urlscan.io logo urlscan.io
SecurityTrails logo

dev.eduid.se Open in urlscan Pro
130.242.131.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bankid.dev.eduid.se/
Effective URL: https://dev.eduid.se/login/88710c6b-a63d-4044-959f-888cf4fdd452
Submission: On November 28 via automatic, source certstream-suspicious — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 130.242.131.62, located in Sweden and belongs to SUNET SUNET Swedish University Network, EU. The main domain is dev.eduid.se.
TLS certificate: Issued by R3 on October 17th 2023. Valid for: 3 months.
This is the only time dev.eduid.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 130.242.131.58 1653 (SUNET SUN...)
1 1 130.242.131.52 1653 (SUNET SUN...)
1 7 130.242.131.22 1653 (SUNET SUN...)
8 130.242.131.62 1653 (SUNET SUN...)
14 2
1    130.242.131.58 (Sweden)

ASN1653 (SUNET SUNET Swedish University Network, EU)
bankid.dev.eduid.se
1    130.242.131.52 (Sweden)

ASN1653 (SUNET SUNET Swedish University Network, EU)
PTR: dashboard.dev.eduid.se
dashboard.dev.eduid.se
7    130.242.131.22 (Sweden)

ASN1653 (SUNET SUNET Swedish University Network, EU)
PTR: idp.dev.eduid.se
idp.dev.eduid.se
8    130.242.131.62 (Sweden)

ASN1653 (SUNET SUNET Swedish University Network, EU)
PTR: dev.eduid.se
dev.eduid.se
www.dev.eduid.se
Domain Requested by
7 idp.dev.eduid.se 1 redirects www.dev.eduid.se
6 www.dev.eduid.se dev.eduid.se
2 dev.eduid.se www.dev.eduid.se
1 dashboard.dev.eduid.se 1 redirects
1 bankid.dev.eduid.se 1 redirects
14 5

This site contains links to these domains. Also see Links.

Domain
dashboard.dev.eduid.se
signup.dev.eduid.se
www.sunet.se
Subject Issuer Validity Valid
www.dev.eduid.se
R3		 2023-10-17 -
2024-01-15		 3 months crt.sh
idp.dev.eduid.se
R3		 2023-10-17 -
2024-01-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dev.eduid.se/login/88710c6b-a63d-4044-959f-888cf4fdd452
Frame ID: 057809A191516539314EA374A3E92010
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in | eduID

Page URL History Show full URLs

  1. https://bankid.dev.eduid.se/ HTTP 302
    https://dashboard.dev.eduid.se/services/authn/login?next=https%3A%2F%2Fbankid.dev.eduid.se%2F HTTP 302
    https://idp.dev.eduid.se/sso/redirect?SAMLRequest=nZJPTwIxEMW%2FStP7%2FmGJURvYBCFGFCOBRRNvw3Zka9gWO7M... HTTP 302
    https://dev.eduid.se/login/88710c6b-a63d-4044-959f-888cf4fdd452 Page URL

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

5
Subdomains

2
IPs

1
Countries

3086 kB
Transfer

8479 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bankid.dev.eduid.se/ HTTP 302
    https://dashboard.dev.eduid.se/services/authn/login?next=https%3A%2F%2Fbankid.dev.eduid.se%2F HTTP 302
    https://idp.dev.eduid.se/sso/redirect?SAMLRequest=nZJPTwIxEMW%2FStP7%2FmGJURvYBCFGFCOBRRNvw3Zka9gWO7MIfnoLqEQPHDzOy3uZ37xMx1Kqeg1XdoJvDRKLTb20pILclY23ygGZMEKNpLhU0979SGVxqlbesSvdUv4EWqcDQISejbNSDAddaXT0uthM%2BreXYD7S7dP8vbqT4hE9BUtXhkTwETU4tMRgOUhp1o5arSi7KNJzddZWafosxSAwGwu8T1XMK1JJYvQq1riOUTdGx4QJkUs8auOxZCnGX%2BxXxmpjF6e55wcTqZuiGEfjh2khRe%2F7lr6z1NTop%2BjXpsTZZHSE0EDV3IHXf1AOVkpg13pCUC%2BzCEqSeSd0qPY3e3HtfA18mmynhBpf9laFlg1vZf6f9TUyaGDoJEeEfDf8%2Fo38Ew%3D%3D HTTP 302
    https://dev.eduid.se/login/88710c6b-a63d-4044-959f-888cf4fdd452 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 88710c6b-a63d-4044-959f-888cf4fdd452
dev.eduid.se/login/
Redirect Chain
  • https://bankid.dev.eduid.se/
  • https://dashboard.dev.eduid.se/services/authn/login?next=https%3A%2F%2Fbankid.dev.eduid.se%2F
  • https://idp.dev.eduid.se/sso/redirect?SAMLRequest=nZJPTwIxEMW%2FStP7%2FmGJURvYBCFGFCOBRRNvw3Zka9gWO7MIfnoLqEQPHDzOy3uZ37xMx1Kqeg1XdoJvDRKLTb20pILclY23ygGZMEKNpLhU0979SGVxqlbesSvdUv4EWqcDQISejbNSDAd...
  • https://dev.eduid.se/login/88710c6b-a63d-4044-959f-888cf4fdd452
490 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dev.eduid.se/login/88710c6b-a63d-4044-959f-888cf4fdd452
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.62 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
dev.eduid.se
Software
SUNET frontend /
Resource Hash
04bca1b4277e2fbd1ec310c44ffe4bb0beaf88ed389a4b2fec3d2c0ca213dc4e
Security Headers
Name Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Requested-With, Cache-Control, Pragma, Expires, Cookie, Set-Cookie
access-control-allow-origin
https://idp.dev.eduid.se
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
content-type
text/html
date
Tue, 28 Nov 2023 07:53:01 GMT
etag
W/"65311f6d-1ea"
last-modified
Thu, 19 Oct 2023 12:22:05 GMT
server
SUNET frontend
strict-transport-security
max-age=630720000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
313
content-security-policy
default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 07:53:01 GMT
expires
0
location
https://dev.eduid.se/login/88710c6b-a63d-4044-959f-888cf4fdd452
pragma
no-cache
server
SUNET frontend
strict-transport-security
max-age=630720000; includeSubDomains; preload
x-content-type-options
nosniff
index.staging.js
www.dev.eduid.se/static/front-build/ 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dev.eduid.se/static/front-build/index.staging.js?f3973e6f8cd0d4f50bd3
Requested by
Host: dev.eduid.se
URL: https://dev.eduid.se/login/88710c6b-a63d-4044-959f-888cf4fdd452
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.62 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
dev.eduid.se
Software
SUNET frontend /
Resource Hash
9eb0bcd9bd0e478689907467beb90d0d6ee1172c722a293964ffe66e251ceb70
Security Headers
Name Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://dev.eduid.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=630720000; includeSubDomains; preload
content-security-policy
default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
age
53
x-cache
HIT
content-length
1723790
last-modified
Thu, 19 Oct 2023 12:22:05 GMT
server
SUNET frontend
etag
W/"65311f6d-6eb945"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1
config
dev.eduid.se/services/jsconfig/login/ 		3 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dev.eduid.se/services/jsconfig/login/config
Requested by
Host: www.dev.eduid.se
URL: https://www.dev.eduid.se/static/front-build/index.staging.js?f3973e6f8cd0d4f50bd3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.62 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
dev.eduid.se
Software
SUNET frontend /
Resource Hash
3bf0447da6e7183c0ed3b5cc829fd26b9ab1830c2bc4599af9264250a6addc85
Security Headers
Name Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json
Cache-Control
no-store, no-cache, must-revalidate
Referer
https://dev.eduid.se/login/88710c6b-a63d-4044-959f-888cf4fdd452
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 28 Nov 2023 07:53:02 GMT
strict-transport-security
max-age=630720000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
server
SUNET frontend
content-length
3245
content-type
application/json
e2f802f1c3fc5a38f1d7.svg
www.dev.eduid.se/static/front-build/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dev.eduid.se/static/front-build/e2f802f1c3fc5a38f1d7.svg
Requested by
Host: dev.eduid.se
URL: https://dev.eduid.se/login/88710c6b-a63d-4044-959f-888cf4fdd452
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.62 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
dev.eduid.se
Software
SUNET frontend /
Resource Hash
a4a222fa3a2508c868d18b363ab6589ee0bf64f670eedfc6ac15beff6b4b976c
Security Headers
Name Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://dev.eduid.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:53:02 GMT
strict-transport-security
max-age=630720000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
last-modified
Thu, 19 Oct 2023 12:22:05 GMT
server
SUNET frontend
age
0
etag
"65311f6d-1192"
x-cache
MISS
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
4498
x-cache-hits
0
47ac7cea01c16fae47b2.svg
www.dev.eduid.se/static/front-build/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dev.eduid.se/static/front-build/47ac7cea01c16fae47b2.svg
Requested by
Host: dev.eduid.se
URL: https://dev.eduid.se/login/88710c6b-a63d-4044-959f-888cf4fdd452
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.62 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
dev.eduid.se
Software
SUNET frontend /
Resource Hash
2e9a5af4cd7f66d4fc766e5cb221043f38227d3a7bbee4f4e08674d1497c58c1
Security Headers
Name Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://dev.eduid.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 06:19:07 GMT
strict-transport-security
max-age=630720000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
last-modified
Thu, 19 Oct 2023 12:22:05 GMT
server
SUNET frontend
age
5634
etag
"65311f6d-b93"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
2963
x-cache-hits
1
e99bfa47ab844a34eba8.ttf
www.dev.eduid.se/static/front-build/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dev.eduid.se/static/front-build/e99bfa47ab844a34eba8.ttf
Requested by
Host: dev.eduid.se
URL: https://dev.eduid.se/login/88710c6b-a63d-4044-959f-888cf4fdd452
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.62 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
dev.eduid.se
Software
SUNET frontend /
Resource Hash
6345802647648f7a72932774180931cdbb4a2ff47ae87c2535e72a84914d7bd1
Security Headers
Name Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dev.eduid.se/
Origin
https://dev.eduid.se
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:53:02 GMT
strict-transport-security
max-age=630720000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
last-modified
Thu, 19 Oct 2023 12:22:05 GMT
server
SUNET frontend
age
0
etag
"65311f6d-5bb4"
x-cache
MISS
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
content-length
23476
x-cache-hits
0
96ce55e3ba0d6a209090.ttf
www.dev.eduid.se/static/front-build/ 		664 KB
665 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dev.eduid.se/static/front-build/96ce55e3ba0d6a209090.ttf
Requested by
Host: dev.eduid.se
URL: https://dev.eduid.se/login/88710c6b-a63d-4044-959f-888cf4fdd452
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.62 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
dev.eduid.se
Software
SUNET frontend /
Resource Hash
529be850e06f62f8904f22bda77e45bde4834498fdbec4ff4201fa3177447a3a
Security Headers
Name Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dev.eduid.se/
Origin
https://dev.eduid.se
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:53:02 GMT
strict-transport-security
max-age=630720000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
last-modified
Thu, 19 Oct 2023 12:22:05 GMT
server
SUNET frontend
age
0
etag
"65311f6d-a6130"
x-cache
MISS
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
content-length
680240
x-cache-hits
0
next
idp.dev.eduid.se/services/idp/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://idp.dev.eduid.se/services/idp/next
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.22 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
idp.dev.eduid.se
Software
SUNET frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,pragma,x-requested-with
Access-Control-Request-Method
POST
Origin
https://dev.eduid.se
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
cache-control, content-type, pragma, x-requested-with
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://dev.eduid.se
allow
OPTIONS, POST
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 07:53:02 GMT
expires
0
pragma
no-cache
server
SUNET frontend
strict-transport-security
max-age=630720000; includeSubDomains; preload
vary
Origin
x-content-type-options
nosniff
next
idp.dev.eduid.se/services/idp/ 		124 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idp.dev.eduid.se/services/idp/next
Requested by
Host: www.dev.eduid.se
URL: https://www.dev.eduid.se/static/front-build/index.staging.js?f3973e6f8cd0d4f50bd3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.22 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
idp.dev.eduid.se
Software
SUNET frontend /
Resource Hash
3f28d55595cd1e23dff27c46127fd6d2affc3428d6b734067e2fa4e694975b33
Security Headers
Name Value
Content-Security-Policy default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json
Cache-Control
no-store, no-cache, must-revalidate
Referer
https://dev.eduid.se/
X-Requested-With
XMLHttpRequest

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 07:53:02 GMT
strict-transport-security
max-age=630720000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; frame-ancestors 'none'
server
SUNET frontend
vary
Origin
content-type
application/json
access-control-allow-origin
https://dev.eduid.se
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
124
expires
0
new_device
idp.dev.eduid.se/services/idp/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://idp.dev.eduid.se/services/idp/new_device
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.22 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
idp.dev.eduid.se
Software
SUNET frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,pragma,x-requested-with
Access-Control-Request-Method
POST
Origin
https://dev.eduid.se
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
cache-control, content-type, pragma, x-requested-with
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://dev.eduid.se
allow
POST, OPTIONS
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 07:53:02 GMT
expires
0
pragma
no-cache
server
SUNET frontend
strict-transport-security
max-age=630720000; includeSubDomains; preload
vary
Origin
x-content-type-options
nosniff
new_device
idp.dev.eduid.se/services/idp/ 		296 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idp.dev.eduid.se/services/idp/new_device
Requested by
Host: www.dev.eduid.se
URL: https://www.dev.eduid.se/static/front-build/index.staging.js?f3973e6f8cd0d4f50bd3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.22 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
idp.dev.eduid.se
Software
SUNET frontend /
Resource Hash
95cad252aaf9a0b764b8f4abefd08c10f71cc2dc1623df4be4be80cd93622558
Security Headers
Name Value
Content-Security-Policy default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json
Cache-Control
no-store, no-cache, must-revalidate
Referer
https://dev.eduid.se/
X-Requested-With
XMLHttpRequest

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 07:53:02 GMT
strict-transport-security
max-age=630720000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; frame-ancestors 'none'
server
SUNET frontend
vary
Origin
content-type
application/json
access-control-allow-origin
https://dev.eduid.se
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
296
expires
0
b530b95d6280f6ad602c.ttf
www.dev.eduid.se/static/front-build/ 		693 KB
694 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dev.eduid.se/static/front-build/b530b95d6280f6ad602c.ttf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.62 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
dev.eduid.se
Software
SUNET frontend /
Resource Hash
2de533bda937a063c595b07c6bd9b70c8c5087d0649a1c8330f7ac11fcc05602
Security Headers
Name Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dev.eduid.se/
Origin
https://dev.eduid.se
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:53:02 GMT
strict-transport-security
max-age=630720000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
last-modified
Thu, 19 Oct 2023 12:22:05 GMT
server
SUNET frontend
age
0
etag
"65311f6d-ad598"
x-cache
MISS
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
content-length
710040
x-cache-hits
0
next
idp.dev.eduid.se/services/idp/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://idp.dev.eduid.se/services/idp/next
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.22 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
idp.dev.eduid.se
Software
SUNET frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,pragma,x-requested-with
Access-Control-Request-Method
POST
Origin
https://dev.eduid.se
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
cache-control, content-type, pragma, x-requested-with
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://dev.eduid.se
allow
OPTIONS, POST
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 07:53:02 GMT
expires
0
pragma
no-cache
server
SUNET frontend
strict-transport-security
max-age=630720000; includeSubDomains; preload
vary
Origin
x-content-type-options
nosniff
next
idp.dev.eduid.se/services/idp/ 		462 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idp.dev.eduid.se/services/idp/next
Requested by
Host: www.dev.eduid.se
URL: https://www.dev.eduid.se/static/front-build/index.staging.js?f3973e6f8cd0d4f50bd3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.242.131.22 , Sweden, ASN1653 (SUNET SUNET Swedish University Network, EU),
Reverse DNS
idp.dev.eduid.se
Software
SUNET frontend /
Resource Hash
4194ee4bc9d9d05926ab0b3bee865c41a4adacf30b77a606b68848a8bb666540
Security Headers
Name Value
Content-Security-Policy default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json
Cache-Control
no-store, no-cache, must-revalidate
Referer
https://dev.eduid.se/
X-Requested-With
XMLHttpRequest

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 07:53:02 GMT
strict-transport-security
max-age=630720000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; script-src https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; font-src https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://idp.dev.eduid.se https://dev.eduid.se https://www.dev.eduid.se; frame-ancestors 'none'
server
SUNET frontend
vary
Origin
content-type
application/json
access-control-allow-origin
https://dev.eduid.se
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
462
expires
0

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| __REACT_INTL_CONTEXT__ object| FontAwesomeConfig object| ___FONT_AWESOME___ boolean| __EMOTION_REACT_11__

4 Cookies

Domain/Path Name / Value
bankid.dev.eduid.se/ Name: SERVERID
Value: apps-fre-1
.dev.eduid.se/ Name: dev_sid
Value: aHSUNQAVCZTZCG6AQMKBLVVR3HSD2ESYHEX7RVWQZJN622NZIQIBTFMIESVISILGCEXLS2O4JWA4OXMXCF3VTAKIERGWNP6WK4VWLKPDY
dashboard.dev.eduid.se/ Name: SERVERID
Value: apps-fre-1
idp.dev.eduid.se/ Name: SERVERID
Value: idp-fre-1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https://dev.eduid.se https://www.dev.eduid.se; style-src 'unsafe-inline' https://dev.eduid.se https://www.dev.eduid.se; img-src data: https://dev.eduid.se https://www.dev.eduid.se; connect-src https://dev.eduid.se https://www.dev.eduid.se https://idp.dev.eduid.se https://monitor.dev.eduid.se https://eidas.dev.eduid.se https://bankid.dev.eduid.se; frame-ancestors 'none'
Strict-Transport-Security max-age=630720000; includeSubDomains; preload
X-Content-Type-Options nosniff