![](/screenshots/66d11939-dc80-4e60-a18d-2810fd383d3d.png)
login.topicuszorg.nl
Open in
urlscan Pro
2606:4700:4400::ac40:9005
Public Scan
Effective URL: https://login.topicuszorg.nl/auth/realms/Professionals/protocol/openid-connect/auth?scope=openid&response_type=code&redirect_...
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On April 24 via api from IT — Scanned from NL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 1st 2023. Valid for: a year.
This is the only time login.topicuszorg.nl was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2606:4700:440... 2606:4700:4400::ac40:970c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 2606:4700:440... 2606:4700:4400::ac40:9005 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
topicuszorg.nl
login.topicuszorg.nl |
163 KB |
2 |
labonline.nl
2 redirects
slingeland.labonline.nl |
835 B |
11 | 2 |
Domain | Requested by | |
---|---|---|
11 | login.topicuszorg.nl |
login.topicuszorg.nl
|
2 | slingeland.labonline.nl | 2 redirects |
11 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
topicus.nl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.topicuszorg.nl Cloudflare Inc ECC CA-3 |
2023-10-01 - 2024-09-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.topicuszorg.nl/auth/realms/Professionals/protocol/openid-connect/auth?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fslingeland.labonline.nl%2Flabonline%2Flogin%3FauthType%3Dopenid%26identityProvider%3Dzorg-VIP-prod&state=rocMUOFERbfFnbOpwHDbxrWZvfkJSKDPPCmeazohODM&nonce=SHH9p7a4IOCG1xz6aDCqiW2V9c8AGLuiFoE7cO98AGk&client_id=labonline-slingeland-prod
Frame ID: 84460B1D8B47A70B705BDA70C49A8C92
Requests: 11 HTTP requests in this frame
Screenshot
![](/screenshots/66d11939-dc80-4e60-a18d-2810fd383d3d.png)
Page Title
Inloggen op Lab Online SlingelandPage URL History Show full URLs
-
https://slingeland.labonline.nl/login
HTTP 301
https://slingeland.labonline.nl/labonline/login?authType=openid&identityProvider=zorg-VIP-prod HTTP 302
https://login.topicuszorg.nl/auth/realms/Professionals/protocol/openid-connect/auth?scope=openid&response... Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Responsible disclosure
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://slingeland.labonline.nl/login
HTTP 301
https://slingeland.labonline.nl/labonline/login?authType=openid&identityProvider=zorg-VIP-prod HTTP 302
https://login.topicuszorg.nl/auth/realms/Professionals/protocol/openid-connect/auth?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fslingeland.labonline.nl%2Flabonline%2Flogin%3FauthType%3Dopenid%26identityProvider%3Dzorg-VIP-prod&state=rocMUOFERbfFnbOpwHDbxrWZvfkJSKDPPCmeazohODM&nonce=SHH9p7a4IOCG1xz6aDCqiW2V9c8AGLuiFoE7cO98AGk&client_id=labonline-slingeland-prod Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
auth
login.topicuszorg.nl/auth/realms/Professionals/protocol/openid-connect/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
login.topicuszorg.nl/auth/resources/v2407/login/topicuszorg/css/ |
46 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
template.js
login.topicuszorg.nl/auth/resources/v2407/login/topicuszorg/js/ |
4 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-topicus.svg
login.topicuszorg.nl/auth/resources/v2407/login/topicuszorg/img/ |
18 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-calculus.png
login.topicuszorg.nl/auth/resources/v2407/login/topicuszorg/img/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AvenirNextLTPro-Regular.woff2
login.topicuszorg.nl/auth/resources/v2407/login/topicuszorg/fonts/avenir/ |
22 KB 22 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AvenirNextLTPro-Demi.woff2
login.topicuszorg.nl/auth/resources/v2407/login/topicuszorg/fonts/avenir/ |
23 KB 23 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AvenirNext-Medium.woff2
login.topicuszorg.nl/auth/resources/v2407/login/topicuszorg/fonts/avenir/ |
58 KB 59 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AvenirNextLTPro-Bold.woff2
login.topicuszorg.nl/auth/resources/v2407/login/topicuszorg/fonts/avenir/ |
23 KB 23 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
domain-default-idp
login.topicuszorg.nl/auth/realms/Professionals/sso/ |
91 B 545 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
login.topicuszorg.nl/auth/resources/v2407/login/topicuszorg/img/ |
1 KB 1 KB |
Other
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| clickFileUpload7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login.topicuszorg.nl/auth/realms/Professionals/ | Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxMGExZTY5MC01OTE1LTQyZjUtYWMxMC1mODVkYmU0MmFmZGIifQ.eyJjaWQiOiJsYWJvbmxpbmUtc2xpbmdlbGFuZC1wcm9kIiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9zbGluZ2VsYW5kLmxhYm9ubGluZS5ubC9sYWJvbmxpbmUvbG9naW4_YXV0aFR5cGU9b3BlbmlkJmlkZW50aXR5UHJvdmlkZXI9em9yZy1WSVAtcHJvZCIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9sb2dpbi50b3BpY3Vzem9yZy5ubC9hdXRoL3JlYWxtcy9Qcm9mZXNzaW9uYWxzIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3NsaW5nZWxhbmQubGFib25saW5lLm5sL2xhYm9ubGluZS9sb2dpbj9hdXRoVHlwZT1vcGVuaWQmaWRlbnRpdHlQcm92aWRlcj16b3JnLVZJUC1wcm9kIiwic3RhdGUiOiJyb2NNVU9GRVJiZkZuYk9wd0hEYnhyV1p2ZmtKU0tEUFBDbWVhem9oT0RNIiwibm9uY2UiOiJTSEg5cDdhNElPQ0cxeHo2YURDcWlXMlY5YzhBR0x1aUZvRTdjTzk4QUdrIn19.NNY59HZluOXJegVRvUobiw9eln2KY8Mw__TEpF--di8 |
|
login.topicuszorg.nl/auth/realms/Professionals/ | Name: AUTH_SESSION_ID_LEGACY Value: 65bec2bf-687e-49ff-9e4b-e7dce2138657.kc-0-4746 |
|
login.topicuszorg.nl/auth/realms/Professionals/ | Name: AUTH_SESSION_ID Value: 65bec2bf-687e-49ff-9e4b-e7dce2138657.kc-0-4746 |
|
slingeland.labonline.nl/labonline | Name: JSESSIONID Value: 145c36673a8092506888247c4a49 |
|
.login.topicuszorg.nl/ | Name: _cfuvid Value: rUQZxH1MbmIPp7zvQXjlaP.Gp0qqU4KB5fq4tm.SQBg-1713981736168-0.0.1.1-604800000 |
|
login.topicuszorg.nl/ | Name: AWSALB Value: phwXOPeNCEkGQazaKA6GuM8H3Ueo5rdVWoPHbDRK247NE02U25w3cN5bt6xtSVQSsREFOlbeqokouQhSeqtzyzYwzH73UBo9/cbNkqgd+KPclzJ2FV1UUZ9gK4+L |
|
login.topicuszorg.nl/ | Name: AWSALBCORS Value: phwXOPeNCEkGQazaKA6GuM8H3Ueo5rdVWoPHbDRK247NE02U25w3cN5bt6xtSVQSsREFOlbeqokouQhSeqtzyzYwzH73UBo9/cbNkqgd+KPclzJ2FV1UUZ9gK4+L |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-src 'self'; frame-ancestors 'self'; object-src 'none'; |
Strict-Transport-Security | max-age=31557600; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.topicuszorg.nl
slingeland.labonline.nl
2606:4700:4400::ac40:9005
2606:4700:4400::ac40:970c
1132337a484be7e07bb3525d3f29f17bb457e96dfa1189faf6e18a7baec383a8
16181f5aba31806e931fd6bb1468492e73429749c2f6828a5d18fe2ae9d7821f
352583e07c79a9630ba0777144e4284241700d553d37c30607ed4cd790586f64
46f53804173fc215283d88c7b592f5a7ea870097f93839c54e8f5c7819fd4f91
4ee09093e7dd06f5872b32cb53bec38e927ed891ea612bbc123a8b8d905f76a1
9253905561f80e49869d18f7597fdb0ba88de6001e8358be159f6eeeaf754fe9
a11c4df3b0c1efa7306a23b7d006b2022848b5462ebf2cbf6a0e7b4503a43ccb
b5f07c5d280c2ab13782cd788bd4d41f4d1bb89ea8ed0dd4258c9307ca9fb6d4
ba114a60a1625dd39e15bf99b832156602c8048a9664865e4d03f4ab7e92bbef
e6a791ef5f007474f1bf979c15684593fea1bb7c45aaf7a82d8d92c34d387274
fa265a2ff3b6531cd9c5c1cfb7c5d05dd49179b2cae170eed0b94435e2649918