urlscan.io logo urlscan.io
SecurityTrails logo

dev.eduid.se Open in urlscan Pro
130.242.131.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://support.dev.eduid.se/
Effective URL: https://dev.eduid.se/login/e5a21321-78c3-43ff-9d13-531ffcd0dadf
Submission: On October 04 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 130.242.131.61, located in Sweden and belongs to SUNET SUNET Swedish University Network, EU. The main domain is dev.eduid.se.
TLS certificate: Issued by R3 on September 11th 2021. Valid for: 3 months.
This is the only time dev.eduid.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 130.242.131.32 1653 (SUNET SUN...)
1 1 130.242.131.52 1653 (SUNET SUN...)
1 3 130.242.131.21 1653 (SUNET SUN...)
6 130.242.131.61 1653 (SUNET SUN...)
1 130.242.131.11 1653 (SUNET SUN...)
9 4
1    130.242.131.32 (Sweden)

ASN1653 (SUNET SUNET Swedish University Network, EU)
support.dev.eduid.se
1    130.242.131.52 (Sweden)

ASN1653 (SUNET SUNET Swedish University Network, EU)
PTR: dashboard.dev.eduid.se
dashboard.dev.eduid.se
3    130.242.131.21 (Sweden)

ASN1653 (SUNET SUNET Swedish University Network, EU)
PTR: idp.dev.eduid.se
idp.dev.eduid.se
6    130.242.131.61 (Sweden)

ASN1653 (SUNET SUNET Swedish University Network, EU)
PTR: dev.eduid.se
dev.eduid.se
www.dev.eduid.se
1    130.242.131.11 (Sweden)

ASN1653 (SUNET SUNET Swedish University Network, EU)
PTR: monitor.dev.eduid.se
monitor.dev.eduid.se
Domain Requested by
4 www.dev.eduid.se dev.eduid.se
3 idp.dev.eduid.se 1 redirects www.dev.eduid.se
2 dev.eduid.se www.dev.eduid.se
1 monitor.dev.eduid.se www.dev.eduid.se
1 dashboard.dev.eduid.se 1 redirects
1 support.dev.eduid.se 1 redirects
9 6

This site contains links to these domains. Also see Links.

Domain
signup.dev.eduid.se
Subject Issuer Validity Valid
www.dev.eduid.se
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
monitor.dev.eduid.se
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
idp.dev.eduid.se
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dev.eduid.se/login/e5a21321-78c3-43ff-9d13-531ffcd0dadf
Frame ID: 451866ED770683E845EB9F2B1F6F5916
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

eduID login

Page URL History Show full URLs

  1. https://support.dev.eduid.se/ HTTP 302
    https://dashboard.dev.eduid.se/services/authn/login?next=https%3A%2F%2Fsupport.dev.eduid.se%2F HTTP 302
    https://idp.dev.eduid.se/sso/redirect?SAMLRequest=nZJBTwIxEIX%2FStP7bndX4dDAJouEiMFA2EUTb2U7SBO2xc6U6... HTTP 302
    https://dev.eduid.se/login/e5a21321-78c3-43ff-9d13-531ffcd0dadf Page URL

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

6
Subdomains

4
IPs

1
Countries

551 kB
Transfer

1567 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://support.dev.eduid.se/ HTTP 302
    https://dashboard.dev.eduid.se/services/authn/login?next=https%3A%2F%2Fsupport.dev.eduid.se%2F HTTP 302
    https://idp.dev.eduid.se/sso/redirect?SAMLRequest=nZJBTwIxEIX%2FStP7bndX4dDAJouEiMFA2EUTb2U7SBO2xc6U6L%2B3gEr0wMHjvLyX%2BeZlBhYzWQXa2iW8BUBi793OoozykAdvpVNo4qg6QEmtrKvHmSzSTO69I9e6Hf8J5NcDChE8GWc5m46H3Oikv3nw9fOyX%2FlRmPfCpObsCTxGy5DHRPQhBphaJGUpSlmRJ3mWZLdNnsmsJ4ubF87GkdlYRafUlmiPUgij96mGQwo6GJ0iCEQnPGjjoSXOFl%2FsI2O1sa%2FXuddnE8r7plkki3ndcFZ933LnLIYOfA3%2BYFpYLWcXCK1wu3bK6z8oZysKdWxdoOp2RaJa5OUgdihPN3s2cb5TdJ3sqMQaNyerBEuGPnj5n%2FUdkNKK1EBcEMrj8Ps3yk8%3D HTTP 302
    https://dev.eduid.se/login/e5a21321-78c3-43ff-9d13-531ffcd0dadf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request e5a21321-78c3-43ff-9d13-531ffcd0dadf
dev.eduid.se/login/
Redirect Chain
  • https://support.dev.eduid.se/
  • https://dashboard.dev.eduid.se/services/authn/login?next=https%3A%2F%2Fsupport.dev.eduid.se%2F
  • https://idp.dev.eduid.se/sso/redirect?SAMLRequest=nZJBTwIxEIX%2FStP7bndX4dDAJouEiMFA2EUTb2U7SBO2xc6U6L%2B3gEr0wMHjvLyX%2BeZlBhYzWQXa2iW8BUBi793OoozykAdvpVNo4qg6QEmtrKvHmSzSTO69I9e6Hf8J5NcDChE8GWc5m...
  • https://dev.eduid.se/login/e5a21321-78c3-43ff-9d13-531ffcd0dadf
437 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dev.eduid.se/login/e5a21321-78c3-43ff-9d13-531ffcd0dadf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.61 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
dev.eduid.se
Software
SUNET frontend /
Resource Hash
36984bb0cda0868f7e253551222c5c6d5d8f16f58459ca04505acc9f7fef7df5
Security Headers
Name Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
dev.eduid.se
:scheme
https
:path
/login/e5a21321-78c3-43ff-9d13-531ffcd0dadf
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
dev_sid=aI4NIQWZM2YNTF4MTTPHATMG4QTQRU7XDP2UCZZ6MSHBHUG4NHATTSFJR6JXR46DJD4C3Q6E2Q77GFYKOVCREXRKRIJRMEGIVU2ZOYSTY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 04 Oct 2021 10:05:23 GMT
content-type
text/html
last-modified
Wed, 29 Sep 2021 13:24:29 GMT
vary
Accept-Encoding
etag
W/"6154690d-1b5"
content-encoding
gzip
cache-control
no-cache
access-control-allow-origin
https://idp.dev.eduid.se
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Requested-With, Cache-Control, Pragma, Expires, Cookie, Set-Cookie
server
SUNET frontend
x-frame-options
DENY
x-xss-protection
1; mode=block
strict-transport-security
max-age=630720000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se

Redirect headers

date
Mon, 04 Oct 2021 10:05:23 GMT
content-type
text/html; charset=utf-8
content-length
333
location
https://dev.eduid.se/login/e5a21321-78c3-43ff-9d13-531ffcd0dadf
set-cookie
dev_sid=aI4NIQWZM2YNTF4MTTPHATMG4QTQRU7XDP2UCZZ6MSHBHUG4NHATTSFJR6JXR46DJD4C3Q6E2Q77GFYKOVCREXRKRIJRMEGIVU2ZOYSTY; Domain=dev.eduid.se; expires=Mon, 04-Oct-2021 14:05:23 GMT; Max-Age=14400; Path=/; SameSite=None; Secure SERVERID=idp-fre-1; path=/; HttpOnly; Secure
access-control-allow-origin
https://idp.dev.eduid.se
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Requested-With, Cache-Control, Pragma, Expires, Cookie, Set-Cookie
server
SUNET frontend
x-frame-options
DENY
x-xss-protection
1; mode=block
strict-transport-security
max-age=630720000; includeSubDomains; preload
x-content-type-options
nosniff
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
content-security-policy
default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se
login.staging.js
www.dev.eduid.se/static/front-build/ 		1 MB
347 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dev.eduid.se/static/front-build/login.staging.js?52893ed30524fd83c8d4
Requested by
Host: dev.eduid.se
URL: https://dev.eduid.se/login/e5a21321-78c3-43ff-9d13-531ffcd0dadf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.61 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
dev.eduid.se
Software
SUNET frontend /
Resource Hash
387e45c495229f45c5754eb306ab080d5aa85c8f3fe1aa3f95c35c97a72f7a08
Security Headers
Name Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dev.eduid.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 10:05:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
MISS
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 29 Sep 2021 13:24:29 GMT
server
SUNET frontend
x-frame-options
DENY
etag
W/"6154690d-154e97"
strict-transport-security
max-age=630720000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
content-security-policy
default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se
accept-ranges
bytes
x-cache-hits
0
config
dev.eduid.se/services/jsconfig/login/ 		719 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dev.eduid.se/services/jsconfig/login/config
Requested by
Host: www.dev.eduid.se
URL: https://www.dev.eduid.se/static/front-build/login.staging.js?52893ed30524fd83c8d4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.61 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
dev.eduid.se
Software
SUNET frontend /
Resource Hash
1066d6f868d5dee6e6715d6411449ad89f2d5fef410cb22db50c9b9f9312430f
Security Headers
Name Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
dev_sid=aI4NIQWZM2YNTF4MTTPHATMG4QTQRU7XDP2UCZZ6MSHBHUG4NHATTSFJR6JXR46DJD4C3Q6E2Q77GFYKOVCREXRKRIJRMEGIVU2ZOYSTY
:path
/services/jsconfig/login/config
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json; charset=utf-8
accept
application/json
cache-control
no-store, no-cache, must-revalidate
:authority
dev.eduid.se
referer
https://dev.eduid.se/login/e5a21321-78c3-43ff-9d13-531ffcd0dadf
:scheme
https
sec-fetch-site
same-origin
:method
GET
Pragma
no-cache
Cache-Control
no-store, no-cache, must-revalidate
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json
Referer
https://dev.eduid.se/login/e5a21321-78c3-43ff-9d13-531ffcd0dadf
X-Requested-With
XMLHttpRequest

Response headers

date
Mon, 04 Oct 2021 10:05:24 GMT
x-content-type-options
nosniff
server
SUNET frontend
x-frame-options
DENY
content-type
application/json
set-cookie
dev_sid=aI4NIQWZM2YNTF4MTTPHATMG4QTQRU7XDP2UCZZ6MSHBHUG4NHATTSFJR6JXR46DJD4C3Q6E2Q77GFYKOVCREXRKRIJRMEGIVU2ZOYSTY; Domain=dev.eduid.se; expires=Mon, 04-Oct-2021 14:05:24 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
content-security-policy
default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se
strict-transport-security
max-age=630720000; includeSubDomains; preload
content-length
719
x-xss-protection
1; mode=block
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46986e3c1463ab3777da03475b8bb5488f6e9e1e22ebff84ca2bdce74978c2b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
1fafbdf8698be516791daafcbfef5104.ttf
www.dev.eduid.se/static/front-build/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dev.eduid.se/static/front-build/1fafbdf8698be516791daafcbfef5104.ttf
Requested by
Host: dev.eduid.se
URL: https://dev.eduid.se/login/e5a21321-78c3-43ff-9d13-531ffcd0dadf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.61 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
dev.eduid.se
Software
SUNET frontend /
Resource Hash
21fa72f6ff7ff617e03f321d8ec8e7105b9079fe2be2908bda16229ddbb11805
Security Headers
Name Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev.eduid.se/
Origin
https://dev.eduid.se
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 10:05:24 GMT
x-content-type-options
nosniff
age
0
x-cache
MISS
content-length
90112
x-xss-protection
1; mode=block
last-modified
Wed, 29 Sep 2021 13:25:29 GMT
server
SUNET frontend
x-frame-options
DENY
etag
"61546949-16000"
strict-transport-security
max-age=630720000; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
*
content-security-policy
default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se
accept-ranges
bytes
x-cache-hits
0
811046deeaccba1f4639abf494368d2f.ttf
www.dev.eduid.se/static/front-build/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dev.eduid.se/static/front-build/811046deeaccba1f4639abf494368d2f.ttf
Requested by
Host: dev.eduid.se
URL: https://dev.eduid.se/login/e5a21321-78c3-43ff-9d13-531ffcd0dadf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.61 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
dev.eduid.se
Software
SUNET frontend /
Resource Hash
6345802647648f7a72932774180931cdbb4a2ff47ae87c2535e72a84914d7bd1
Security Headers
Name Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev.eduid.se/
Origin
https://dev.eduid.se
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 10:05:24 GMT
x-content-type-options
nosniff
age
0
x-cache
MISS
content-length
23476
x-xss-protection
1; mode=block
last-modified
Wed, 29 Sep 2021 13:25:29 GMT
server
SUNET frontend
x-frame-options
DENY
etag
"61546949-5bb4"
strict-transport-security
max-age=630720000; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
*
content-security-policy
default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se
accept-ranges
bytes
x-cache-hits
0
/
monitor.dev.eduid.se/api/17/store/ 		41 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monitor.dev.eduid.se/api/17/store/?sentry_key=9161e1ddcb044ad183f93de38c453255&sentry_version=7
Requested by
Host: www.dev.eduid.se
URL: https://www.dev.eduid.se/static/front-build/login.staging.js?52893ed30524fd83c8d4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.11 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
monitor.dev.eduid.se
Software
SUNET frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://monitor.dev.eduid.se; script-src 'unsafe-eval' 'unsafe-inline' https://monitor.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://monitor.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://monitor.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://monitor.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; connect-src https://monitor.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev.eduid.se/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Oct 2021 10:05:24 GMT
x-content-type-options
nosniff
vary
Accept-Language, Cookie
content-length
41
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 04 Oct 2021 10:05:24 GMT
server
SUNET frontend
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=630720000; includeSubDomains; preload
access-control-allow-methods
GET, POST, HEAD, OPTIONS
content-language
de
access-control-allow-origin
https://dev.eduid.se
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src https://monitor.dev.eduid.se; script-src 'unsafe-eval' 'unsafe-inline' https://monitor.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://monitor.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://monitor.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://monitor.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; connect-src https://monitor.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se
content-type
application/json
access-control-allow-headers
X-Sentry-Auth, X-Requested-With, Origin, Accept, Content-Type, Authentication
expires
0
next
idp.dev.eduid.se/services/idp/ 		209 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idp.dev.eduid.se/services/idp/next
Requested by
Host: www.dev.eduid.se
URL: https://www.dev.eduid.se/static/front-build/login.staging.js?52893ed30524fd83c8d4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.21 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
idp.dev.eduid.se
Software
SUNET frontend /
Resource Hash
53a0b58670cc4f1072c3f1eaa4a941a1785811335a5da3568abde99c9d9df69e
Security Headers
Name Value
Content-Security-Policy default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Cache-Control
no-store, no-cache, must-revalidate
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json
Referer
https://dev.eduid.se/
X-Requested-With
XMLHttpRequest

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 10:05:24 GMT
x-content-type-options
nosniff
server
SUNET frontend
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://dev.eduid.se
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-security-policy
default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se
strict-transport-security
max-age=630720000; includeSubDomains; preload
access-control-allow-headers
Content-Type, X-Requested-With, Cache-Control, Pragma, Expires, Cookie, Set-Cookie
content-length
209
x-xss-protection
1; mode=block
expires
0
next
idp.dev.eduid.se/services/idp/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://idp.dev.eduid.se/services/idp/next
Protocol
H2
Server
130.242.131.21 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
idp.dev.eduid.se
Software
SUNET frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
cache-control,content-type,pragma,x-requested-with
Origin
https://dev.eduid.se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 04 Oct 2021 10:05:24 GMT
content-type
text/html; charset=utf-8
allow
POST, OPTIONS
content-length
0
access-control-allow-origin
https://dev.eduid.se
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Requested-With, Cache-Control, Pragma, Expires, Cookie, Set-Cookie
server
SUNET frontend
x-frame-options
DENY
x-xss-protection
1; mode=block
strict-transport-security
max-age=630720000; includeSubDomains; preload
x-content-type-options
nosniff
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
content-security-policy
default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se
94a7533d2beca88466b95832813777e5.ttf
www.dev.eduid.se/static/front-build/ 		87 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dev.eduid.se/static/front-build/94a7533d2beca88466b95832813777e5.ttf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.61 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
dev.eduid.se
Software
SUNET frontend /
Resource Hash
67206bc94e1134b00ad5f43f70406d04b92c0c366b4a61cf224a7d46a7ac9b8a
Security Headers
Name Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev.eduid.se/
Origin
https://dev.eduid.se
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 10:05:24 GMT
x-content-type-options
nosniff
age
0
x-cache
MISS
content-length
89208
x-xss-protection
1; mode=block
last-modified
Wed, 29 Sep 2021 13:25:29 GMT
server
SUNET frontend
x-frame-options
DENY
etag
"61546949-15c78"
strict-transport-security
max-age=630720000; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
*
content-security-policy
default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se
accept-ranges
bytes
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| __SENTRY__ function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ object| regeneratorRuntime object| __core-js_shared__ object| core object| global object| System function| asap function| Observable boolean| _babelPolyfill

4 Cookies

Domain/Path Name / Value
support.dev.eduid.se/ Name: SERVERID
Value: apps-tug-1
.dev.eduid.se/ Name: dev_sid
Value: aI4NIQWZM2YNTF4MTTPHATMG4QTQRU7XDP2UCZZ6MSHBHUG4NHATTSFJR6JXR46DJD4C3Q6E2Q77GFYKOVCREXRKRIJRMEGIVU2ZOYSTY
dashboard.dev.eduid.se/ Name: SERVERID
Value: apps-fre-1
idp.dev.eduid.se/ Name: SERVERID
Value: idp-fre-1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block