Submitted URL: http://account.demo.diagnexia.com/
Effective URL: https://account.demo.diagnexia.com/app
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On May 15 via api from IT — Scanned from IT

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 34.248.73.105, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is account.demo.diagnexia.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on May 15th 2024. Valid for: a year.
This is the only time account.demo.diagnexia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 22 34.248.73.105 16509 (AMAZON-02)
16 1
Apex Domain
Subdomains
Transfer
22 diagnexia.com
account.demo.diagnexia.com
portal.demo.diagnexia.com
3 MB
16 1
Domain Requested by
19 account.demo.diagnexia.com 3 redirects account.demo.diagnexia.com
3 portal.demo.diagnexia.com 3 redirects
16 2

This site contains no links.

Subject Issuer Validity Valid
euw1.demo1.dgx.deciphex.net
Amazon RSA 2048 M03
2024-05-15 -
2025-06-13
a year crt.sh

This page contains 1 frames:

Primary Page: https://account.demo.diagnexia.com/app
Frame ID: 0D8AEAB5ABCECD49F85258A53A9DF10F
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

Diagnexia - Login

Page URL History Show full URLs

  1. http://account.demo.diagnexia.com/ HTTP 307
    https://account.demo.diagnexia.com/ HTTP 302
    https://account.demo.diagnexia.com/app HTTP 302
    https://portal.demo.diagnexia.com/ HTTP 302
    https://portal.demo.diagnexia.com/app/home HTTP 302
    https://portal.demo.diagnexia.com/oauth2/authorization/portal HTTP 302
    https://account.demo.diagnexia.com/oauth2/authorize?response_type=code&client_id=73877e04-424d-4b75-8f30-5328ba... HTTP 302
    https://account.demo.diagnexia.com/app Page URL

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

2938 kB
Transfer

2932 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://account.demo.diagnexia.com/ HTTP 307
    https://account.demo.diagnexia.com/ HTTP 302
    https://account.demo.diagnexia.com/app HTTP 302
    https://portal.demo.diagnexia.com/ HTTP 302
    https://portal.demo.diagnexia.com/app/home HTTP 302
    https://portal.demo.diagnexia.com/oauth2/authorization/portal HTTP 302
    https://account.demo.diagnexia.com/oauth2/authorize?response_type=code&client_id=73877e04-424d-4b75-8f30-5328ba9c8d7c&scope=openid%20profile&state=nxp90e0VkOyMyASea7NQOctBc_uXMDFUlIniz8pzeXg%3D&redirect_uri=https://portal.demo.diagnexia.com/login/oauth2/code/portal&nonce=jztiWvipWvjUkXCJ-JcAxFl_N675V-58J9UNmAWYStA&code_challenge=s84BWhf5fc-7UnSDcunIjPPyH3cEFuTTEo9o6j7eFZE&code_challenge_method=S256 HTTP 302
    https://account.demo.diagnexia.com/app Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request app
account.demo.diagnexia.com/
Redirect Chain
  • http://account.demo.diagnexia.com/
  • https://account.demo.diagnexia.com/
  • https://account.demo.diagnexia.com/app
  • https://portal.demo.diagnexia.com/
  • https://portal.demo.diagnexia.com/app/home
  • https://portal.demo.diagnexia.com/oauth2/authorization/portal
  • https://account.demo.diagnexia.com/oauth2/authorize?response_type=code&client_id=73877e04-424d-4b75-8f30-5328ba9c8d7c&scope=openid%20profile&state=nxp90e0VkOyMyASea7NQOctBc_uXMDFUlIniz8pzeXg%3D&red...
  • https://account.demo.diagnexia.com/app
3 KB
3 KB
Document
General
Full URL
https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
51395d602ca03bc2b05d6c55762678cce1b5461440f76b27580feb9b6f933751
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-8EK9psugxC907TIX6fCBXxhh1aNgpkmCfnHfQye/7+4=';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-language
it-IT
content-security-policy
script-src 'self' 'nonce-8EK9psugxC907TIX6fCBXxhh1aNgpkmCfnHfQye/7+4=';
content-type
text/html;charset=ISO-8859-1
date
Wed, 15 May 2024 15:34:51 GMT
expires
0
pragma
no-cache
server
istio-envoy
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-envoy-upstream-service-time
6
x-frame-options
DENY
x-xss-protection
0

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Wed, 15 May 2024 15:34:51 GMT
expires
0
location
https://account.demo.diagnexia.com/app
pragma
no-cache
server
istio-envoy
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-envoy-upstream-service-time
8
x-frame-options
DENY
x-xss-protection
0
Roboto-Black-5ace0d08.ttf
account.demo.diagnexia.com/assets/diagnexia-identity/
164 KB
165 KB
Font
General
Full URL
https://account.demo.diagnexia.com/assets/diagnexia-identity/Roboto-Black-5ace0d08.ttf
Requested by
Host: account.demo.diagnexia.com
URL: https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
5ace0d0833ab83ff18ea94e4a7745f919c458ae4eabc298218226df4275ccd4d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Origin
https://account.demo.diagnexia.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:51 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
font/ttf
x-envoy-upstream-service-time
3
accept-ranges
bytes
content-length
168060
Roboto-BlackItalic-8b2f87fb.ttf
account.demo.diagnexia.com/assets/diagnexia-identity/
170 KB
170 KB
Font
General
Full URL
https://account.demo.diagnexia.com/assets/diagnexia-identity/Roboto-BlackItalic-8b2f87fb.ttf
Requested by
Host: account.demo.diagnexia.com
URL: https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
8b2f87fb08ff4b5d62e753c750fe3291813586501fa14dd258b1ad0bfba533ae

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Origin
https://account.demo.diagnexia.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:51 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
font/ttf
x-envoy-upstream-service-time
8
accept-ranges
bytes
content-length
174108
Roboto-Bold-ec685a46.ttf
account.demo.diagnexia.com/assets/diagnexia-identity/
163 KB
164 KB
Font
General
Full URL
https://account.demo.diagnexia.com/assets/diagnexia-identity/Roboto-Bold-ec685a46.ttf
Requested by
Host: account.demo.diagnexia.com
URL: https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
ec685a46105296fe46c8744da4a11cf8118ba6c11271941766f7a546df6aa7c7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Origin
https://account.demo.diagnexia.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:51 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
font/ttf
x-envoy-upstream-service-time
8
accept-ranges
bytes
content-length
167336
Roboto-BoldItalic-61df597f.ttf
account.demo.diagnexia.com/assets/diagnexia-identity/
167 KB
168 KB
Font
General
Full URL
https://account.demo.diagnexia.com/assets/diagnexia-identity/Roboto-BoldItalic-61df597f.ttf
Requested by
Host: account.demo.diagnexia.com
URL: https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
61df597f73c91f238cbe88fe3c536702d120d048b79b25fa0f4f7818fd123a6f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Origin
https://account.demo.diagnexia.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:51 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
font/ttf
x-envoy-upstream-service-time
14
accept-ranges
bytes
content-length
171508
Roboto-Italic-99e4a850.ttf
account.demo.diagnexia.com/assets/diagnexia-identity/
167 KB
167 KB
Font
General
Full URL
https://account.demo.diagnexia.com/assets/diagnexia-identity/Roboto-Italic-99e4a850.ttf
Requested by
Host: account.demo.diagnexia.com
URL: https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
99e4a85061136e99e052929ed0d85e36384fba5c34b773139a8f64339c609943

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Origin
https://account.demo.diagnexia.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:51 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
font/ttf
x-envoy-upstream-service-time
7
accept-ranges
bytes
content-length
170504
Roboto-Light-c576c506.ttf
account.demo.diagnexia.com/assets/diagnexia-identity/
163 KB
163 KB
Font
General
Full URL
https://account.demo.diagnexia.com/assets/diagnexia-identity/Roboto-Light-c576c506.ttf
Requested by
Host: account.demo.diagnexia.com
URL: https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
c576c50642271bcdbfffed04f92dc8d6a981daf300914d0a20c8a5a5a57015c7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Origin
https://account.demo.diagnexia.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:51 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
font/ttf
x-envoy-upstream-service-time
9
accept-ranges
bytes
content-length
167000
Roboto-LightItalic-a4840622.ttf
account.demo.diagnexia.com/assets/diagnexia-identity/
169 KB
170 KB
Font
General
Full URL
https://account.demo.diagnexia.com/assets/diagnexia-identity/Roboto-LightItalic-a4840622.ttf
Requested by
Host: account.demo.diagnexia.com
URL: https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
a48406226854d34fe99642a524a43b2fd26a7dbeca802d5100a8a98d20e1b73d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Origin
https://account.demo.diagnexia.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:51 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
font/ttf
x-envoy-upstream-service-time
7
accept-ranges
bytes
content-length
173172
Roboto-Medium-9d0d55a3.ttf
account.demo.diagnexia.com/assets/diagnexia-identity/
165 KB
165 KB
Font
General
Full URL
https://account.demo.diagnexia.com/assets/diagnexia-identity/Roboto-Medium-9d0d55a3.ttf
Requested by
Host: account.demo.diagnexia.com
URL: https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
9d0d55a303bfd13b79a87721f65185e93f235e2d77fe398b2dca67ac519915f5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Origin
https://account.demo.diagnexia.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:51 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
font/ttf
x-envoy-upstream-service-time
5
accept-ranges
bytes
content-length
168644
Roboto-MediumItalic-d3f317c9.ttf
account.demo.diagnexia.com/assets/diagnexia-identity/
169 KB
170 KB
Font
General
Full URL
https://account.demo.diagnexia.com/assets/diagnexia-identity/Roboto-MediumItalic-d3f317c9.ttf
Requested by
Host: account.demo.diagnexia.com
URL: https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
d3f317c97f4003892cb969bcfce8de3dc9d67fbf96fdafa68b2e3595317b0d94

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Origin
https://account.demo.diagnexia.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:51 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
font/ttf
x-envoy-upstream-service-time
8
accept-ranges
bytes
content-length
173416
Roboto-Regular-4e147ab6.ttf
account.demo.diagnexia.com/assets/diagnexia-identity/
164 KB
165 KB
Font
General
Full URL
https://account.demo.diagnexia.com/assets/diagnexia-identity/Roboto-Regular-4e147ab6.ttf
Requested by
Host: account.demo.diagnexia.com
URL: https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Origin
https://account.demo.diagnexia.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:51 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
font/ttf
x-envoy-upstream-service-time
4
accept-ranges
bytes
content-length
168260
Roboto-Thin-67248f7e.ttf
account.demo.diagnexia.com/assets/diagnexia-identity/
165 KB
165 KB
Font
General
Full URL
https://account.demo.diagnexia.com/assets/diagnexia-identity/Roboto-Thin-67248f7e.ttf
Requested by
Host: account.demo.diagnexia.com
URL: https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
67248f7e8c6edb3ce7ef73b0f00a534a7f42c1116cef63ce21b2035b5e979a06

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Origin
https://account.demo.diagnexia.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:51 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
font/ttf
x-envoy-upstream-service-time
6
accept-ranges
bytes
content-length
168488
Roboto-ThinItalic-28ce251a.ttf
account.demo.diagnexia.com/assets/diagnexia-identity/
169 KB
169 KB
Font
General
Full URL
https://account.demo.diagnexia.com/assets/diagnexia-identity/Roboto-ThinItalic-28ce251a.ttf
Requested by
Host: account.demo.diagnexia.com
URL: https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
28ce251a99cd57d00a98225a8fcb66b60b69daf10b0947c7ec4ed503c22affef

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Origin
https://account.demo.diagnexia.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:51 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
font/ttf
x-envoy-upstream-service-time
4
accept-ranges
bytes
content-length
172860
index-7dc45f30.js
account.demo.diagnexia.com/assets/diagnexia-identity/
832 KB
833 KB
Script
General
Full URL
https://account.demo.diagnexia.com/assets/diagnexia-identity/index-7dc45f30.js
Requested by
Host: account.demo.diagnexia.com
URL: https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
26525d3db878df87673783cf2d0691c7614ac8085aeb9b62b2f99ec6ffb504fa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Origin
https://account.demo.diagnexia.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:51 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
text/javascript
x-envoy-upstream-service-time
6
accept-ranges
bytes
content-length
851847
index-89479dfc.css
account.demo.diagnexia.com/assets/diagnexia-identity/
2 KB
2 KB
Stylesheet
General
Full URL
https://account.demo.diagnexia.com/assets/diagnexia-identity/index-89479dfc.css
Requested by
Host: account.demo.diagnexia.com
URL: https://account.demo.diagnexia.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
89479dfcf839b6f555cef47ed89224e708588700f696875134f1dad810eb8ede

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:51 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
text/css
x-envoy-upstream-service-time
14
accept-ranges
bytes
content-length
1988
favicon.ico
account.demo.diagnexia.com/
100 KB
100 KB
Other
General
Full URL
https://account.demo.diagnexia.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.73.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-73-105.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
6123e3472cd1dfdfc9e3bc4790cc91a80c926b7c0656bb7e1a2400e84cfc4237

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.demo.diagnexia.com/app
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:53 GMT
last-modified
Tue, 07 May 2024 10:07:03 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
image/x-icon
x-envoy-upstream-service-time
3
accept-ranges
bytes
content-length
101913

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| DgxRegionConfig

2 Cookies

Domain/Path Name / Value
account.demo.diagnexia.com/ Name: JSESSIONID
Value: StbkCyDR7iinTUakVjdW7vJAdN5U4WNcsEB2Dd1T
portal.demo.diagnexia.com/ Name: JSESSIONID
Value: b6t4kgwsUKug0opTsqpXogWxhI-zeb93coGui1BM

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'nonce-8EK9psugxC907TIX6fCBXxhh1aNgpkmCfnHfQye/7+4=';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0