urlscan.io logo urlscan.io
SecurityTrails logo

auth.suisa.ch Open in urlscan Pro
193.8.197.213  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://selfservice.suisa.ch/
Effective URL: https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redire...
Submission: On November 26 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 193.8.197.213, located in Zurich, Switzerland and belongs to SUISA, CH. The main domain is auth.suisa.ch.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 3rd 2021. Valid for: a year.
This is the only time auth.suisa.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 193.8.197.200 199819 (SUISA)
14 193.8.197.213 199819 (SUISA)
14 1
Apex Domain
Subdomains		 Transfer
17 suisa.ch
selfservice.suisa.ch
auth.suisa.ch
1 MB
14 1
Domain Requested by
14 auth.suisa.ch auth.suisa.ch
3 selfservice.suisa.ch 3 redirects
14 2

This site contains no links.

Subject Issuer Validity Valid
*.suisa.ch
Go Daddy Secure Certificate Authority - G2		 2021-06-03 -
2022-07-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2FPortal&state=8e25cea7-f425-4cce-89ff-09504edbebd4&login=true&scope=openid
Frame ID: 98B6513B72D44FACBEFB3C5DF028663A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmeldung bei SUISA Mein Konto

Page URL History Show full URLs

  1. http://selfservice.suisa.ch/ HTTP 302
    https://selfservice.suisa.ch/ HTTP 302
    https://selfservice.suisa.ch/internal/entrypoint/MyAccount/Portal HTTP 302
    https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id... Page URL

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

1122 kB
Transfer

1114 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://selfservice.suisa.ch/ HTTP 302
    https://selfservice.suisa.ch/ HTTP 302
    https://selfservice.suisa.ch/internal/entrypoint/MyAccount/Portal HTTP 302
    https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2FPortal&state=8e25cea7-f425-4cce-89ff-09504edbebd4&login=true&scope=openid Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
auth.suisa.ch/auth/realms/portal/protocol/openid-connect/
Redirect Chain
  • http://selfservice.suisa.ch/
  • https://selfservice.suisa.ch/
  • https://selfservice.suisa.ch/internal/entrypoint/MyAccount/Portal
  • https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2...
6 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2FPortal&state=8e25cea7-f425-4cce-89ff-09504edbebd4&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.8.197.213 Zurich, Switzerland, ASN199819 (SUISA, CH),
Reverse DNS
Software
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
1c083862f62c18fb09112929e62cde76cc7cb4e61c3cf4fa2610b8dfa92045f5
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com
Strict-Transport-Security max-age=31536000 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 26 Nov 2021 14:17:23 GMT
Server
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Strict-Transport-Security
max-age=31536000 max-age=31536000; includeSubDomains
Cache-Control
no-store, must-revalidate, max-age=0
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Referrer-Policy
no-referrer
Content-Security-Policy
frame-src 'self' https://www.google.com
X-Robots-Tag
none
X-Content-Type-Options
nosniff
Content-Type
text/html;charset=utf-8
Content-Length
6238
Content-Language
de
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive

Redirect headers

Cache-Control
private
Expires
Thu, 01 Jan 1970 01:00:00 CET
Location
https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2FPortal&state=8e25cea7-f425-4cce-89ff-09504edbebd4&login=true&scope=openid
Content-Length
0
Date
Fri, 26 Nov 2021 14:17:22 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
base.css
auth.suisa.ch/auth/resources/3w0n5/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 		38 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.suisa.ch/auth/resources/3w0n5/common/keycloak/web_modules/@patternfly/react-core/dist/styles/base.css
Requested by
Host: auth.suisa.ch
URL: https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2FPortal&state=8e25cea7-f425-4cce-89ff-09504edbebd4&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.8.197.213 Zurich, Switzerland, ASN199819 (SUISA, CH),
Reverse DNS
Software
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
aef2ee595f506315b93b2bf2f5b80ff9fd98513bd61b3004f0e569ec66366c1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 14:17:23 GMT
Referrer-Policy
no-referrer
Server
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000, max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=99
content-length
38839
X-XSS-Protection
1; mode=block
app.css
auth.suisa.ch/auth/resources/3w0n5/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 		497 KB
497 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.suisa.ch/auth/resources/3w0n5/common/keycloak/web_modules/@patternfly/react-core/dist/styles/app.css
Requested by
Host: auth.suisa.ch
URL: https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2FPortal&state=8e25cea7-f425-4cce-89ff-09504edbebd4&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.8.197.213 Zurich, Switzerland, ASN199819 (SUISA, CH),
Reverse DNS
Software
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
f854bf8b6b8d277c129f8c35ddf8bae8b152e2597cefc16dab7f3eb72a27560e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 14:17:23 GMT
Referrer-Policy
no-referrer
Server
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000, max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=100
content-length
508766
X-XSS-Protection
1; mode=block
patternfly.min.css
auth.suisa.ch/auth/resources/3w0n5/common/keycloak/node_modules/patternfly/dist/css/ 		178 KB
179 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.suisa.ch/auth/resources/3w0n5/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Requested by
Host: auth.suisa.ch
URL: https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2FPortal&state=8e25cea7-f425-4cce-89ff-09504edbebd4&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.8.197.213 Zurich, Switzerland, ASN199819 (SUISA, CH),
Reverse DNS
Software
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 14:17:23 GMT
Referrer-Policy
no-referrer
Server
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000, max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=100
content-length
182755
X-XSS-Protection
1; mode=block
patternfly-additions.min.css
auth.suisa.ch/auth/resources/3w0n5/common/keycloak/node_modules/patternfly/dist/css/ 		220 KB
220 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.suisa.ch/auth/resources/3w0n5/common/keycloak/node_modules/patternfly/dist/css/patternfly-additions.min.css
Requested by
Host: auth.suisa.ch
URL: https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2FPortal&state=8e25cea7-f425-4cce-89ff-09504edbebd4&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.8.197.213 Zurich, Switzerland, ASN199819 (SUISA, CH),
Reverse DNS
Software
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 14:17:23 GMT
Referrer-Policy
no-referrer
Server
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000, max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=100
content-length
225030
X-XSS-Protection
1; mode=block
pficon.css
auth.suisa.ch/auth/resources/3w0n5/common/keycloak/lib/pficon/ 		577 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.suisa.ch/auth/resources/3w0n5/common/keycloak/lib/pficon/pficon.css
Requested by
Host: auth.suisa.ch
URL: https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2FPortal&state=8e25cea7-f425-4cce-89ff-09504edbebd4&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.8.197.213 Zurich, Switzerland, ASN199819 (SUISA, CH),
Reverse DNS
Software
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 14:17:23 GMT
Referrer-Policy
no-referrer
Server
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000, max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=100
Content-Length
577
X-XSS-Protection
1; mode=block
login.css
auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/css/ 		14 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/css/login.css
Requested by
Host: auth.suisa.ch
URL: https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2FPortal&state=8e25cea7-f425-4cce-89ff-09504edbebd4&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.8.197.213 Zurich, Switzerland, ASN199819 (SUISA, CH),
Reverse DNS
Software
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
26052d819c3c6b772296aa23f2f6df73ef6876ab55376a8b334cd4e8615a327a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 14:17:23 GMT
Referrer-Policy
no-referrer
Server
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000, max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=100
Content-Length
14709
X-XSS-Protection
1; mode=block
logo.css
auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/css/ 		472 B
966 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/css/logo.css
Requested by
Host: auth.suisa.ch
URL: https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2FPortal&state=8e25cea7-f425-4cce-89ff-09504edbebd4&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.8.197.213 Zurich, Switzerland, ASN199819 (SUISA, CH),
Reverse DNS
Software
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
1e86ead93d08940d8ad509665fd8338540118b149e9a5f3accc2cad0d64047e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 14:17:23 GMT
Referrer-Policy
no-referrer
Server
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000, max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=98
Content-Length
472
X-XSS-Protection
1; mode=block
styles.css
auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/css/ 		13 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/css/styles.css
Requested by
Host: auth.suisa.ch
URL: https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2FPortal&state=8e25cea7-f425-4cce-89ff-09504edbebd4&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.8.197.213 Zurich, Switzerland, ASN199819 (SUISA, CH),
Reverse DNS
Software
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
dbf20bec1717fb231f27b2b77d3a4ea64bd0a4a875487d644b94051ee446f6b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 14:17:23 GMT
Referrer-Policy
no-referrer
Server
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000, max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=99
Content-Length
13651
X-XSS-Protection
1; mode=block
flyingfocus.css
auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/css/ 		753 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/css/flyingfocus.css
Requested by
Host: auth.suisa.ch
URL: https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2FPortal&state=8e25cea7-f425-4cce-89ff-09504edbebd4&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.8.197.213 Zurich, Switzerland, ASN199819 (SUISA, CH),
Reverse DNS
Software
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
0de8b1caa6b5563658bdb62e73bece55b282d7f058f9b347494089c2ec766ecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 14:17:23 GMT
Referrer-Policy
no-referrer
Server
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000, max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=97
Content-Length
753
X-XSS-Protection
1; mode=block
flyingfocus.js
auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/js/flyingfocus.js
Requested by
Host: auth.suisa.ch
URL: https://auth.suisa.ch/auth/realms/portal/protocol/openid-connect/auth?response_type=code&client_id=suisa-portal&redirect_uri=https%3A%2F%2Fselfservice.suisa.ch%2Finternal%2Fentrypoint%2FMyAccount%2FPortal&state=8e25cea7-f425-4cce-89ff-09504edbebd4&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.8.197.213 Zurich, Switzerland, ASN199819 (SUISA, CH),
Reverse DNS
Software
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
9e8f06bd8ee6d1c2075c72390dafec5d4d9003d4a08e1125478f7c04f5dfc309
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 14:17:23 GMT
Referrer-Policy
no-referrer
Server
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000, max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=99
Content-Length
6904
X-XSS-Protection
1; mode=block
logo.svg
auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/img/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/img/logo.svg
Requested by
Host: auth.suisa.ch
URL: https://auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/css/logo.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.8.197.213 Zurich, Switzerland, ASN199819 (SUISA, CH),
Reverse DNS
Software
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
7a6d4e505339265333a97c06aee7b1208c83616413e8d3cf9b4940d1c761ea40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 14:17:24 GMT
Referrer-Policy
no-referrer
Server
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/svg+xml
Cache-Control
no-cache
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000, max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=99
content-length
29543
X-XSS-Protection
1; mode=block
SuisseIntl-SemiBold-WebXL.woff2
auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/fonts/ 		67 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/fonts/SuisseIntl-SemiBold-WebXL.woff2
Requested by
Host: auth.suisa.ch
URL: https://auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.8.197.213 Zurich, Switzerland, ASN199819 (SUISA, CH),
Reverse DNS
Software
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
67609e665817139130bb0a15732d863ece5b4b1a1cc461b517b4864d4e44973f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://auth.suisa.ch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 14:17:24 GMT
Referrer-Policy
no-referrer
Server
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
application/octet-stream
Cache-Control
no-cache
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000, max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=99
content-length
68892
X-XSS-Protection
1; mode=block
SuisseIntl-Book-WebXL.woff2
auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/fonts/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/fonts/SuisseIntl-Book-WebXL.woff2
Requested by
Host: auth.suisa.ch
URL: https://auth.suisa.ch/auth/resources/3w0n5/login/suisa-portal/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.8.197.213 Zurich, Switzerland, ASN199819 (SUISA, CH),
Reverse DNS
Software
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
3478695c1b262f9144847cb216b6f21981b2e759b24e56a4052aead1b0cbd64b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://auth.suisa.ch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 14:17:24 GMT
Referrer-Policy
no-referrer
Server
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
application/octet-stream
Cache-Control
no-cache
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000, max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=99
content-length
43556
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

7 Cookies

Domain/Path Name / Value
auth.suisa.ch/auth/realms/portal/ Name: AUTH_SESSION_ID
Value: 68836fc1-8966-47f8-a5a2-a2bf3d955c70.keycloakprod02
auth.suisa.ch/auth/realms/portal/ Name: AUTH_SESSION_ID_LEGACY
Value: 68836fc1-8966-47f8-a5a2-a2bf3d955c70.keycloakprod02
auth.suisa.ch/auth/realms/portal/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJiYjRhZTU0ZS0zZGQyLTQ4ZjQtYmYyYi05YzZjNjI4Njc3NmIifQ.eyJjaWQiOiJzdWlzYS1wb3J0YWwiLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL3NlbGZzZXJ2aWNlLnN1aXNhLmNoL2ludGVybmFsL2VudHJ5cG9pbnQvTXlBY2NvdW50L1BvcnRhbCIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9hdXRoLnN1aXNhLmNoL2F1dGgvcmVhbG1zL3BvcnRhbCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9zZWxmc2VydmljZS5zdWlzYS5jaC9pbnRlcm5hbC9lbnRyeXBvaW50L015QWNjb3VudC9Qb3J0YWwiLCJzdGF0ZSI6IjhlMjVjZWE3LWY0MjUtNGNjZS04OWZmLTA5NTA0ZWRiZWJkNCIsImNsaWVudF9yZXF1ZXN0X3BhcmFtX2xvZ2luIjoidHJ1ZSJ9fQ.AAhbG1D05tyE_Auc-0giQ35nKTuv98iaTA4ITh4G4fw
selfservice.suisa.ch/ Name: JSESSIONID
Value: F3C04588C174C7B8707A3A95363D2107
selfservice.suisa.ch/ Name: cookiesession1
Value: 678A3E0D9890123ABCDEFGHIJKLMDDFC
selfservice.suisa.ch/ Name: OAuth_Token_Request_State
Value: 8e25cea7-f425-4cce-89ff-09504edbebd4
auth.suisa.ch/ Name: cookiesession1
Value: 678A3E1FOPRSTUVWXYZABCDEFGHI82F0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src 'self' https://www.google.com
Strict-Transport-Security max-age=31536000 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block