staging-auth.safeguardglobal.com Open in urlscan Pro
2606:4700::6813:9913  Public Scan

Submitted URL: https://app.banking.ful-uat.safeguardglobal.com/
Effective URL: https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRP...
Submission: On December 28 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 2606:4700::6813:9913, located in United States and belongs to CLOUDFLARENET, US. The main domain is staging-auth.safeguardglobal.com.
TLS certificate: Issued by E1 on December 20th 2023. Valid for: 3 months.
This is the only time staging-auth.safeguardglobal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 18.239.69.36 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::649 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:214... 16509 (AMAZON-02)
16 8
Apex Domain
Subdomains
Transfer
8 safeguardglobal.com
app.banking.ful-uat.safeguardglobal.com
staging-auth.safeguardglobal.com
191 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
95 KB
2 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6793
262 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
49 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
44 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
24 KB
16 6
Domain Requested by
5 staging-auth.safeguardglobal.com 1 redirects app.banking.ful-uat.safeguardglobal.com
cdn.auth0.com
3 cdnjs.cloudflare.com app.banking.ful-uat.safeguardglobal.com
staging-auth.safeguardglobal.com
cdnjs.cloudflare.com
3 app.banking.ful-uat.safeguardglobal.com app.banking.ful-uat.safeguardglobal.com
2 cdn.auth0.com staging-auth.safeguardglobal.com
cdn.auth0.com
2 cdn.jsdelivr.net app.banking.ful-uat.safeguardglobal.com
1 www.googletagmanager.com staging-auth.safeguardglobal.com
1 code.jquery.com app.banking.ful-uat.safeguardglobal.com
16 7

This site contains links to these domains. Also see Links.

Domain
www.safeguardglobal.com
Subject Issuer Validity Valid
app.banking.ful-uat.safeguardglobal.com
Amazon RSA 2048 M02
2023-12-28 -
2025-01-26
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
staging-auth.safeguardglobal.com
E1
2023-12-20 -
2024-03-19
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.auth0.com
Amazon RSA 2048 M01
2023-02-24 -
2024-03-24
a year crt.sh

This page contains 1 frames:

Primary Page: https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRPWDcyR3Z4QnJIRzJva2o5LWdHS2qjY2lk2SA3TVpVTm90TUpER0EwQ2M3UXBBUUpTeGxMMzRid2c1eQ&client=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&protocol=oauth2&audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&redirect_uri=https%3A%2F%2Fapp.banking.ful-uat.safeguardglobal.com&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=VGFwZzVFWE1hTlltVDNZQm44NFlVZWFWbzB3Z3hyYmhNeVR4MzRfZlM2Mg%3D%3D&code_challenge=N4PemWMxZVLD6S-uV61wsGsSeeBllhB_jv04xv2AV4A&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Frame ID: A9D6715E9A5043A0B96616AC984AB35B
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Global Unity from Safeguard Global

Page URL History Show full URLs

  1. https://app.banking.ful-uat.safeguardglobal.com/ Page URL
  2. https://staging-auth.safeguardglobal.com/authorize?audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&client_... HTTP 302
    https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3Rp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /lock/([\d.]+)/lock(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

16
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

8
IPs

2
Countries

662 kB
Transfer

1943 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.banking.ful-uat.safeguardglobal.com/ Page URL
  2. https://staging-auth.safeguardglobal.com/authorize?audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&client_id=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&redirect_uri=https%3A%2F%2Fapp.banking.ful-uat.safeguardglobal.com&scope=openid%20profile%20email&response_type=code&response_mode=query&state=V3NiUDVZS0ZGR0VjWjUwdUxETk5DMFhuU0ZESmxPc0xQaHI0alhHcDEyMQ%3D%3D&nonce=VGFwZzVFWE1hTlltVDNZQm44NFlVZWFWbzB3Z3hyYmhNeVR4MzRfZlM2Mg%3D%3D&code_challenge=N4PemWMxZVLD6S-uV61wsGsSeeBllhB_jv04xv2AV4A&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D HTTP 302
    https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRPWDcyR3Z4QnJIRzJva2o5LWdHS2qjY2lk2SA3TVpVTm90TUpER0EwQ2M3UXBBUUpTeGxMMzRid2c1eQ&client=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&protocol=oauth2&audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&redirect_uri=https%3A%2F%2Fapp.banking.ful-uat.safeguardglobal.com&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=VGFwZzVFWE1hTlltVDNZQm44NFlVZWFWbzB3Z3hyYmhNeVR4MzRfZlM2Mg%3D%3D&code_challenge=N4PemWMxZVLD6S-uV61wsGsSeeBllhB_jv04xv2AV4A&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
app.banking.ful-uat.safeguardglobal.com/
1 KB
1 KB
Document
General
Full URL
https://app.banking.ful-uat.safeguardglobal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-36.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f7fa89c3062ce9fda42af7f648964a3753108c317c08f46509f916eb0ce6739

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84286
content-encoding
gzip
content-type
text/html
date
Thu, 28 Dec 2023 19:03:15 GMT
etag
W/"b88f18de6a4c29168756e5c962c56562"
last-modified
Tue, 14 Nov 2023 14:02:55 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 dd5c8f1bc8fe255b1a3166b5a036fe2c.cloudfront.net (CloudFront)
x-amz-cf-id
D0_TP0jVhG643dSAvC_Gkx6-n504DMtVOGxxqKrVLwk3UMUXDGatTw==
x-amz-cf-pop
AMS58-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/
160 KB
25 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: app.banking.ful-uat.safeguardglobal.com
URL: https://app.banking.ful-uat.safeguardglobal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.banking.ful-uat.safeguardglobal.com/
Origin
https://app.banking.ful-uat.safeguardglobal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 19:03:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2636256
x-jsd-version
5.1.3
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230118-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T561U2A%2BhyzuUR3GNHa5iuo9LYgmQli94KoeIIn%2FEwYu9UMAwmX5VyHFPPv1z9wwcZfSFHDKYJZ2GlWA8h%2FfTbBL33RIiBEAwKkbV8cRrptHGF9DJJhOsTb%2B3IaZTGNixM1h2qnXvIAijoopYtU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83cc0ff4690e5d88-FRA
main.e7ddf96f.js
app.banking.ful-uat.safeguardglobal.com/static/js/
386 KB
121 KB
Script
General
Full URL
https://app.banking.ful-uat.safeguardglobal.com/static/js/main.e7ddf96f.js
Requested by
Host: app.banking.ful-uat.safeguardglobal.com
URL: https://app.banking.ful-uat.safeguardglobal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-36.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9eaa7a686ed3e2fcaed4531eac22da750704ea6971e86dac9a0b74a1a88a33a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.banking.ful-uat.safeguardglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 19:03:16 GMT
content-encoding
gzip
via
1.1 dd5c8f1bc8fe255b1a3166b5a036fe2c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:02:57 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
x-amz-server-side-encryption
AES256
etag
W/"acf8947bbacfaeecc074308fb10ab84b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-cf-id
ayhi2Sb4VgdJbRaPbJXnpA8Vufbj_9wOsyEon_gIB1LKJzW2TCK_cQ==
main.eabe617a.css
app.banking.ful-uat.safeguardglobal.com/static/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://app.banking.ful-uat.safeguardglobal.com/static/css/main.eabe617a.css
Requested by
Host: app.banking.ful-uat.safeguardglobal.com
URL: https://app.banking.ful-uat.safeguardglobal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-36.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f4a080890717a7d6b2c86fc69c51032babb6f05c1660af473e370f1e1560ab2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.banking.ful-uat.safeguardglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 19:03:16 GMT
content-encoding
gzip
via
1.1 dd5c8f1bc8fe255b1a3166b5a036fe2c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:02:56 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
etag
W/"66ac68edb73116440b5ecc24f6ddf348"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
RMKx6winUXJy2McLm8r5RK-JM5KjTlbCzwfW8D0ND1UKsKDuWslbUQ==
jquery-3.3.1.slim.min.js
code.jquery.com/
68 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by
Host: app.banking.ful-uat.safeguardglobal.com
URL: https://app.banking.ful-uat.safeguardglobal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer
https://app.banking.ful-uat.safeguardglobal.com/
Origin
https://app.banking.ful-uat.safeguardglobal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 19:03:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
8989597
x-cache
HIT, HIT
content-length
24038
x-served-by
cache-lga21982-LGA, cache-sof1510025-SOF
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1703790196.956150,VS0,VE0
etag
W/"28feccc0-1111d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
118, 436912
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
Requested by
Host: app.banking.ful-uat.safeguardglobal.com
URL: https://app.banking.ful-uat.safeguardglobal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://app.banking.ful-uat.safeguardglobal.com/
Origin
https://app.banking.ful-uat.safeguardglobal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 19:03:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4378740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6458
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-500f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bo9DKouERm%2F%2BF6l1%2FHlbSAvLJLmoMRiaxrn1UcJiq%2FGj5ZZwOX1UWyucSOEYJ7hwYW%2BMWnzaIdSpcri9LTyNNLkrYNpFQUb7amGyZ085wh%2FtQpdSmRxSC%2B4AHZ41DIoYvQsD1xXuxKZQg8v3D12Nm2s"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83cc0ff45b4b65c7-FRA
expires
Tue, 17 Dec 2024 19:03:15 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/
76 KB
24 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: app.banking.ful-uat.safeguardglobal.com
URL: https://app.banking.ful-uat.safeguardglobal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.banking.ful-uat.safeguardglobal.com/
Origin
https://app.banking.ful-uat.safeguardglobal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 19:03:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2555558
x-jsd-version
5.1.3
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230130-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYWNLmd0KaHd5bk1XuiOER2hzUGCs%2BBfpU%2B9Mntg7SpylZ3Wup7QzX82OsHbmyYkC7NPAYs9jzwreigLkcZwR5%2FHoZhYAfoyjpHty2dQwjZSDi4p9%2BYrGn7zugy3Dw3pwLFCTXhX3%2F5d4zr1YvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83cc0ff469135d88-FRA
Primary Request login
staging-auth.safeguardglobal.com/
Redirect Chain
  • https://staging-auth.safeguardglobal.com/authorize?audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&client_id=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&redirect_uri=https%3A%2F%2Fapp.banking.ful-u...
  • https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRPWDcyR3Z4QnJIRzJva2o5LWdHS2qjY2lk2SA3TVpVTm90TUpER0EwQ2M3UXBB...
65 KB
65 KB
Document
General
Full URL
https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRPWDcyR3Z4QnJIRzJva2o5LWdHS2qjY2lk2SA3TVpVTm90TUpER0EwQ2M3UXBBUUpTeGxMMzRid2c1eQ&client=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&protocol=oauth2&audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&redirect_uri=https%3A%2F%2Fapp.banking.ful-uat.safeguardglobal.com&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=VGFwZzVFWE1hTlltVDNZQm44NFlVZWFWbzB3Z3hyYmhNeVR4MzRfZlM2Mg%3D%3D&code_challenge=N4PemWMxZVLD6S-uV61wsGsSeeBllhB_jv04xv2AV4A&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Requested by
Host: app.banking.ful-uat.safeguardglobal.com
URL: https://app.banking.ful-uat.safeguardglobal.com/static/js/main.e7ddf96f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bdadffbc1a4258f66c940fe87c8e5ae912d875f37113cb970c71ede83a7b570
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.banking.ful-uat.safeguardglobal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
83cc0ff84bb54dba-FRA
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Thu, 28 Dec 2023 19:03:16 GMT
etag
W/"10319-9J18bAsdIyhCHEWDFPDO9BkYDAo"
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-requestid
99a582772484e08fa310
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1703790197
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
83cc0ff698e34dba-FRA
content-length
1442
content-type
text/html; charset=utf-8
date
Thu, 28 Dec 2023 19:03:16 GMT
location
/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRPWDcyR3Z4QnJIRzJva2o5LWdHS2qjY2lk2SA3TVpVTm90TUpER0EwQ2M3UXBBUUpTeGxMMzRid2c1eQ&client=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&protocol=oauth2&audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&redirect_uri=https%3A%2F%2Fapp.banking.ful-uat.safeguardglobal.com&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=VGFwZzVFWE1hTlltVDNZQm44NFlVZWFWbzB3Z3hyYmhNeVR4MzRfZlM2Mg%3D%3D&code_challenge=N4PemWMxZVLD6S-uV61wsGsSeeBllhB_jv04xv2AV4A&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
ef43c25d19f3356e3d17
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1703790197
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Requested by
Host: staging-auth.safeguardglobal.com
URL: https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRPWDcyR3Z4QnJIRzJva2o5LWdHS2qjY2lk2SA3TVpVTm90TUpER0EwQ2M3UXBBUUpTeGxMMzRid2c1eQ&client=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&protocol=oauth2&audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&redirect_uri=https%3A%2F%2Fapp.banking.ful-uat.safeguardglobal.com&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=VGFwZzVFWE1hTlltVDNZQm44NFlVZWFWbzB3Z3hyYmhNeVR4MzRfZlM2Mg%3D%3D&code_challenge=N4PemWMxZVLD6S-uV61wsGsSeeBllhB_jv04xv2AV4A&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 19:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2548480
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10482
last-modified
Tue, 01 Aug 2023 16:35:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93458-28f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TWDHCKDnfS%2FazvOSSz0cVFl8UNxcPl1k0JOq13Wz6xPP5tcbaXWWyEmHzy9WmEg5FwLf1zrjxTeSVwHNinTpOINFKC7EFdDpYDskihsQxIwNrapVNejZzaYzNhcHTXWpUkuwabvwpHYtxNh8Y5ReXE9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83cc0ff9af454d5b-FRA
expires
Tue, 17 Dec 2024 19:03:16 GMT
js
www.googletagmanager.com/gtag/
112 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=None
Requested by
Host: staging-auth.safeguardglobal.com
URL: https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRPWDcyR3Z4QnJIRzJva2o5LWdHS2qjY2lk2SA3TVpVTm90TUpER0EwQ2M3UXBBUUpTeGxMMzRid2c1eQ&client=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&protocol=oauth2&audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&redirect_uri=https%3A%2F%2Fapp.banking.ful-uat.safeguardglobal.com&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=VGFwZzVFWE1hTlltVDNZQm44NFlVZWFWbzB3Z3hyYmhNeVR4MzRfZlM2Mg%3D%3D&code_challenge=N4PemWMxZVLD6S-uV61wsGsSeeBllhB_jv04xv2AV4A&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1826687383a01836cf9646389944eeda18895ade134aacd27a541e77a0616db2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 19:03:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44227
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 19:03:16 GMT
lock.min.js
cdn.auth0.com/js/lock/11.30/
904 KB
259 KB
Script
General
Full URL
https://cdn.auth0.com/js/lock/11.30/lock.min.js
Requested by
Host: staging-auth.safeguardglobal.com
URL: https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRPWDcyR3Z4QnJIRzJva2o5LWdHS2qjY2lk2SA3TVpVTm90TUpER0EwQ2M3UXBBUUpTeGxMMzRid2c1eQ&client=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&protocol=oauth2&audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&redirect_uri=https%3A%2F%2Fapp.banking.ful-uat.safeguardglobal.com&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=VGFwZzVFWE1hTlltVDNZQm44NFlVZWFWbzB3Z3hyYmhNeVR4MzRfZlM2Mg%3D%3D&code_challenge=N4PemWMxZVLD6S-uV61wsGsSeeBllhB_jv04xv2AV4A&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:d200:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ed213c86d64a6816e82baf344955bf8a2c20a0a38c6534e76fbb24b1a215ad1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
6P1E5uCKNVjzMyTTbhzKYWnnGy7bxte2
content-encoding
gzip
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
date
Thu, 28 Dec 2023 17:43:31 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA53-C1
age
4797
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 28 Sep 2021 10:01:22 GMT
server
AmazonS3
etag
W/"25e1ef64a0bfdfa9bddd36f808bc99b0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10800,public
x-robots-tag
noindex
x-amz-cf-id
ax_zDAGBTvecv4IkvJ-C3E6NMfjXOBlOBgOt3k_bPO7LAkyfWVZx1A==
truncated
/
8 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2db2b7fce3b48d520a4bb186e63e7612e73c6152eef7096f60961779f7a6ad70

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/
76 KB
77 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin
https://staging-auth.safeguardglobal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 19:03:17 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2549549
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78196
last-modified
Tue, 01 Aug 2023 16:35:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93458-13174"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYgfaiFI0RUCC6u1SQBrqXV7cmnmJhZJ6SSBCwWZPJjkGjQEnaSo71Lw8SKrHFU9dvvJ0yos%2FoiI20y9Ej94eXqysn8jW%2FWjONuOkEHEoQknmtGYCPHIGIBxHVcH2d7PYbDzU6SQW8bH49AmdVq7jbIN"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83cc0ffbcfb765c7-FRA
expires
Tue, 17 Dec 2024 19:03:17 GMT
en.js
cdn.auth0.com/js/lock/11.30.6/
6 KB
3 KB
Script
General
Full URL
https://cdn.auth0.com/js/lock/11.30.6/en.js
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.30/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:d200:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
274a08ddc700fc754cb977c38b9fa34cc0dac17b9d768da40c81b502b97862f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
xO3zdET_9TiK2fYvjUFfZsvZbLaH8EBg
content-encoding
gzip
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
date
Thu, 28 Dec 2023 01:56:38 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA53-C1
age
61605
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 28 Sep 2021 10:01:21 GMT
server
AmazonS3
etag
W/"752bd942891e49a1035e916dd81017a5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2628000,public
x-robots-tag
noindex
x-amz-cf-id
QD_FRuFMQkabgw7tONI2HUuOLqLlXUxsG_F3x72RPgLHssTTld2MDQ==
7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y.js
staging-auth.safeguardglobal.com/client/
462 B
631 B
Script
General
Full URL
https://staging-auth.safeguardglobal.com/client/7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y.js?t1703790197074
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.30/lock.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce532970042f67488a8ec53ce27d54ac163201cd32aa58409e99c854c56225f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRPWDcyR3Z4QnJIRzJva2o5LWdHS2qjY2lk2SA3TVpVTm90TUpER0EwQ2M3UXBBUUpTeGxMMzRid2c1eQ&client=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&protocol=oauth2&audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&redirect_uri=https%3A%2F%2Fapp.banking.ful-uat.safeguardglobal.com&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=VGFwZzVFWE1hTlltVDNZQm44NFlVZWFWbzB3Z3hyYmhNeVR4MzRfZlM2Mg%3D%3D&code_challenge=N4PemWMxZVLD6S-uV61wsGsSeeBllhB_jv04xv2AV4A&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 19:03:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-auth0-requestid
7f8e2e99e4574c63492b
server
cloudflare
etag
W/"1ce-AYxrvL1JCy5A431CLQuOsmCE6uI"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=60, stale-while-revalidate=60, stale-if-error=86400
cf-ray
83cc0ffbdeee03cd-FRA
alt-svc
h3=":443"; ma=86400
challenge
staging-auth.safeguardglobal.com/usernamepassword/
18 B
378 B
XHR
General
Full URL
https://staging-auth.safeguardglobal.com/usernamepassword/challenge
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.30/lock.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Auth0-Client
eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIiwiZW52Ijp7ImxvY2suanMtdWxwIjoiMTEuMzAuNiIsImF1dGgwLmpzLXVscCI6IjkuMTYuNCIsImF1dGgwLmpzIjoiOS4xNi40In19
Referer
https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRPWDcyR3Z4QnJIRzJva2o5LWdHS2qjY2lk2SA3TVpVTm90TUpER0EwQ2M3UXBBUUpTeGxMMzRid2c1eQ&client=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&protocol=oauth2&audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&redirect_uri=https%3A%2F%2Fapp.banking.ful-uat.safeguardglobal.com&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=VGFwZzVFWE1hTlltVDNZQm44NFlVZWFWbzB3Z3hyYmhNeVR4MzRfZlM2Mg%3D%3D&code_challenge=N4PemWMxZVLD6S-uV61wsGsSeeBllhB_jv04xv2AV4A&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 28 Dec 2023 19:03:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-auth0-requestid
d82ecad7e60b199b2bcc
alt-svc
h3=":443"; ma=86400
content-length
18
server
cloudflare
etag
W/"12-9fs4x/hyJ5DkqQF2LYZkOdHRWWM"
x-ratelimit-remaining
99
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
x-ratelimit-reset
1703790198
x-ratelimit-limit
100
cf-ray
83cc0ffbdef403cd-FRA
ssodata
staging-auth.safeguardglobal.com/user/
0
238 B
XHR
General
Full URL
https://staging-auth.safeguardglobal.com/user/ssodata
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.30/lock.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://staging-auth.safeguardglobal.com/login?state=hKFo2SBYREhJUjZYZS13MFZEbTR1UHVJekVGS3JpYUpueGtkeaFupWxvZ2luo3RpZNkgYm9oQmdRV0xoYlRPWDcyR3Z4QnJIRzJva2o5LWdHS2qjY2lk2SA3TVpVTm90TUpER0EwQ2M3UXBBUUpTeGxMMzRid2c1eQ&client=7MZUNotMJDGA0Cc7QpAQJSxlL34bwg5y&protocol=oauth2&audience=https%3A%2F%2Fapi.banking.ful.safeguardglobal.com&redirect_uri=https%3A%2F%2Fapp.banking.ful-uat.safeguardglobal.com&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=VGFwZzVFWE1hTlltVDNZQm44NFlVZWFWbzB3Z3hyYmhNeVR4MzRfZlM2Mg%3D%3D&code_challenge=N4PemWMxZVLD6S-uV61wsGsSeeBllhB_jv04xv2AV4A&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 19:03:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-auth0-requestid
a21438e4c1af9857fe4f
server
cloudflare
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
cf-ray
83cc0ffdc9db03cd-FRA
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| Auth0 function| Auth0Lock function| Auth0LockPasswordless object| config undefined| connection object| languageDictionary string| language undefined| loginHint object| colors function| getUrlParameter function| getLanguage function| createFooter function| insertParam function| createLanguageSwitch boolean| isSignup undefined| initialInterest undefined| initialInterestIsBeta object| lock string| css object| style

6 Cookies

Domain/Path Name / Value
staging-auth.safeguardglobal.com/usernamepassword/login Name: _csrf
Value: kDgOB-4aiTsV0V84vhQk4UeF
staging-auth.safeguardglobal.com/ Name: did
Value: s%3Av0%3Ac1c70a00-a5b3-11ee-aae9-13214b9f91bb.tB9bHtACfpjdImYP0OCjhCnXeNB%2BXYpJ6CilbtR3BEA
staging-auth.safeguardglobal.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQFNL9Vg6iXSiizF3ygQZUk3aQw3nuz8rGcfWTi5kv-toz7LuCVQXWnTrfCrPFPvu-pwhUE-JkuIevgv_UoLDCNGmY29va2llg6dleHBpcmVz1_9wiJgAZZG69K5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.3OTzSblab9zhtmSbImApTmmeu0J1A2w1tQ9WCcbiaMI
staging-auth.safeguardglobal.com/ Name: did_compat
Value: s%3Av0%3Ac1c70a00-a5b3-11ee-aae9-13214b9f91bb.tB9bHtACfpjdImYP0OCjhCnXeNB%2BXYpJ6CilbtR3BEA
staging-auth.safeguardglobal.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQFNL9Vg6iXSiizF3ygQZUk3aQw3nuz8rGcfWTi5kv-toz7LuCVQXWnTrfCrPFPvu-pwhUE-JkuIevgv_UoLDCNGmY29va2llg6dleHBpcmVz1_9wiJgAZZG69K5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.3OTzSblab9zhtmSbImApTmmeu0J1A2w1tQ9WCcbiaMI
.staging-auth.safeguardglobal.com/ Name: __cf_bm
Value: wBwfAMLuvzR2dw8LKtuD3zmu_QB4Y_dhz7ArNrKfcmQ-1703790196-1-Ac5K17uhGDEBll7olhW+4dD1cmjavndyc/k2FDZsPo+M5kJdYUqYmLgqCrjFO4E4jIiA1sDqNpVcoR26/adD0Mw=

1 Console Messages

Source Level URL
Text
network error URL: https://staging-auth.safeguardglobal.com/user/ssodata
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.banking.ful-uat.safeguardglobal.com
cdn.auth0.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
staging-auth.safeguardglobal.com
www.googletagmanager.com
18.239.69.36
2600:9000:214f:d200:10:474e:104a:2961
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6813:9913
2a00:1450:4001:830::2008
2a04:4e42::649
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
1826687383a01836cf9646389944eeda18895ade134aacd27a541e77a0616db2
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
274a08ddc700fc754cb977c38b9fa34cc0dac17b9d768da40c81b502b97862f6
2db2b7fce3b48d520a4bb186e63e7612e73c6152eef7096f60961779f7a6ad70
2f4a080890717a7d6b2c86fc69c51032babb6f05c1660af473e370f1e1560ab2
4bdadffbc1a4258f66c940fe87c8e5ae912d875f37113cb970c71ede83a7b570
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf
8f7fa89c3062ce9fda42af7f648964a3753108c317c08f46509f916eb0ce6739
9eaa7a686ed3e2fcaed4531eac22da750704ea6971e86dac9a0b74a1a88a33a7
9ed213c86d64a6816e82baf344955bf8a2c20a0a38c6534e76fbb24b1a215ad1
ce532970042f67488a8ec53ce27d54ac163201cd32aa58409e99c854c56225f9
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3