urlscan.io logo urlscan.io
SecurityTrails logo

auth.dev.helixhealth.dev Open in urlscan Pro
80.248.18.202  Public Scan

Go To Rescan Add Verdict Report
URL: https://auth.dev.helixhealth.dev/
Submission: On April 18 via automatic, source certstream-suspicious — Scanned from IS
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 80.248.18.202, located in Reykjavik, Iceland and belongs to ORIGO-AS, IS. The main domain is auth.dev.helixhealth.dev.
TLS certificate: Issued by R3 on April 18th 2024. Valid for: 3 months.
This is the only time auth.dev.helixhealth.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 80.248.18.202 29689 (ORIGO-AS)
6 1
Apex Domain
Subdomains		 Transfer
6 helixhealth.dev
auth.dev.helixhealth.dev
222 KB
6 1
Domain Requested by
6 auth.dev.helixhealth.dev auth.dev.helixhealth.dev
6 1

This site contains no links.

Subject Issuer Validity Valid
auth.dev.helixhealth.dev
R3		 2024-04-18 -
2024-07-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.dev.helixhealth.dev/
Frame ID: E92C166309B1564FC59760D6055E089C
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Saga AuĂ°kenning

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

222 kB
Transfer

221 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
auth.dev.helixhealth.dev/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.dev.helixhealth.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.248.18.202 Reykjavik, Iceland, ASN29689 (ORIGO-AS, IS),
Reverse DNS
status.dev.hc.t.is
Software
/
Resource Hash
bc74a090d0fdaa721cdfcde2e2a53272ed4d836acf9313ac6e13fefba4e4bb5b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; default-src 'self'; connect-src 'self'; font-src 'self'; object-src 'none'; img-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample'; style-src 'self' 'unsafe-inline'; media-src https:; frame-ancestors 'none'; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
is-IS,is;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; default-src 'self'; connect-src 'self'; font-src 'self'; object-src 'none'; img-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample'; style-src 'self' 'unsafe-inline'; media-src https:; frame-ancestors 'none'; base-uri 'self'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 18 Apr 2024 12:55:34 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=self, fullscreen=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(), usb=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
bootstrap.min.css
auth.dev.helixhealth.dev/css/ 		191 KB
191 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.dev.helixhealth.dev/css/bootstrap.min.css
Requested by
Host: auth.dev.helixhealth.dev
URL: https://auth.dev.helixhealth.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.248.18.202 Reykjavik, Iceland, ASN29689 (ORIGO-AS, IS),
Reverse DNS
status.dev.hc.t.is
Software
/
Resource Hash
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://auth.dev.helixhealth.dev/
Accept-Language
is-IS,is;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:55:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 29 Mar 2024 11:29:31 GMT
cross-origin-embedder-policy
require-corp
etag
"1da81cc5defa42a"
content-type
text/css
cross-origin-resource-policy
same-origin
accept-ranges
bytes
content-length
195498
site.css
auth.dev.helixhealth.dev/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.dev.helixhealth.dev/css/site.css
Requested by
Host: auth.dev.helixhealth.dev
URL: https://auth.dev.helixhealth.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.248.18.202 Reykjavik, Iceland, ASN29689 (ORIGO-AS, IS),
Reverse DNS
status.dev.hc.t.is
Software
/
Resource Hash
d3e0a7a5c162dd17664b5777a37322c9dbf8d732e0b6bd9b178f1d571cf47fff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://auth.dev.helixhealth.dev/
Accept-Language
is-IS,is;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:55:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 29 Mar 2024 11:29:31 GMT
cross-origin-embedder-policy
require-corp
etag
"1da81cc5ded5018"
content-type
text/css
cross-origin-resource-policy
same-origin
accept-ranges
bytes
content-length
3992
mini-logo.svg
auth.dev.helixhealth.dev/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.dev.helixhealth.dev/images/mini-logo.svg
Requested by
Host: auth.dev.helixhealth.dev
URL: https://auth.dev.helixhealth.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.248.18.202 Reykjavik, Iceland, ASN29689 (ORIGO-AS, IS),
Reverse DNS
status.dev.hc.t.is
Software
/
Resource Hash
96fab715a0915f2e18ed65cd0d4886b2233d35df7cb4444e63932b43c99548d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://auth.dev.helixhealth.dev/
Accept-Language
is-IS,is;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:55:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 29 Mar 2024 11:29:31 GMT
cross-origin-embedder-policy
require-corp
etag
"1da81cc5ded50d8"
content-type
image/svg+xml
cross-origin-resource-policy
same-origin
accept-ranges
bytes
content-length
3928
splash-image.svg
auth.dev.helixhealth.dev/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.dev.helixhealth.dev/images/splash-image.svg
Requested by
Host: auth.dev.helixhealth.dev
URL: https://auth.dev.helixhealth.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.248.18.202 Reykjavik, Iceland, ASN29689 (ORIGO-AS, IS),
Reverse DNS
status.dev.hc.t.is
Software
/
Resource Hash
9147a51f7c47e3cfebad64be9ce92ec757fc2784a3a0cf50e605e2785365ddde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://auth.dev.helixhealth.dev/
Accept-Language
is-IS,is;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:55:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 29 Mar 2024 11:29:31 GMT
cross-origin-embedder-policy
require-corp
etag
"1da81cc5ded50e4"
content-type
image/svg+xml
cross-origin-resource-policy
same-origin
accept-ranges
bytes
content-length
3940
favicon.ico
auth.dev.helixhealth.dev/images/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://auth.dev.helixhealth.dev/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.248.18.202 Reykjavik, Iceland, ASN29689 (ORIGO-AS, IS),
Reverse DNS
status.dev.hc.t.is
Software
/
Resource Hash
6e8ee2e250d0846ef498316c95cc61c274606e10443416f627b599b8fb5835c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://auth.dev.helixhealth.dev/
Accept-Language
is-IS,is;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:55:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 29 Mar 2024 11:29:31 GMT
cross-origin-embedder-policy
require-corp
etag
"1da81cc5ded63ae"
content-type
image/x-icon
cross-origin-resource-policy
same-origin
accept-ranges
bytes
content-length
15406

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
auth.dev.helixhealth.dev/ Name: .AspNetCore.Antiforgery.VyLW6ORzMgk
Value: CfDJ8A0IZpuYfUVIp3x5cQmMgHPcHNiJcPAK9Q4Ti0QcWV5JTZR0nae9yDNm9a9kvOivyboHi3bobUYfdkaAec6BfDfK9qm6sGRDXO86F8u0GOxFVlfaLVofWzybeZ6YkAT378T3n64n1lV5oQuWwcwAUqI

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://auth.dev.helixhealth.dev/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; default-src 'self'; connect-src 'self'; font-src 'self'; object-src 'none'; img-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample'; style-src 'self' 'unsafe-inline'; media-src https:; frame-ancestors 'none'; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block