stage.fi.auth.synlabaccess.health Open in urlscan Pro
51.116.99.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://stage.fi.auth.synlabaccess.health/
Effective URL:
https://stage.fi.auth.synlabaccess.health/Account/Login
Submission: On December 14 via automatic, source certstream-suspicious (December 14th 2023, 10:57:45 am UTC) — Scanned from FI

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 51.116.99.178, located in Frankfurt am Main, Germany and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is stage.fi.auth.synlabaccess.health.
TLS certificate: Issued by Kubernetes Ingress Controller Fake Ce... on December 7th 2023. Valid for: a year.

This is the only time stage.fi.auth.synlabaccess.health was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 15	51.116.99.178 51.116.99.178		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14	1

15 51.116.99.178 (Frankfurt am Main, Germany) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

stage.fi.auth.synlabaccess.health	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	synlabaccess.health 1 redirects stage.fi.auth.synlabaccess.health	684 KB
14	1

	Domain	Requested by
15	stage.fi.auth.synlabaccess.health	1 redirects stage.fi.auth.synlabaccess.health
14	1

This site contains no links.

Subject Issuer	Validity	Valid
Kubernetes Ingress Controller Fake Certificate Kubernetes Ingress Controller Fake Certificate	`2023-12-07` - `2024-12-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://stage.fi.auth.synlabaccess.health/Account/Login
Frame ID: 10F1198EEEC2979C9569E38E776AC026
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SYNLAB Access

Page URL History Show full URLs

https://stage.fi.auth.synlabaccess.health/ HTTP 302
https://stage.fi.auth.synlabaccess.health/Account/Login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Glyphicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:<link[^>]* href=[^>]+glyphicons(?:\.min)?\.css|<img[^>]* src=[^>]+glyphicons)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

682 kB
Transfer

677 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://stage.fi.auth.synlabaccess.health/ HTTP 302
https://stage.fi.auth.synlabaccess.health/Account/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Login Show response
stage.fi.auth.synlabaccess.health/Account/
Redirect Chain

https://stage.fi.auth.synlabaccess.health/
https://stage.fi.auth.synlabaccess.health/Account/Login

4 KB
5 KB

79ms
78ms

Document
text/html

51.116.99.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.fi.auth.synlabaccess.health/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.116.99.178 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a66e8468aaf1d465ed09af12b3c94eeb396dada8a627f93325e2616c7338c8db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; object-src 'none'; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self' https://.synlab.com https://.synlab.ee https://.covidresults.dk https://.synlab.hu https://.googletagmanager.com; script-src 'self' 'unsafe-inline' https://consent.cookiebot.com https://consentcdn.cookiebot.com https://.googletagmanager.com; frame-src 'self' https://consentcdn.cookiebot.com; style-src 'self' 'unsafe-inline' https://.googleapis.com; connect-src 'self' https://consentcdn.cookiebot.com https://.google-analytics.com; font-src 'self' https://fonts.gstatic.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Security-Policy	default-src 'self' data:; object-src 'none'; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self' https://.synlab.com https://.synlab.ee https://.covidresults.dk https://.synlab.hu https://.googletagmanager.com; script-src 'self' 'unsafe-inline' https://consent.cookiebot.com https://consentcdn.cookiebot.com https://.googletagmanager.com; frame-src 'self' https://consentcdn.cookiebot.com; style-src 'self' 'unsafe-inline' https://.googleapis.com; connect-src 'self' https://consentcdn.cookiebot.com https://.google-analytics.com; font-src 'self' https://fonts.gstatic.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: default-src 'self' data:; object-src 'none'; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self' https://*.synlab.com https://*.synlab.ee https://*.covidresults.dk https://*.synlab.hu https://*.googletagmanager.com; script-src 'self' 'unsafe-inline' https://consent.cookiebot.com https://consentcdn.cookiebot.com https://*.googletagmanager.com; frame-src 'self' https://consentcdn.cookiebot.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com; connect-src 'self' https://consentcdn.cookiebot.com https://*.google-analytics.com; font-src 'self' https://fonts.gstatic.com;
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 10:57:41 GMT
pragma: no-cache
referrer-policy: no-referrer
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02
strict-transport-security: max-age=15724800; includeSubDomains
x-content-security-policy: default-src 'self' data:; object-src 'none'; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self' https://*.synlab.com https://*.synlab.ee https://*.covidresults.dk https://*.synlab.hu https://*.googletagmanager.com; script-src 'self' 'unsafe-inline' https://consent.cookiebot.com https://consentcdn.cookiebot.com https://*.googletagmanager.com; frame-src 'self' https://consentcdn.cookiebot.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com; connect-src 'self' https://consentcdn.cookiebot.com https://*.google-analytics.com; font-src 'self' https://fonts.gstatic.com;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-security-policy: default-src 'self' data:; object-src 'none'; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self' https://*.synlab.com https://*.synlab.ee https://*.covidresults.dk https://*.synlab.hu https://*.googletagmanager.com; script-src 'self' 'unsafe-inline' https://consent.cookiebot.com https://consentcdn.cookiebot.com https://*.googletagmanager.com; frame-src 'self' https://consentcdn.cookiebot.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com; connect-src 'self' https://consentcdn.cookiebot.com https://*.google-analytics.com; font-src 'self' https://fonts.gstatic.com;
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 10:57:41 GMT
location: /Account/Login
referrer-policy: no-referrer
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02
strict-transport-security: max-age=15724800; includeSubDomains
x-content-security-policy: default-src 'self' data:; object-src 'none'; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self' https://*.synlab.com https://*.synlab.ee https://*.covidresults.dk https://*.synlab.hu https://*.googletagmanager.com; script-src 'self' 'unsafe-inline' https://consent.cookiebot.com https://consentcdn.cookiebot.com https://*.googletagmanager.com; frame-src 'self' https://consentcdn.cookiebot.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com; connect-src 'self' https://consentcdn.cookiebot.com https://*.google-analytics.com; font-src 'self' https://fonts.gstatic.com;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap-glyphicons.css
stage.fi.auth.synlabaccess.health/lib/bootstrap/css/ 13 KB
13 KB 113ms
112ms Stylesheet
text/css 51.116.99.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.fi.auth.synlabaccess.health/lib/bootstrap/css/bootstrap-glyphicons.css

Requested by

Host: stage.fi.auth.synlabaccess.health
URL: https://stage.fi.auth.synlabaccess.health/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.116.99.178 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

02f00e88aaa9a16ed6bf13a3daf476998490a2a56648134155e31237f1bfa12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:57:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 04:14:49 GMT
etag: "1da1dc39961f059"
content-type: text/css
accept-ranges: bytes
content-length: 13017
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02

GET
H2 200 bootstrap.min.css
stage.fi.auth.synlabaccess.health/lib/bootstrap/css/ 152 KB
153 KB 115ms
114ms Stylesheet
text/css 51.116.99.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.fi.auth.synlabaccess.health/lib/bootstrap/css/bootstrap.min.css

Requested by

Host: stage.fi.auth.synlabaccess.health
URL: https://stage.fi.auth.synlabaccess.health/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.116.99.178 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5d6ec87b3854968bf81073e32a2831cd78c72141dd34688970f94477281522ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:57:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 04:14:49 GMT
etag: "1da1dc39963a2f9"
content-type: text/css
accept-ranges: bytes
content-length: 155769
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02

GET
H2 200 site.css
stage.fi.auth.synlabaccess.health/css/ 18 KB
18 KB 176ms
176ms Stylesheet
text/css 51.116.99.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.fi.auth.synlabaccess.health/css/site.css

Requested by

Host: stage.fi.auth.synlabaccess.health
URL: https://stage.fi.auth.synlabaccess.health/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.116.99.178 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

acbfa72d4e4f0587e8d6bb075324966947b49051647dccd0c8a26cebaccee68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:57:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 04:14:49 GMT
etag: "1da1dc3996184a9"
content-type: text/css
accept-ranges: bytes
content-length: 17961
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02

GET
H2 200 styles.css
stage.fi.auth.synlabaccess.health/css/ 9 KB
9 KB 174ms
174ms Stylesheet
text/css 51.116.99.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.fi.auth.synlabaccess.health/css/styles.css

Requested by

Host: stage.fi.auth.synlabaccess.health
URL: https://stage.fi.auth.synlabaccess.health/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.116.99.178 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

17e3a354be56f0e6a49d3f12dcf946e51d6a2b392b6c5e2bc01d759ad6bdba49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:57:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 04:14:49 GMT
etag: "1da1dc39961e6eb"
content-type: text/css
accept-ranges: bytes
content-length: 9323
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02

GET
H2 200 media.css
stage.fi.auth.synlabaccess.health/css/ 2 KB
2 KB 176ms
175ms Stylesheet
text/css 51.116.99.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.fi.auth.synlabaccess.health/css/media.css

Requested by

Host: stage.fi.auth.synlabaccess.health
URL: https://stage.fi.auth.synlabaccess.health/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.116.99.178 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

659dc3d6176ee236c0e6e51f8f74248875c4229215176de37eb60a6d5633a08e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:57:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 04:14:49 GMT
etag: "1da1dc39961c4e4"
content-type: text/css
accept-ranges: bytes
content-length: 1636
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02

GET
H2 200 signin-redirect.js Show response
stage.fi.auth.synlabaccess.health/js/ 228 B
509 B 175ms
174ms Script
application/javascript 51.116.99.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.fi.auth.synlabaccess.health/js/signin-redirect.js

Requested by

Host: stage.fi.auth.synlabaccess.health
URL: https://stage.fi.auth.synlabaccess.health/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.116.99.178 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

28621673b3f1b49dd7ecb9246419f044977a1335f35b6f2a3bbf368ed6ee2d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:57:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 04:14:49 GMT
etag: "1da1dc39961c264"
content-type: application/javascript
accept-ranges: bytes
content-length: 228
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02

GET
H2 200 logo.png
stage.fi.auth.synlabaccess.health/images/ 55 KB
55 KB 176ms
175ms Image
image/png 51.116.99.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stage.fi.auth.synlabaccess.health/images/logo.png

Requested by

Host: stage.fi.auth.synlabaccess.health
URL: https://stage.fi.auth.synlabaccess.health/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.116.99.178 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30d9dd307f7e0707a54a418fe1578278c4f11ef0bf8ccfebee045eac5a0a75f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:57:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 04:14:49 GMT
etag: "1da1dc399611eef"
content-type: image/png
accept-ranges: bytes
content-length: 56431
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02

GET
H2 200 jquery.js Show response
stage.fi.auth.synlabaccess.health/lib/jquery/ 281 KB
281 KB 175ms
175ms Script
application/javascript 51.116.99.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.fi.auth.synlabaccess.health/lib/jquery/jquery.js

Requested by

Host: stage.fi.auth.synlabaccess.health
URL: https://stage.fi.auth.synlabaccess.health/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.116.99.178 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:57:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 04:14:49 GMT
etag: "1da1dc39965a10e"
content-type: application/javascript
accept-ranges: bytes
content-length: 287630
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02

GET
H2 200 bootstrap.js Show response
stage.fi.auth.synlabaccess.health/lib/bootstrap/js/ 129 KB
129 KB 175ms
175ms Script
application/javascript 51.116.99.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.fi.auth.synlabaccess.health/lib/bootstrap/js/bootstrap.js

Requested by

Host: stage.fi.auth.synlabaccess.health
URL: https://stage.fi.auth.synlabaccess.health/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.116.99.178 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a65d5b4abb65aad37f302c96f1751362e2422a8869f7f889112556d77e384813

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:57:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 04:14:49 GMT
etag: "1da1dc39963c0b5"
content-type: application/javascript
accept-ranges: bytes
content-length: 131637
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02

GET
H2 200 jquery.autotab.min.js Show response
stage.fi.auth.synlabaccess.health/js/ 9 KB
9 KB 174ms
174ms Script
application/javascript 51.116.99.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.fi.auth.synlabaccess.health/js/jquery.autotab.min.js

Requested by

Host: stage.fi.auth.synlabaccess.health
URL: https://stage.fi.auth.synlabaccess.health/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.116.99.178 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f944fa22654834f63b214fba17f0446c8d60ccd2602b805550c91e1db9a73239

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:57:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 04:14:49 GMT
etag: "1da1dc39961e6fb"
content-type: application/javascript
accept-ranges: bytes
content-length: 9339
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02

GET
H2 200 default-button.js Show response
stage.fi.auth.synlabaccess.health/js/ 946 B
1 KB 173ms
173ms Script
application/javascript 51.116.99.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.fi.auth.synlabaccess.health/js/default-button.js

Requested by

Host: stage.fi.auth.synlabaccess.health
URL: https://stage.fi.auth.synlabaccess.health/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.116.99.178 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ada0a784bd2201e493082a3a36127be6eb0d324d130e63e1f73f05e642ae4b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:57:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 04:14:49 GMT
etag: "1da1dc39961c132"
content-type: application/javascript
accept-ranges: bytes
content-length: 946
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02

GET
H2 200 script.js Show response
stage.fi.auth.synlabaccess.health/js/ 3 KB
4 KB 174ms
173ms Script
application/javascript 51.116.99.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.fi.auth.synlabaccess.health/js/script.js

Requested by

Host: stage.fi.auth.synlabaccess.health
URL: https://stage.fi.auth.synlabaccess.health/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.116.99.178 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0568970fbc75c9cfa06913045793fd4667722a4535653b93c9b3cc9005ecf830

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:57:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 04:14:49 GMT
etag: "1da1dc39961cf4b"
content-type: application/javascript
accept-ranges: bytes
content-length: 3531
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02

GET
H2 200 enter-button.js Show response
stage.fi.auth.synlabaccess.health/js/ 1 KB
2 KB 175ms
175ms Script
application/javascript 51.116.99.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.fi.auth.synlabaccess.health/js/enter-button.js

Requested by

Host: stage.fi.auth.synlabaccess.health
URL: https://stage.fi.auth.synlabaccess.health/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.116.99.178 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

831a38057e444b253c4950e4d3268f479902ae60476346173ddd801885bdd143

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:57:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 04:14:49 GMT
etag: "1da1dc39961c7a3"
content-type: application/javascript
accept-ranges: bytes
content-length: 1315
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6533fc25-aaab-4652-83f5-fb89f05c1d02

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			stage.fi.auth.synlabaccess.health/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.YoCp5-vith8 Value: CfDJ8HBfDUVCUEVHlwmqVQPiY1C4I6BDX0cg-Z5TguuBcBmPKEH6Vfz5w3MtRJbFD6Iu_ClD7HL6DEqnvTIvl7sFxfGri57gh7CHNNVG-Q8U2oiE4B5PGvYe70DMGp9TTcrU3cATpUqYyFAD5CH_xgs8JW0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://stage.fi.auth.synlabaccess.health/Account/Login Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data:; object-src 'none'; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self' https://.synlab.com https://.synlab.ee https://.covidresults.dk https://.synlab.hu https://.googletagmanager.com; script-src 'self' 'unsafe-inline' https://consent.cookiebot.com https://consentcdn.cookiebot.com https://.googletagmanager.com; frame-src 'self' https://consentcdn.cookiebot.com; style-src 'self' 'unsafe-inline' https://.googleapis.com; connect-src 'self' https://consentcdn.cookiebot.com https://.google-analytics.com; font-src 'self' https://fonts.gstatic.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Security-Policy	default-src 'self' data:; object-src 'none'; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self' https://.synlab.com https://.synlab.ee https://.covidresults.dk https://.synlab.hu https://.googletagmanager.com; script-src 'self' 'unsafe-inline' https://consent.cookiebot.com https://consentcdn.cookiebot.com https://.googletagmanager.com; frame-src 'self' https://consentcdn.cookiebot.com; style-src 'self' 'unsafe-inline' https://.googleapis.com; connect-src 'self' https://consentcdn.cookiebot.com https://.google-analytics.com; font-src 'self' https://fonts.gstatic.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

stage.fi.auth.synlabaccess.health
51.116.99.178
02f00e88aaa9a16ed6bf13a3daf476998490a2a56648134155e31237f1bfa12b
0568970fbc75c9cfa06913045793fd4667722a4535653b93c9b3cc9005ecf830
17e3a354be56f0e6a49d3f12dcf946e51d6a2b392b6c5e2bc01d759ad6bdba49
28621673b3f1b49dd7ecb9246419f044977a1335f35b6f2a3bbf368ed6ee2d12
30d9dd307f7e0707a54a418fe1578278c4f11ef0bf8ccfebee045eac5a0a75f2
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
5d6ec87b3854968bf81073e32a2831cd78c72141dd34688970f94477281522ef
659dc3d6176ee236c0e6e51f8f74248875c4229215176de37eb60a6d5633a08e
831a38057e444b253c4950e4d3268f479902ae60476346173ddd801885bdd143
a65d5b4abb65aad37f302c96f1751362e2422a8869f7f889112556d77e384813
a66e8468aaf1d465ed09af12b3c94eeb396dada8a627f93325e2616c7338c8db
acbfa72d4e4f0587e8d6bb075324966947b49051647dccd0c8a26cebaccee68e
ada0a784bd2201e493082a3a36127be6eb0d324d130e63e1f73f05e642ae4b8c
f944fa22654834f63b214fba17f0446c8d60ccd2602b805550c91e1db9a73239

stage.fi.auth.synlabaccess.health Open in urlscan Pro 51.116.99.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

682 kBTransfer

677 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

stage.fi.auth.synlabaccess.health Open in urlscan Pro
51.116.99.178 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

682 kB
Transfer

677 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions