idp.safenetid.com Open in urlscan Pro
34.120.123.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://office.chair.ch/
Effective URL:
https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlL...
Submission: On May 04 via api (May 4th 2024, 10:12:32 am UTC) from US — Scanned from CH

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 57 HTTP transactions. The main IP is 34.120.123.85, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is idp.safenetid.com. The Cisco Umbrella rank of the primary domain is 158967.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on November 1st 2023. Valid for: a year.

This is the only time idp.safenetid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	193.192.251.94 193.192.251.94	6730 (SUNRISE) (SUNRISE)
3 26	82.220.35.45 82.220.35.45	9044 (SOLNET) (SOLNET)
32	34.120.123.85 34.120.123.85	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	172.217.16.155 172.217.16.155	15169 (GOOGLE) (GOOGLE)
57	4

1 193.192.251.94 (Opfikon, Switzerland) 1 redirects

ASN6730 (SUNRISE, CH)

office.chair.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 82.220.35.45 (Dulliken, Switzerland) 3 redirects

ASN9044 (SOLNET, CH)

ras03.mycld.bz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 34.120.123.85 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.123.120.34.bc.googleusercontent.com

idp.safenetid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.safenetid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
re.safenetid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.155 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f155.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	safenetid.com idp.safenetid.com — Cisco Umbrella Rank: 158967 resources.safenetid.com — Cisco Umbrella Rank: 244083 re.safenetid.com — Cisco Umbrella Rank: 239927	1 MB
26	mycld.bz 3 redirects ras03.mycld.bz	2 MB
2	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 353	29 KB
1	chair.ch 1 redirects office.chair.ch	133 B
57	4

	Domain	Requested by
26	ras03.mycld.bz	3 redirects ras03.mycld.bz
17	idp.safenetid.com	ras03.mycld.bz idp.safenetid.com
10	re.safenetid.com	idp.safenetid.com re.safenetid.com
5	resources.safenetid.com	idp.safenetid.com
2	storage.googleapis.com	idp.safenetid.com
1	office.chair.ch	1 redirects
57	6

This site contains no links.

Subject Issuer	Validity	Valid
chair.mycld.bz R3	`2024-04-25` - `2024-07-24`	3 months	crt.sh
*.safenetid.com Sectigo RSA Organization Validation Secure Server CA	`2023-11-01` - `2024-10-31`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D
Frame ID: 48F9227286F3DECC7B185897360DEE2B
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SafeNet Trusted Access

Page URL History Show full URLs

https://office.chair.ch/ HTTP 303
https://ras03.mycld.bz/RASHTML5Gateway HTTP 302
https://ras03.mycld.bz/userportal HTTP 302
https://ras03.mycld.bz/userportal/ Page URL
https://ras03.mycld.bz/userportal/sso/idp_1/logon HTTP 302
https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYq... Page URL

Page Statistics

57
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

3395 kB
Transfer

3365 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://office.chair.ch/ HTTP 303
https://ras03.mycld.bz/RASHTML5Gateway HTTP 302
https://ras03.mycld.bz/userportal HTTP 302
https://ras03.mycld.bz/userportal/ Page URL
https://ras03.mycld.bz/userportal/sso/idp_1/logon HTTP 302
https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://office.chair.ch/ HTTP 303
https://ras03.mycld.bz/RASHTML5Gateway HTTP 302
https://ras03.mycld.bz/userportal HTTP 302
https://ras03.mycld.bz/userportal/

57 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
ras03.mycld.bz/userportal/
Redirect Chain

https://office.chair.ch/
https://ras03.mycld.bz/RASHTML5Gateway
https://ras03.mycld.bz/userportal
https://ras03.mycld.bz/userportal/

1 KB
2 KB

29ms
29ms

Document
text/html

82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

9a89ffe2285469b848ade47dfd4304652610cdb8f1408aca0bcdfa98b7488048

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Content-type: text/html
Date: Sat, 04 May 2024 10:12:23 GMT
Keep-Alive: timeout=5
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=0
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0

Redirect headers

Connection: keep-alive
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Date: Sat, 04 May 2024 10:12:23 GMT
Keep-Alive: timeout=5
Location: /userportal/
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=0
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK index-62435202.js Show response
ras03.mycld.bz/userportal/assets/ 2 MB
2 MB 32ms
32ms Script
text/javascript 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/index-62435202.js

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

3908b1fc76fa837f23929d5ee5b4724a3f967d98ed0bf979fe52cec1e7d898c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ras03.mycld.bz/
Origin: https://ras03.mycld.bz
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:23 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/javascript
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK index-6d26c5b7.css
ras03.mycld.bz/userportal/assets/ 84 KB
85 KB 508ms
221ms Stylesheet
text/css 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/index-6d26c5b7.css

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

6d26c5b79e50d827030e102ec78f49a0e692ca6866fc7b181af9a5339716ddf3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ras03.mycld.bz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:24 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/css
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK init Show response
ras03.mycld.bz/userportal/ 6 KB
7 KB 145ms
144ms Fetch
application/json 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/init

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-62435202.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

94259209b0a3d105a2a1c712b43ad2dcfff82f5ae6cf84171a7728dafe8dde72

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ras03.mycld.bz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Date: Sat, 04 May 2024 10:12:25 GMT
Content-Type: application/json;charset=utf-8
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 6389
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK WebClient-97862188.js Show response
ras03.mycld.bz/userportal/assets/ 3 KB
4 KB 1625ms
319ms Script
text/javascript 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/WebClient-97862188.js

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-62435202.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

f3d3c539c20e2f35bef1a529a9647002d93a60f1a0512673fcbc0dd789e37c70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://ras03.mycld.bz
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:26 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/javascript
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK SeamlessAppOptions-33770e63.js Show response
ras03.mycld.bz/userportal/assets/ 40 KB
42 KB 1625ms
314ms Script
text/javascript 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/SeamlessAppOptions-33770e63.js

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-62435202.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

4b3fca91803f0e9160b313b7162f03dbe0e3b813f83268a9463addfeb1418f76

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://ras03.mycld.bz
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:26 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/javascript
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK TaskbarManager-125b3835.js Show response
ras03.mycld.bz/userportal/assets/ 7 KB
9 KB 1619ms
308ms Script
text/javascript 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/TaskbarManager-125b3835.js

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-62435202.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

b10e40e6cf32aa3a334a7762c71c12b029bb4cb8aa560d5ba7e8cbfcf2133bbc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://ras03.mycld.bz
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:26 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/javascript
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK NewAuth-4f867956.js Show response
ras03.mycld.bz/userportal/assets/ 23 KB
24 KB 1619ms
309ms Script
text/javascript 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/NewAuth-4f867956.js

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-62435202.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

04172d236f01bd786eeb2ccb4e57a4a12a4f9d535432a45b718bb58c599409e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://ras03.mycld.bz
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:26 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/javascript
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK NewAuth-cce25e6f.css
ras03.mycld.bz/userportal/assets/ 1 KB
3 KB 204ms
65ms Stylesheet
text/css 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/NewAuth-cce25e6f.css

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-62435202.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

cce25e6f2e2c260d940c69052468e2b95183822a83635e695bb386c2ad08eb95

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ras03.mycld.bz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:25 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/css
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK ErrorHandlingMixin-8592c033.js Show response
ras03.mycld.bz/userportal/assets/ 257 B
2 KB 1660ms
35ms Script
text/javascript 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/ErrorHandlingMixin-8592c033.js

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-62435202.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

5c4e23a7dce76a9c1cfb36082300d0f7bfb719259604fbb9b8565c77cfe4f14f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://ras03.mycld.bz
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:27 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/javascript
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK SeamlessAppOptions-dab99be1.css
ras03.mycld.bz/userportal/assets/ 12 KB
13 KB 1304ms
1099ms Stylesheet
text/css 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/SeamlessAppOptions-dab99be1.css

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-62435202.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

dab99be15f04b67a457fc43015d7dc8df56cbccf73cc4728791f441c049c1180

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ras03.mycld.bz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:25 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/css
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK AppFooter-52e917e3.js Show response
ras03.mycld.bz/userportal/assets/ 2 KB
3 KB 1661ms
36ms Script
text/javascript 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/AppFooter-52e917e3.js

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-62435202.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

459438d9b324bf4e5dbbf2de161ac46c31f5ac106655a3127cad9469b2a66065

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://ras03.mycld.bz
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:27 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/javascript
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK AppFooter-126f7700.css
ras03.mycld.bz/userportal/assets/ 718 B
2 KB 1305ms
1099ms Stylesheet
text/css 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/AppFooter-126f7700.css

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-62435202.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

126f7700719f38af29f6b53fab56638215b6629595a61bb09e9c970742841bad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ras03.mycld.bz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:25 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/css
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK OpenSans-Regular-4a7f7e24.woff2
ras03.mycld.bz/userportal/assets/ 58 KB
59 KB 1560ms
318ms Font
application/font-woff2 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/OpenSans-Regular-4a7f7e24.woff2

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-6d26c5b7.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

4a7f7e246fb61ccc3f57cd38061bbbdd4ada9768649d9d3e3362ec46be278bf5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ras03.mycld.bz/
Origin: https://ras03.mycld.bz
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:26 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: application/font-woff2
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK workbox-window.prod.es5-08b2315b.js Show response
ras03.mycld.bz/userportal/assets/ 5 KB
7 KB 1408ms
37ms Script
text/javascript 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/workbox-window.prod.es5-08b2315b.js

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-62435202.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

436bac75ac20973f09f6a293c19cfc2e3edc851259685b0cfe628a0073114028

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ras03.mycld.bz/
Origin: https://ras03.mycld.bz
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:27 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/javascript
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e193aa0f9c4bb99b67400cdc7f50fa4beea35dd56c6f3323055a034e11ccd9e3

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK desktop_background_1-a89ae03c.svg
ras03.mycld.bz/userportal/assets/ 2 KB
3 KB 1396ms
39ms Image
image/svg+xml 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ras03.mycld.bz/userportal/assets/desktop_background_1-a89ae03c.svg

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

a89ae03c07a2cf089682184cd816399aeaeac29d7f21069f4f40ad9df50b9d7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ras03.mycld.bz/userportal/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:27 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: image/svg+xml
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK OpenSans-Light-e5670641.woff2
ras03.mycld.bz/userportal/assets/ 58 KB
59 KB 1323ms
317ms Font
application/font-woff2 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/OpenSans-Light-e5670641.woff2

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-6d26c5b7.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

e5670641cf2a14fec8ad02f99e7d97198fd22fdd28b4a1f2a14ec7f597632e1d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ras03.mycld.bz/
Origin: https://ras03.mycld.bz
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:26 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: application/font-woff2
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK Login-eb805066.js Show response
ras03.mycld.bz/userportal/assets/ 11 KB
12 KB 34ms
33ms Script
text/javascript 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/Login-eb805066.js

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-62435202.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

c0b1d7d862838c591219fcabc8e6055ea93089a4ab4e8efd6f3bd735033452d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://ras03.mycld.bz
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:27 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/javascript
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK ConnectionErrorModal-b49a117f.js Show response
ras03.mycld.bz/userportal/assets/ 1 KB
2 KB 53ms
52ms Script
text/javascript 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/ConnectionErrorModal-b49a117f.js

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-62435202.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

3bfd191c6a277dcc44d16610633c8a4593732d1065a9ffd17c65b03e355593d8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://ras03.mycld.bz
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:27 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/javascript
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H/1.1 200
OK Login-b22c85f7.css
ras03.mycld.bz/userportal/assets/ 1 KB
2 KB 53ms
53ms Stylesheet
text/css 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/assets/Login-b22c85f7.css

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/index-62435202.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

b22c85f779ffce41dcdad38cdee454c4d4e4dc2d54ee69384ead211d482627f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ras03.mycld.bz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:32 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:27 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: text/css
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:32 GMT

GET
H2

200

Primary Request saml Show response
idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/
Redirect Chain

https://ras03.mycld.bz/userportal/sso/idp_1/logon
https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QN...

11 KB
12 KB

717ms
537ms

Document
text/html

34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D

Requested by

Host: ras03.mycld.bz
URL: https://ras03.mycld.bz/userportal/assets/Login-eb805066.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

b3b251a01f5099738c2ff1f5f2ab69beceb49c1852b284d922282ecfa4481bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cloud.safenet-inc.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://ras03.mycld.bz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, must-revalidate, max-age=0
content-language: en
content-length: 11042
content-type: text/html;charset=utf-8
date: Sat, 04 May 2024 10:12:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: WAF
strict-transport-security: max-age=31536000; includeSubDomains max-age=15768000
via: 1.1 google
x-content-type-options: nosniff
x-envoy-upstream-service-time: 460
x-frame-options: ALLOW-FROM cloud.safenet-inc.com
x-robots-tag: none
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Date: Sat, 04 May 2024 10:12:27 GMT
Keep-Alive: timeout=5
Location: https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=0
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK favicon.png
ras03.mycld.bz/userportal/ 245 B
2 KB 28ms
27ms Other
image/png 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/favicon.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ras03.mycld.bz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:30 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:27 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: image/png
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:30 GMT

GET
H/1.1 200
OK favicon.png
ras03.mycld.bz/userportal/ 245 B
1 KB 52ms
31ms Other
image/png 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/favicon.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ras03.mycld.bz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
Date: Sat, 04 May 2024 10:12:27 GMT
Last-Modified: Mon, 11 Mar 2024 15:08:30 GMT
max-age: 0
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
Content-type: image/png
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:30 GMT

GET
H/1.1 200
OK favicon.ico
ras03.mycld.bz/userportal/ 1 KB
2 KB 28ms
28ms Other
image/ico 82.220.35.45
SOLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://ras03.mycld.bz/userportal/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

82.220.35.45 Dulliken, Switzerland, ASN9044 (SOLNET, CH),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ras03.mycld.bz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security: max-age=0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Mar 2024 15:08:30 GMT
max-age: 0
Date: Sat, 04 May 2024 10:12:27 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Content-type: image/ico
Permissions-Policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
expires: Mon, 11 Mar 2024 15:08:30 GMT

GET
H2 200 sasidp-libs.min.css
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/css/ 253 KB
254 KB 132ms
129ms Stylesheet
text/css 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/css/sasidp-libs.min.css?v=7.1.0-421953

Requested by

Host: idp.safenetid.com
URL: https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

57e2f276875cf3ab0a23e03953d8fa335a1358250b6bdde3d0732624bd1306b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: text/css;charset=UTF-8
cache-control: no-cache
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/css/ 31 KB
31 KB 78ms
77ms Stylesheet
text/css 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/css/styles.css?v=7.1.0-421953

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

b7b008cd814ed60d9e6c92c78a4e37cc4bfa1886dde6aeb6669229c95d644f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: text/css;charset=UTF-8
cache-control: no-cache
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32006
x-xss-protection: 1; mode=block

GET
H2 200 5ae12c2e422b9433cda20dc4e6f8e405.css
resources.safenetid.com/content/ANSX25AOW8-STA/ 5 KB
5 KB 88ms
55ms Stylesheet
text/css 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.safenetid.com/content/ANSX25AOW8-STA/5ae12c2e422b9433cda20dc4e6f8e405.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

70a1b983a5aaa09a9273037641a445489a04673bc63043be55b6ab0c4af2baa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:28 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4830
expires: Mon, 03 Jun 2024 10:12:28 GMT

GET
H2 200 sasidp-libs.min.js Show response
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/ 232 KB
233 KB 119ms
118ms Script
text/javascript 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/sasidp-libs.min.js?v=7.1.0-421953

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

f7ef7c1db0d723180af8d7a57ee1c1b87e0bd91b2f3d48e75c50b53290e4839f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: text/javascript;charset=UTF-8
cache-control: no-cache
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

GET
H3 200 open-sans.css
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/fonts/OpenSans/ 5 KB
5 KB 88ms
86ms Stylesheet
text/css 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/fonts/OpenSans/open-sans.css

Requested by

Host: idp.safenetid.com
URL: https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/css/styles.css?v=7.1.0-421953

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

04d42f4c477e2188b0546da735d3be7126ecff2fb1ccea2b1728acea4feed480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: text/css;charset=UTF-8
cache-control: no-cache
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5034
x-xss-protection: 1; mode=block

GET
H3 200 gto-custom-icons.css
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/css/ 3 KB
3 KB 84ms
82ms Stylesheet
text/css 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/css/gto-custom-icons.css

Requested by

Host: idp.safenetid.com
URL: https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/css/styles.css?v=7.1.0-421953

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

674fa25ad5ee1f225afbdcbd0319e36a84f69edce8cc1a60a428e6340ec69507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: text/css;charset=UTF-8
cache-control: no-cache
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2753
x-xss-protection: 1; mode=block

GET
H3 200 loc.js Show response
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/ 18 KB
18 KB 117ms
117ms Script
text/javascript 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/loc.js?v=7.1.0-421953

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

e0dd726b918b1c7a8a45e950bd098e6acaef9265833d53903a240150d9fe5a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: text/javascript;charset=UTF-8
cache-control: no-cache
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18041
x-xss-protection: 1; mode=block

GET
H3 200 template.js Show response
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/ 1 KB
1 KB 65ms
64ms Script
text/javascript 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/template.js?v=7.1.0-421953

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

78c875ae7fbca65fc38696160e261c1389e18cb29c89beb39744ab97406367ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: text/javascript;charset=UTF-8
cache-control: no-cache
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1041
x-xss-protection: 1; mode=block

GET
H3 200 idfirston-scripts.js Show response
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/ 19 KB
19 KB 80ms
80ms Script
text/javascript 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/idfirston-scripts.js?v=7.1.0-421953

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

220f3c3655ee46daa894c7438e0ee96a34e25877af125668e235332be2383298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: text/javascript;charset=UTF-8
cache-control: no-cache
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19929
x-xss-protection: 1; mode=block

GET
H3 200 back-button.js Show response
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/ 6 KB
6 KB 71ms
70ms Script
text/javascript 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/back-button.js?v=7.1.0-421953

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

3df0010975efd85f82783f43e201d1902fe24d42acface8d877e3d666c43b79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: text/javascript;charset=UTF-8
cache-control: no-cache
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5725
x-xss-protection: 1; mode=block

GET
H3 200 0b950fe114f790e5b2eafa7164135507.png
resources.safenetid.com/content/ANSX25AOW8-STA/ 8 KB
8 KB 59ms
58ms Image
image/png 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.safenetid.com/content/ANSX25AOW8-STA/0b950fe114f790e5b2eafa7164135507.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

7bf694c9fd95e318f7db51f00acfeb1c94f615d9c839c065fd7611626105f36f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:29 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8392
expires: Mon, 03 Jun 2024 10:12:29 GMT

GET
H3 200 0d21fb6aba7a59129d631be268da637d.png
resources.safenetid.com/content/ANSX25AOW8-STA/ 11 KB
11 KB 54ms
53ms Image
image/png 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.safenetid.com/content/ANSX25AOW8-STA/0d21fb6aba7a59129d631be268da637d.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

8afc27ea874772ed07bd91e286ce65c08ae32de3801e971b0c185c899af0ae16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:29 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10850
expires: Mon, 03 Jun 2024 10:12:29 GMT

GET
H3 200 localeInitialize.js Show response
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/ 4 KB
4 KB 269ms
269ms Script
text/javascript 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/localeInitialize.js?v=7.1.0-421953

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

34f592e999a16f7473b6516952d20fcafcba84b21449c2fad21b5838e28265c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: text/javascript;charset=UTF-8
cache-control: no-cache
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3714
x-xss-protection: 1; mode=block

GET
H3 200 fa-solid-900.woff2
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/webfonts/ 151 KB
151 KB 118ms
117ms Font
application/octet-stream 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/webfonts/fa-solid-900.woff2

Requested by

Host: idp.safenetid.com
URL: https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/css/sasidp-libs.min.css?v=7.1.0-421953

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://idp.safenetid.com
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: application/octet-stream
cache-control: no-cache
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

GET
H3 200 OpenSans-Bold.woff2
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/fonts/OpenSans/Bold/ 46 KB
46 KB 100ms
99ms Font
application/octet-stream 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/fonts/OpenSans/Bold/OpenSans-Bold.woff2

Requested by

Host: idp.safenetid.com
URL: https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/fonts/OpenSans/open-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://idp.safenetid.com
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: application/octet-stream
cache-control: no-cache
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

GET
H3 200 OpenSans-Regular.woff2
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/fonts/OpenSans/Regular/ 46 KB
46 KB 70ms
69ms Font
application/octet-stream 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/fonts/OpenSans/Regular/OpenSans-Regular.woff2

Requested by

Host: idp.safenetid.com
URL: https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/fonts/OpenSans/open-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://idp.safenetid.com
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: application/octet-stream
cache-control: no-cache
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

GET
H2 200 cpl-sta-p-app-cluk-01-eu-languages-bucket-01 Show response
storage.googleapis.com/ 4 KB
4 KB 832ms
169ms XHR
application/xml 172.217.16.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/cpl-sta-p-app-cluk-01-eu-languages-bucket-01
Requested by: Host: idp.safenetid.com
URL: https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/loc.js?v=7.1.0-421953
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f155.1e100.net
Software: UploadServer /
Resource Hash: 0203d725531470a02bee7bfdd8ba69020e0f82ca11eeeb654651dc9fa4296901

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:30 GMT
server: UploadServer
x-guploader-uploadid: ABPtcPodVoGS8p1u0aXXy8Z-2W2vocym_urv1s8FLNuAhjT_dLIWxs7AJmkgNX9Q9zhkKcwTx13D2FGQwQ
content-type: application/xml; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *, Cache-Control, Content-Length, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-metageneration: 4
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3966
expires: Sat, 04 May 2024 10:12:30 GMT

GET
H3 200 lang-list.xml Show response
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/langs/ 3 KB
3 KB 81ms
79ms XHR
application/octet-stream 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/langs/lang-list.xml?v=7.1.0-421953

Requested by

Host: idp.safenetid.com
URL: https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/loc.js?v=7.1.0-421953

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

61c72c85553329410a8066a218fdba2252366643f66abd0c0244d1dad4da8a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: application/octet-stream
cache-control: no-cache
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3447
x-xss-protection: 1; mode=block

GET
H3 200 languages Show response
resources.safenetid.com/organization/DTSJZTOY4G-STA/ 33 B
53 B 407ms
318ms XHR
application/json 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.safenetid.com/organization/DTSJZTOY4G-STA/languages

Requested by

Host: idp.safenetid.com
URL: https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/loc.js?v=7.1.0-421953

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

c26f6f42c2f70f69dfc6dc15ed7fe99392c67706c789b66405aaa7c5b6cf6d77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:29 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33

GET
H2 200 scripts Show response
re.safenetid.com/api/v1/tenants/_unknown_/ 1 KB
1 KB 87ms
65ms Script
application/javascript 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://re.safenetid.com/api/v1/tenants/_unknown_/scripts

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

8b18cf35729cf92cee447490d1dff85a6743eb81f6853b45245df07708bc0c5a

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:29 GMT
via: 1.1 google
server: WAF
accept-ch: sec-ch-ua-platform-version
etag: W/"41f-7wr/J0q+PQkCcHig2gfN6evP19w"
vary: Origin
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1055

GET
H3 200 4c667507019784ddaa4beee34b94921a.jpg
resources.safenetid.com/content/ANSX25AOW8-STA/ 272 KB
272 KB 60ms
59ms Image
image/jpeg 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.safenetid.com/content/ANSX25AOW8-STA/4c667507019784ddaa4beee34b94921a.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

5808d3af034c907c0ee562423cab202dcd514555cab562ef84e7faf3cd2e6825

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:29 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278168
expires: Mon, 03 Jun 2024 10:12:29 GMT

GET
H3 200 signalCollector.min.js Show response
re.safenetid.com/javascripts/ 17 KB
17 KB 1187ms
1187ms Script
application/javascript 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://re.safenetid.com/javascripts/signalCollector.min.js
Requested by: Host: re.safenetid.com
URL: https://re.safenetid.com/api/v1/tenants/_unknown_/scripts
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 85.123.120.34.bc.googleusercontent.com
Software: WAF /
Resource Hash: bbfe760cdbf4e93fb8cca59b33530ff11accfc6b4c0ef7eeeef51d61cf402f42

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:29 GMT
via: 1.1 google
last-modified: Mon, 11 Dec 2023 17:25:52 GMT
server: WAF
etag: W/"4369-18c59e9ed00"
vary: Origin
content-type: application/javascript
cache-control: public, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17257

GET
H2 200 en.json Show response
storage.googleapis.com/cpl-sta-p-app-cluk-01-eu-languages-bucket-01/ 25 KB
25 KB 57ms
56ms XHR
application/json 172.217.16.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/cpl-sta-p-app-cluk-01-eu-languages-bucket-01/en.json?f318b037242effa43ab0865444626c7c
Requested by: Host: idp.safenetid.com
URL: https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/js/loc.js?v=7.1.0-421953
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f155.1e100.net
Software: UploadServer /
Resource Hash: 87dc8c392dfe0a26ed7b95b396c68936ebdd0aa5df5f51fa77373bad607719e3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:04:50 GMT
age: 460
x-guploader-uploadid: ABPtcPockh0T5ma2j6k6o3ciMsWUHcSnbkbe251e3uMkhIJ4Cw4DuWxmf5-xNv8S2zL3Xcbibmyccrq5zA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25132
last-modified: Mon, 29 Apr 2024 19:08:29 GMT
server: UploadServer
etag: "f318b037242effa43ab0865444626c7c"
x-goog-generation: 1713288032636851
x-goog-hash: crc32c=3o2avQ==, md5=8xiwNyQu/6Q6sIZURGJsfA==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 25132
accept-ranges: bytes
content-type: application/json
expires: Sat, 04 May 2024 11:04:50 GMT

GET
DATA 200
OK truncated
/ 277 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b17b504fce7c265ddff3b3d09a9e68c0e75860acae0d16571eb8b0d5df3e53f

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 OpenSans-Semibold.woff2
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/fonts/OpenSans/Semibold/ 62 KB
62 KB 185ms
185ms Font
application/octet-stream 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/fonts/OpenSans/Semibold/OpenSans-Semibold.woff2

Requested by

Host: idp.safenetid.com
URL: https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/fonts/OpenSans/open-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

df0231affb521137bf135898b6ce4c2ce59a79e3e23068a673868366c7ac68bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://idp.safenetid.com
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: application/octet-stream
cache-control: no-cache
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

OPTIONS
H3 204 etag
re.safenetid.com/api/v1/tenants/_unknown_/ecookie/ 0
0 284ms
283ms Preflight
text/html 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://re.safenetid.com/api/v1/tenants/_unknown_/ecookie/etag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 85.123.120.34.bc.googleusercontent.com
Software: WAF /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://idp.safenetid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://idp.safenetid.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html
date: Sat, 04 May 2024 10:12:30 GMT
server: WAF
vary: Origin,Access-Control-Request-Headers
via: 1.1 google
x-envoy-upstream-service-time: 3

OPTIONS
H3 204 cache
re.safenetid.com/api/v1/tenants/_unknown_/ecookie/ 0
0 329ms
300ms Preflight
text/html 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://re.safenetid.com/api/v1/tenants/_unknown_/ecookie/cache
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 85.123.120.34.bc.googleusercontent.com
Software: WAF /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://idp.safenetid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://idp.safenetid.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html
date: Sat, 04 May 2024 10:12:31 GMT
server: WAF
vary: Origin,Access-Control-Request-Headers
via: 1.1 google
x-envoy-upstream-service-time: 4

GET
H3 200 etag Show response
re.safenetid.com/api/v1/tenants/_unknown_/ecookie/ 36 B
57 B 64ms
64ms XHR
text/html 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://re.safenetid.com/api/v1/tenants/_unknown_/ecookie/etag
Requested by: Host: re.safenetid.com
URL: https://re.safenetid.com/javascripts/signalCollector.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 85.123.120.34.bc.googleusercontent.com
Software: WAF /
Resource Hash: 78b40463d037e271d101d4c3bea2cdd0ba0febd6a4342c61d31508f271619b4a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://idp.safenetid.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:31 GMT
via: 1.1 google
server: WAF
accept-ch: sec-ch-ua-platform-version
etag: 126bd29e-53ff-40dd-a85f-6f41fd32f2b9
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://idp.safenetid.com
cache-control: private, max-age=630720000
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36
expires: Tue, 31 Dec 2030 23:30:45 GMT

GET
H3 200 cache Show response
re.safenetid.com/api/v1/tenants/_unknown_/ecookie/ 36 B
57 B 61ms
60ms XHR
text/html 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://re.safenetid.com/api/v1/tenants/_unknown_/ecookie/cache
Requested by: Host: re.safenetid.com
URL: https://re.safenetid.com/javascripts/signalCollector.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 85.123.120.34.bc.googleusercontent.com
Software: WAF /
Resource Hash: 9b774f7dbabaf503c739c5994d4c223804d722366c15ae5abd6a7407c789e6c9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://idp.safenetid.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:31 GMT
via: 1.1 google
server: WAF
accept-ch: sec-ch-ua-platform-version
etag: W/"24-H157A14mC63srNOm263RmORRfls"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://idp.safenetid.com
cache-control: private, max-age=630720000
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36
expires: Tue, 31 Dec 2030 23:30:45 GMT

GET
H3 200 bsid.ico
idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/img/ 15 KB
15 KB 310ms
307ms Other
application/octet-stream 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.safenetid.com/auth/resources/1ylkc/login/sas-login-ui/img/bsid.ico?v=7.1.0-421953

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.123.120.34.bc.googleusercontent.com

Software

WAF /

Resource Hash

da2af433e16a363adb88eff7157f9181284f8207e6ea6c80dc9096a547c2ee5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/protocol/saml?SAMLRequest=lZJRb5swFIX%2FCvI7GBMYqkWoWKO1mdI1CmzS%2BlLdwGWxBHbma9qlv35Osmh9WaW9Xp17v3OOXVz%2FGofgGS0po%2BdMRDG7Lotqcju9wZ8Tkgu8QNOcTVZLA6RIahiRpGtlXd2vZBLFcm%2BNM60Z2FksCcbh%2FQ0gQus8kwXfLnA%2FZ8FyMWdPyYerJImv0i5L%2BizuYSsgj2dCiFaINM0ResgSAbMc%2FQLRhEtNDrTzN%2BIkDeMsjNNGxFIkMsmjbJY%2FsmDhsygN7oTaObcnybnq9hFBjxqd6qLWjBx8dG4RhpH4oqk%2FPzYP39PbsG4qfknJj%2FFYUF0i3BhN04i2RvusWvy6Wf0FtDtQNhoP7dBF21e%2Bqeq75n6V3YLDFzhwInP08CT4uRAWrP9APirdKf3j%2FRa3ZxHJu6ZZh%2BuHumFlcXQnT63Y8r9tjOigAweRf8iCvz1VfPH45WJtBtUegk%2FGjuD%2B7U5E4jRRXdifpHLStMdW9Qo7390wmJcbX7PDOXN2QsbLgr%2F9duVv&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VRbOayBCnp0UIMTDB186KVw2sKYs8newnI8pYVBva0CJH9PtuTLsiNC4ryqbxh8X8H5x1v8KHCMGY0rtK%2FeY7knod9uvvh5rW4K9yKh9BW9ReIaNOiFquBH9fnuyRCTV2HYdWxbWwn54pUceEY%2FrTAOqpXNvfjJb%2FjDZOm4il%2FhwdEwt7dcv72rVd6T%2Bho%2BbDI5zmBJdwWKEBvxyO6pIH4DbOzI0iHJhcBCnNdFLUFFaufjNsyLDKqVRdj3dsuJTUTdfRy9LXuInCtu7l7xVAGtauhC9w3YO7eEx23dBd3uFWzYd1N883TrQJdUb1nrIiOwsjLCNFJ%2FS38UUXjeKFA%3D%3D
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 google
server: WAF
x-frame-options: sameorigin
content-type: application/octet-stream
cache-control: no-cache
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

PATCH
H3 200 signals Show response
re.safenetid.com/api/v1/tenants/_unknown_/visits/b8278c82-0e86-46ac-b2bf-d4c22bca929f/ 2 B
21 B 75ms
75ms XHR
text/plain 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://re.safenetid.com/api/v1/tenants/_unknown_/visits/b8278c82-0e86-46ac-b2bf-d4c22bca929f/signals
Requested by: Host: re.safenetid.com
URL: https://re.safenetid.com/javascripts/signalCollector.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 85.123.120.34.bc.googleusercontent.com
Software: WAF /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://idp.safenetid.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 04 May 2024 10:12:32 GMT
via: 1.1 google
server: WAF
accept-ch: sec-ch-ua-platform-version
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://idp.safenetid.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

OPTIONS
H3 204 signals
re.safenetid.com/api/v1/tenants/_unknown_/visits/b8278c82-0e86-46ac-b2bf-d4c22bca929f/ 0
0 67ms
67ms Preflight
text/html 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://re.safenetid.com/api/v1/tenants/_unknown_/visits/b8278c82-0e86-46ac-b2bf-d4c22bca929f/signals
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 85.123.120.34.bc.googleusercontent.com
Software: WAF /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PATCH
Origin: https://idp.safenetid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://idp.safenetid.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html
date: Sat, 04 May 2024 10:12:31 GMT
server: WAF
vary: Origin,Access-Control-Request-Headers
via: 1.1 google
x-envoy-upstream-service-time: 4

GET
H3 200 etag Show response
re.safenetid.com/api/v1/tenants/_unknown_/ecookie/ 36 B
0 0ms
0ms XHR
text/html 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://re.safenetid.com/api/v1/tenants/_unknown_/ecookie/etag
Requested by: Host: re.safenetid.com
URL: https://re.safenetid.com/javascripts/signalCollector.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 85.123.120.34.bc.googleusercontent.com
Software: WAF /
Resource Hash: 78b40463d037e271d101d4c3bea2cdd0ba0febd6a4342c61d31508f271619b4a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://idp.safenetid.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:31 GMT
via: 1.1 google
server: WAF
accept-ch: sec-ch-ua-platform-version
etag: 126bd29e-53ff-40dd-a85f-6f41fd32f2b9
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://idp.safenetid.com
cache-control: private, max-age=630720000
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36
expires: Tue, 31 Dec 2030 23:30:45 GMT

GET
H3 200 cache Show response
re.safenetid.com/api/v1/tenants/_unknown_/ecookie/ 36 B
0 0ms
0ms XHR
text/html 34.120.123.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://re.safenetid.com/api/v1/tenants/_unknown_/ecookie/cache
Requested by: Host: re.safenetid.com
URL: https://re.safenetid.com/javascripts/signalCollector.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.123.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 85.123.120.34.bc.googleusercontent.com
Software: WAF /
Resource Hash: 9b774f7dbabaf503c739c5994d4c223804d722366c15ae5abd6a7407c789e6c9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://idp.safenetid.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:12:31 GMT
via: 1.1 google
server: WAF
accept-ch: sec-ch-ua-platform-version
etag: W/"24-H157A14mC63srNOm263RmORRfls"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://idp.safenetid.com
cache-control: private, max-age=630720000
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36
expires: Tue, 31 Dec 2030 23:30:45 GMT

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 8d8b5e16-3973-48d2-ad7b-56962b947855.idp-78578c8cf9-jhmh5-58977
idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 8d8b5e16-3973-48d2-ad7b-56962b947855.idp-78578c8cf9-jhmh5-58977
idp.safenetid.com/auth/realms/DTSJZTOY4G-STA/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI0Yjc2MDc0MC1jOGZkLTQxMTUtYTRhNy00ZWI1ODZjYTU5MjkifQ.eyJjaWQiOiJodHRwczovL2NoYWlyLm15Y2xkLmJ6L1JBU0hUTUw1R2F0ZXdheS9zc28vaWRwXzEvbWV0YWRhdGEueG1sIiwicHR5Ijoic2FtbCIsInJ1cmkiOiJodHRwczovL2NoYWlyLm15Y2xkLmJ6L1JBU0hUTUw1R2F0ZXdheS9zc28vaWRwXzEvYXNzZXJ0IiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsiTkFNRUlEX0ZPUk1BVCI6InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OnVuc3BlY2lmaWVkIiwiU0FNTF9SRVFVRVNUX0lEIjoiXzI2OTIyMDk0ZDUyZjUwZmFiMWE3MDMxMTFjMTE0NDdlYWZhNTIxYTM3ZSIsInNhbWxfYmluZGluZyI6InBvc3QifX0.NS9W5oqs6NjxbZlOk2swIcI6hz-3Q_WljbITvbDWp4U
ras03.mycld.bz/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 1714817543566gkTQB5LT9vfHmg7J
idp.safenetid.com/	1969-12-31 23:59:59	Name: GWAFSESSION Value: s.idp1
resources.safenetid.com/	1969-12-31 23:59:59	Name: GWAFSESSION Value: s.resources1
idp.safenetid.com/	1970-01-20 20:21:43	Name: sas_first_page_from_back Value:
idp.safenetid.com/	1970-01-20 20:21:43	Name: sas_page Value: 0
re.safenetid.com/	1970-01-20 20:20:18	Name: revisit Value: f1cba2ab-f4c9-45eb-b4e8-c82566bc65ee
re.safenetid.com/	1969-12-31 23:59:59	Name: GWAFSESSION Value: s.re1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-hashes' 'sha256-UrnDFA6ScJ0MMPu4e/WOkGbT/ajqNJ2hTgffvMF9FMY=' 'sha256-ICa0DhwZQJsOd/Rn0N8H6FdQ71GfNL+op2zhAQ+Y4mM=' 'sha256-ZD0chCyBaNHl+4UwQHJIHGoYhKwMeyCXGgJTKW5/67E='; script-src 'self' 'wasm-unsafe-eval' 'nonce-LLIa/vd/Q8AK4idnHYN+SA==' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none';
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

idp.safenetid.com
office.chair.ch
ras03.mycld.bz
re.safenetid.com
resources.safenetid.com
storage.googleapis.com
172.217.16.155
193.192.251.94
34.120.123.85
82.220.35.45
0203d725531470a02bee7bfdd8ba69020e0f82ca11eeeb654651dc9fa4296901
04172d236f01bd786eeb2ccb4e57a4a12a4f9d535432a45b718bb58c599409e6
04d42f4c477e2188b0546da735d3be7126ecff2fb1ccea2b1728acea4feed480
126f7700719f38af29f6b53fab56638215b6629595a61bb09e9c970742841bad
220f3c3655ee46daa894c7438e0ee96a34e25877af125668e235332be2383298
34f592e999a16f7473b6516952d20fcafcba84b21449c2fad21b5838e28265c1
3908b1fc76fa837f23929d5ee5b4724a3f967d98ed0bf979fe52cec1e7d898c8
3bfd191c6a277dcc44d16610633c8a4593732d1065a9ffd17c65b03e355593d8
3df0010975efd85f82783f43e201d1902fe24d42acface8d877e3d666c43b79b
436bac75ac20973f09f6a293c19cfc2e3edc851259685b0cfe628a0073114028
459438d9b324bf4e5dbbf2de161ac46c31f5ac106655a3127cad9469b2a66065
4a7f7e246fb61ccc3f57cd38061bbbdd4ada9768649d9d3e3362ec46be278bf5
4b3fca91803f0e9160b313b7162f03dbe0e3b813f83268a9463addfeb1418f76
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57e2f276875cf3ab0a23e03953d8fa335a1358250b6bdde3d0732624bd1306b0
5808d3af034c907c0ee562423cab202dcd514555cab562ef84e7faf3cd2e6825
5b17b504fce7c265ddff3b3d09a9e68c0e75860acae0d16571eb8b0d5df3e53f
5c4e23a7dce76a9c1cfb36082300d0f7bfb719259604fbb9b8565c77cfe4f14f
61c72c85553329410a8066a218fdba2252366643f66abd0c0244d1dad4da8a94
674fa25ad5ee1f225afbdcbd0319e36a84f69edce8cc1a60a428e6340ec69507
6d26c5b79e50d827030e102ec78f49a0e692ca6866fc7b181af9a5339716ddf3
70a1b983a5aaa09a9273037641a445489a04673bc63043be55b6ab0c4af2baa9
78b40463d037e271d101d4c3bea2cdd0ba0febd6a4342c61d31508f271619b4a
78c875ae7fbca65fc38696160e261c1389e18cb29c89beb39744ab97406367ca
7bf694c9fd95e318f7db51f00acfeb1c94f615d9c839c065fd7611626105f36f
87dc8c392dfe0a26ed7b95b396c68936ebdd0aa5df5f51fa77373bad607719e3
8afc27ea874772ed07bd91e286ce65c08ae32de3801e971b0c185c899af0ae16
8b18cf35729cf92cee447490d1dff85a6743eb81f6853b45245df07708bc0c5a
94259209b0a3d105a2a1c712b43ad2dcfff82f5ae6cf84171a7728dafe8dde72
9a89ffe2285469b848ade47dfd4304652610cdb8f1408aca0bcdfa98b7488048
9b774f7dbabaf503c739c5994d4c223804d722366c15ae5abd6a7407c789e6c9
a89ae03c07a2cf089682184cd816399aeaeac29d7f21069f4f40ad9df50b9d7c
b10e40e6cf32aa3a334a7762c71c12b029bb4cb8aa560d5ba7e8cbfcf2133bbc
b22c85f779ffce41dcdad38cdee454c4d4e4dc2d54ee69384ead211d482627f0
b3b251a01f5099738c2ff1f5f2ab69beceb49c1852b284d922282ecfa4481bb8
b7b008cd814ed60d9e6c92c78a4e37cc4bfa1886dde6aeb6669229c95d644f0c
bbfe760cdbf4e93fb8cca59b33530ff11accfc6b4c0ef7eeeef51d61cf402f42
c0b1d7d862838c591219fcabc8e6055ea93089a4ab4e8efd6f3bd735033452d6
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
c26f6f42c2f70f69dfc6dc15ed7fe99392c67706c789b66405aaa7c5b6cf6d77
cce25e6f2e2c260d940c69052468e2b95183822a83635e695bb386c2ad08eb95
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
da2af433e16a363adb88eff7157f9181284f8207e6ea6c80dc9096a547c2ee5e
dab99be15f04b67a457fc43015d7dc8df56cbccf73cc4728791f441c049c1180
df0231affb521137bf135898b6ce4c2ce59a79e3e23068a673868366c7ac68bb
e0dd726b918b1c7a8a45e950bd098e6acaef9265833d53903a240150d9fe5a93
e193aa0f9c4bb99b67400cdc7f50fa4beea35dd56c6f3323055a034e11ccd9e3
e5670641cf2a14fec8ad02f99e7d97198fd22fdd28b4a1f2a14ec7f597632e1d
f3d3c539c20e2f35bef1a529a9647002d93a60f1a0512673fcbc0dd789e37c70
f7ef7c1db0d723180af8d7a57ee1c1b87e0bd91b2f3d48e75c50b53290e4839f

idp.safenetid.com Open in urlscan Pro 34.120.123.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

57 Requests

100 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

4 IPs

2 Countries

3395 kBTransfer

3365 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

idp.safenetid.com Open in urlscan Pro
34.120.123.85 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

3395 kB
Transfer

3365 kB
Size

10
Cookies

57 HTTP transactions
2 data transactions