urlscan.io logo urlscan.io
SecurityTrails logo

staging.login.sanacorp.cloud Open in urlscan Pro
18.192.233.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://staging.login.sanacorp.cloud/
Effective URL: https://staging.login.sanacorp.cloud/auth/
Submission: On August 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 18.192.233.19, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is staging.login.sanacorp.cloud.
TLS certificate: Issued by Amazon RSA 2048 M03 on September 5th 2023. Valid for: a year.
This is the only time staging.login.sanacorp.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13 18.192.233.19 16509 (AMAZON-02)
11 1
Apex Domain
Subdomains		 Transfer
13 sanacorp.cloud
staging.login.sanacorp.cloud
163 KB
11 1
Domain Requested by
13 staging.login.sanacorp.cloud 2 redirects staging.login.sanacorp.cloud
11 1

This site contains links to these domains. Also see Links.

Domain
staging.apotheke.meineapotheke.sanacorp.cloud
www.sanacorp.de
Subject Issuer Validity Valid
staging.login.sanacorp.cloud
Amazon RSA 2048 M03		 2023-09-05 -
2024-10-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://staging.login.sanacorp.cloud/auth/
Frame ID: 31815CB97CF9348210AE76E2BA505C0A
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sanacorp Login

Page URL History Show full URLs

  1. https://staging.login.sanacorp.cloud/ HTTP 302
    https://staging.login.sanacorp.cloud/auth HTTP 303
    https://staging.login.sanacorp.cloud/auth/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

163 kB
Transfer

447 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://staging.login.sanacorp.cloud/ HTTP 302
    https://staging.login.sanacorp.cloud/auth HTTP 303
    https://staging.login.sanacorp.cloud/auth/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
staging.login.sanacorp.cloud/auth/
Redirect Chain
  • https://staging.login.sanacorp.cloud/
  • https://staging.login.sanacorp.cloud/auth
  • https://staging.login.sanacorp.cloud/auth/
46 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://staging.login.sanacorp.cloud/auth/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.233.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-233-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
83d4bd96a42ea66d30a2957a4d574143589a9cd73acafe1482bb27d1d17731c7
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, must-revalidate, no-transform, no-store
content-length
47096
content-security-policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Tue, 06 Aug 2024 00:41:32 GMT
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
none
x-xss-protection
1; mode=block

Redirect headers

content-length
0
date
Tue, 06 Aug 2024 00:41:32 GMT
location
https://staging.login.sanacorp.cloud/auth/
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bootstrap.css
staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/css/ 		195 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/css/bootstrap.css
Requested by
Host: staging.login.sanacorp.cloud
URL: https://staging.login.sanacorp.cloud/auth/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.233.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-233-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
791e204bf57f91515e75867be2459ff3c1833618cb01fc9760e09979f620b2df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:41:32 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
welcome_v3.css
staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/css/welcome_v3.css
Requested by
Host: staging.login.sanacorp.cloud
URL: https://staging.login.sanacorp.cloud/auth/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.233.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-233-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f4a20cd5436af9c98f3caa7e36e9586921e688b7dc63cef3c8bb9270ea8c4d97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:41:32 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=2592000
content-length
804
x-xss-protection
1; mode=block
jquery-3.6.1.slim.min.js
staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/js/jquery-3.6.1.slim.min.js
Requested by
Host: staging.login.sanacorp.cloud
URL: https://staging.login.sanacorp.cloud/auth/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.233.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-233-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c3c0af845b3b88735552d9d23f460a120d34a7d221d77ae52fdcc6aaf2dd78f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:41:32 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
bootstrap-4.6.2.bundle.min.js
staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/js/ 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/js/bootstrap-4.6.2.bundle.min.js
Requested by
Host: staging.login.sanacorp.cloud
URL: https://staging.login.sanacorp.cloud/auth/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.233.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-233-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:41:32 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
welcome_v4.js
staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/js/welcome_v4.js
Requested by
Host: staging.login.sanacorp.cloud
URL: https://staging.login.sanacorp.cloud/auth/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.233.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-233-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
becea2055d0a00af26f6b6a3c7d7f929b793630074017e8c1acec94559186e48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:41:32 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
cache-control
max-age=2592000
content-length
915
x-xss-protection
1; mode=block
sanacorp-logo.svg
staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/img/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/img/sanacorp-logo.svg
Requested by
Host: staging.login.sanacorp.cloud
URL: https://staging.login.sanacorp.cloud/auth/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.233.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-233-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38e1a1bfe1048a2b659ae38a612f1b928900351d82c69fbb4be8af4aabc349d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:41:32 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=2592000
content-length
2050
x-xss-protection
1; mode=block
open_in_new.svg
staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/img/ 		288 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/img/open_in_new.svg
Requested by
Host: staging.login.sanacorp.cloud
URL: https://staging.login.sanacorp.cloud/auth/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.233.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-233-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4b6e616a33cb71ae18195d813a7e85b30f7563ab4a57eb2cf7e0b262edc68723
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:41:32 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=2592000
content-length
228
x-xss-protection
1; mode=block
open-sans-v34-latin-regular.woff2
staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/fonts/open-sans-v34-latin-regular.woff2
Requested by
Host: staging.login.sanacorp.cloud
URL: https://staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/css/welcome_v3.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.233.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-233-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://staging.login.sanacorp.cloud
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:41:32 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/octet-stream
cache-control
max-age=2592000
x-xss-protection
1; mode=block
open-sans-v34-latin-600.woff2
staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/fonts/open-sans-v34-latin-600.woff2
Requested by
Host: staging.login.sanacorp.cloud
URL: https://staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/css/welcome_v3.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.233.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-233-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://staging.login.sanacorp.cloud
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:41:32 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/octet-stream
cache-control
max-age=2592000
x-xss-protection
1; mode=block
favicon.ico
staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/img/ 		5 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://staging.login.sanacorp.cloud/auth/resources/rloe8/welcome/sanacorp/img/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.233.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-233-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
80ce1f39bbc231506091232d84c2c6dfcfee55aa357b7a54cad7886b4bb2dfa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:41:32 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/octet-stream
cache-control
max-age=2592000
content-length
2480
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap

2 Cookies

Domain/Path Name / Value
staging.login.sanacorp.cloud/ Name: AWSALB
Value: rMPPBfLMpNlOcd5AyQG5igadrKyG2D51e/vAoSyuBwTjeWuqXpzXdzgcBrXSQL5jkvqqtzBGfVIm6VINV3TgTmU9E55SvCUj3tAnnBdI5y1GNfbB5ZEKW0G5S0Yp
staging.login.sanacorp.cloud/ Name: AWSALBCORS
Value: rMPPBfLMpNlOcd5AyQG5igadrKyG2D51e/vAoSyuBwTjeWuqXpzXdzgcBrXSQL5jkvqqtzBGfVIm6VINV3TgTmU9E55SvCUj3tAnnBdI5y1GNfbB5ZEKW0G5S0Yp

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block