urlscan.io logo urlscan.io
SecurityTrails logo

lab01.securelab.ninja Open in urlscan Pro
162.210.224.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://updater.lab01.securelab.ninja/
Effective URL: https://lab01.securelab.ninja/main/login
Submission: On July 18 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 162.210.224.182, located in Canada and belongs to EDA, CA. The main domain is lab01.securelab.ninja.
TLS certificate: Issued by R3 on July 6th 2023. Valid for: 3 months.
This is the only time lab01.securelab.ninja was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 162.210.224.182 55172 (EDA)
11 1
Apex Domain
Subdomains		 Transfer
12 securelab.ninja
updater.lab01.securelab.ninja
lab01.securelab.ninja
387 KB
11 1
Domain Requested by
11 lab01.securelab.ninja lab01.securelab.ninja
1 updater.lab01.securelab.ninja 1 redirects
11 2

This site contains no links.

Subject Issuer Validity Valid
lab01.securelab.ninja
R3		 2023-07-06 -
2023-10-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lab01.securelab.ninja/main/login
Frame ID: 7394846812CD7AA82BBB4DAC0D67A586
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SP Admin - Login Main

Page URL History Show full URLs

  1. https://updater.lab01.securelab.ninja/ HTTP 302
    https://lab01.securelab.ninja/main/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

386 kB
Transfer

2014 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://updater.lab01.securelab.ninja/ HTTP 302
    https://lab01.securelab.ninja/main/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
lab01.securelab.ninja/main/
Redirect Chain
  • https://updater.lab01.securelab.ninja/
  • https://lab01.securelab.ninja/main/login
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lab01.securelab.ninja/main/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.210.224.182 , Canada, ASN55172 (EDA, CA),
Reverse DNS
Software
Apache /
Resource Hash
dfaff4a852ded7d9e8a4f1bbb24e311708c49eb228a658f3fab776bcb58228d8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
2422
content-security-policy
default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
content-type
text/html; charset=UTF-8
date
Tue, 18 Jul 2023 14:20:48 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge,chrome=1
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-security-policy
default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
content-type
text/html; charset=UTF-8
date
Tue, 18 Jul 2023 14:20:47 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://lab01.securelab.ninja/main/login
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge,chrome=1
x-xss-protection
1; mode=block
style.min.css
lab01.securelab.ninja/css/compressed/ 		408 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lab01.securelab.ninja/css/compressed/style.min.css?build=3.8.4
Requested by
Host: lab01.securelab.ninja
URL: https://lab01.securelab.ninja/main/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.210.224.182 , Canada, ASN55172 (EDA, CA),
Reverse DNS
Software
Apache /
Resource Hash
673468d0ba2d1a1a55a68bc88ff30352bf222cd1742ea01eac6eb0e98721cbb1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lab01.securelab.ninja/main/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Fri, 19 May 2023 10:25:27 GMT
server
Apache
content-security-policy
default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
transfer-encoding
chunked
accept-ranges
bytes
x-xss-protection
1; mode=block
jquery.min.js
lab01.securelab.ninja/js/components/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lab01.securelab.ninja/js/components/jquery.min.js?build=3.8.4
Requested by
Host: lab01.securelab.ninja
URL: https://lab01.securelab.ninja/main/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.210.224.182 , Canada, ASN55172 (EDA, CA),
Reverse DNS
Software
Apache /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lab01.securelab.ninja/main/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Fri, 19 May 2023 10:25:27 GMT
server
Apache
content-security-policy
default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
29822
x-xss-protection
1; mode=block
animate.css
lab01.securelab.ninja/assets/a0a98c21/css/ 		72 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lab01.securelab.ninja/assets/a0a98c21/css/animate.css
Requested by
Host: lab01.securelab.ninja
URL: https://lab01.securelab.ninja/main/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.210.224.182 , Canada, ASN55172 (EDA, CA),
Reverse DNS
Software
Apache /
Resource Hash
396dbd813fce58172dd5867592ab343bacb05c44b2f058b8b4f27afdf1f90c14
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lab01.securelab.ninja/main/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Tue, 18 Jul 2023 12:41:52 GMT
server
Apache
content-security-policy
default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
accept-ranges
bytes
content-length
4038
x-xss-protection
1; mode=block
igrowl.min.css
lab01.securelab.ninja/assets/a0a98c21/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lab01.securelab.ninja/assets/a0a98c21/css/igrowl.min.css
Requested by
Host: lab01.securelab.ninja
URL: https://lab01.securelab.ninja/main/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.210.224.182 , Canada, ASN55172 (EDA, CA),
Reverse DNS
Software
Apache /
Resource Hash
6932d5736cc4d4ff81250508e9c4a5582c3423acc13a69936807ccafa9eadbb5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lab01.securelab.ninja/main/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Tue, 18 Jul 2023 12:41:52 GMT
server
Apache
content-security-policy
default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
accept-ranges
bytes
content-length
1284
x-xss-protection
1; mode=block
vicons.css
lab01.securelab.ninja/assets/a0a98c21/css/fonts/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lab01.securelab.ninja/assets/a0a98c21/css/fonts/vicons.css
Requested by
Host: lab01.securelab.ninja
URL: https://lab01.securelab.ninja/main/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.210.224.182 , Canada, ASN55172 (EDA, CA),
Reverse DNS
Software
Apache /
Resource Hash
361774a0c46b4da8e59389cd1c2ba64335512c283fd49c754e65972f24550716
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lab01.securelab.ninja/main/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Tue, 18 Jul 2023 12:41:52 GMT
server
Apache
content-security-policy
default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
accept-ranges
bytes
content-length
830
x-xss-protection
1; mode=block
igrowl.js
lab01.securelab.ninja/assets/a0a98c21/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lab01.securelab.ninja/assets/a0a98c21/igrowl.js?build=3.8.4
Requested by
Host: lab01.securelab.ninja
URL: https://lab01.securelab.ninja/main/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.210.224.182 , Canada, ASN55172 (EDA, CA),
Reverse DNS
Software
Apache /
Resource Hash
947556d99fe11d1ab0c82ee7b726679699c0f6b54e617d6a848d45e39d48d2eb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lab01.securelab.ninja/main/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Tue, 18 Jul 2023 12:41:52 GMT
server
Apache
content-security-policy
default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
1937
x-xss-protection
1; mode=block
translation.js
lab01.securelab.ninja/js/application/ 		394 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lab01.securelab.ninja/js/application/translation.js?build=3.8.4
Requested by
Host: lab01.securelab.ninja
URL: https://lab01.securelab.ninja/main/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.210.224.182 , Canada, ASN55172 (EDA, CA),
Reverse DNS
Software
Apache /
Resource Hash
a3d35d03b7f2918c7d13e0135298bafebf16d7bb7dbff02504590ccc7806d72c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lab01.securelab.ninja/main/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Fri, 19 May 2023 10:25:27 GMT
server
Apache
content-security-policy
default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
197
x-xss-protection
1; mode=block
logo.png
lab01.securelab.ninja/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lab01.securelab.ninja/images/logo.png
Requested by
Host: lab01.securelab.ninja
URL: https://lab01.securelab.ninja/main/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.210.224.182 , Canada, ASN55172 (EDA, CA),
Reverse DNS
Software
Apache /
Resource Hash
c0b0b9ea20f06243c150a8e09d8d62b8214422d9d71b5ec267623a673fc1f6ab
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lab01.securelab.ninja/main/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:20:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
last-modified
Fri, 19 May 2023 10:25:27 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
11357
x-xss-protection
1; mode=block
main.min.js
lab01.securelab.ninja/js/compressed/ 		1 MB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lab01.securelab.ninja/js/compressed/main.min.js?build=3.8.4
Requested by
Host: lab01.securelab.ninja
URL: https://lab01.securelab.ninja/main/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.210.224.182 , Canada, ASN55172 (EDA, CA),
Reverse DNS
Software
Apache /
Resource Hash
f2139a0afe4cffe65c6fc9d092420acb3f635d0781e67a8f4927ca5b34e27e55
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lab01.securelab.ninja/main/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Fri, 19 May 2023 10:25:27 GMT
server
Apache
content-security-policy
default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
transfer-encoding
chunked
accept-ranges
bytes
x-xss-protection
1; mode=block
icons.woff2
lab01.securelab.ninja/css/semantic/assets/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lab01.securelab.ninja/css/semantic/assets/fonts/icons.woff2
Requested by
Host: lab01.securelab.ninja
URL: https://lab01.securelab.ninja/css/compressed/style.min.css?build=3.8.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.210.224.182 , Canada, ASN55172 (EDA, CA),
Reverse DNS
Software
Apache /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lab01.securelab.ninja/css/compressed/style.min.css?build=3.8.4
Origin
https://lab01.securelab.ninja
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:20:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
last-modified
Fri, 19 May 2023 10:25:27 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
content-length
56780
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| t string| timeZone function| List object| popupSettings function| initSemanticUI function| ajaxInitSemanticUI function| handleAjaxModalWindows function| onModalClose function| createModalMarkup function| removeModalMarkup function| clearDOMFix function| flash object| updates function| moment function| ListPagination object| Chartist function| Chartist.plugins.tooltip function| Chartist.plugins.ctPointLabels function| Chartist.plugins.legend object| Base64 object| tus object| translation

2 Cookies

Domain/Path Name / Value
updater.lab01.securelab.ninja/ Name: PHPSESSID
Value: 7b508afa47f61dcee6416cf7f102d212
lab01.securelab.ninja/ Name: PHPSESSID
Value: 1f0c0935e2999c8d185564a187876ed0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' *:8243 *:82 *:85 *:88 data:; font-src 'self' *.gstatic.com *.googleapis.com data:; form-action 'self'; frame-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block