c317c08f46509f916eb0ce6739
9eaa7a686ed3e2fcaed4531eac22da750704ea6971e86dac9a0b74a1a88a33a7
9ed213c86d64a6816e82baf344955bf8a2c20a0a38c6534e76fbb24b1a215ad1
ce532970042f67488a8ec53ce27d54ac163201cd32aa58409e99c854c56225f9
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3