federation.auth.schwarz

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 185.124.192.136, located in Heilbronn, Germany and belongs to SCHWARZ-IT-LEGACY, DE. The main domain is federation.auth.schwarz.
TLS certificate: Issued by SwissSign RSA TLS EV ICA 2022 - 1 on October 4th 2024. Valid for: a year.

This is the only time federation.auth.schwarz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	45.141.75.231 45.141.75.231	44076 (SCHWARZ-IT) (SCHWARZ-IT)
3	185.124.192.136 185.124.192.136	211768 (SCHWARZ-I...) (SCHWARZ-IT-LEGACY)
7	2

4 45.141.75.231 (Heilbronn, Germany)

ASN44076 (SCHWARZ-IT, DE)

adfresh-frontend.prod.sit.svc.odj.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.124.192.136 (Heilbronn, Germany)

ASN211768 (SCHWARZ-IT-LEGACY, DE)

federation.auth.schwarz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	odj.cloud adfresh-frontend.prod.sit.svc.odj.cloud	4 MB
3	auth.schwarz federation.auth.schwarz	5 KB
7	2

	Domain	Requested by
4	adfresh-frontend.prod.sit.svc.odj.cloud	adfresh-frontend.prod.sit.svc.odj.cloud
3	federation.auth.schwarz	adfresh-frontend.prod.sit.svc.odj.cloud
7	2

This site contains no links.

Subject Issuer	Validity	Valid
adfresh-frontend.prod.sit.svc.odj.cloud R11	`2024-10-29` - `2025-01-27`	3 months	crt.sh
federation.auth.schwarz SwissSign RSA TLS EV ICA 2022 - 1	`2024-10-04` - `2025-10-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://federation.auth.schwarz/nidp/oauth/nam/authz?client_id=1d2c70d6-8d9b-4a31-9a25-e58f4326e373&redirect_uri=https%3A%2F%2Fadfresh-frontend.prod.sit.svc.odj.cloud&response_type=code&scope=siam&state=0b4500435ea9423b91817a9223fdea81&code_challenge=RTVX34ilHhn8wvOPutbLicPlVVY4q1rn6ltMrgDr-Ek&code_challenge_method=S256&response_mode=query
Frame ID: B52E67D46490C4E93A6314D15B4C709E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://adfresh-frontend.prod.sit.svc.odj.cloud/ Page URL
https://federation.auth.schwarz/nidp/oauth/nam/authz?client_id=1d2c70d6-8d9b-4a31-9a25-e58f4326e373&redirect... Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

3627 kB
Transfer

3619 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://adfresh-frontend.prod.sit.svc.odj.cloud/ Page URL
https://federation.auth.schwarz/nidp/oauth/nam/authz?client_id=1d2c70d6-8d9b-4a31-9a25-e58f4326e373&redirect_uri=https%3A%2F%2Fadfresh-frontend.prod.sit.svc.odj.cloud&response_type=code&scope=siam&state=0b4500435ea9423b91817a9223fdea81&code_challenge=RTVX34ilHhn8wvOPutbLicPlVVY4q1rn6ltMrgDr-Ek&code_challenge_method=S256&response_mode=query Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
adfresh-frontend.prod.sit.svc.odj.cloud/ 2 KB
2 KB 374ms
16ms Document
text/html 45.141.75.231
SCHWARZ-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://adfresh-frontend.prod.sit.svc.odj.cloud/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

45.141.75.231 Heilbronn, Germany, ASN44076 (SCHWARZ-IT, DE),

Reverse DNS

Software

/

Resource Hash

c0fa6f180d3fd6131e134907c7228d9704415aede9afaddc51f92e49d3fd3d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 1626
content-type: text/html
date: Tue, 12 Nov 2024 23:19:32 GMT
etag: "673370d5-65a"
last-modified: Tue, 12 Nov 2024 15:14:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 index-bZy-DjPj.js Show response
adfresh-frontend.prod.sit.svc.odj.cloud/assets/ 3 MB
3 MB 44ms
43ms Script
application/javascript 45.141.75.231
SCHWARZ-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://adfresh-frontend.prod.sit.svc.odj.cloud/assets/index-bZy-DjPj.js

Requested by

Host: adfresh-frontend.prod.sit.svc.odj.cloud
URL: https://adfresh-frontend.prod.sit.svc.odj.cloud/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

45.141.75.231 Heilbronn, Germany, ASN44076 (SCHWARZ-IT, DE),

Reverse DNS

Software

/

Resource Hash

207cb6a902cbd1e8f945a919e6d672b2daf48f20a7fa9258c0700b3b789f8dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://adfresh-frontend.prod.sit.svc.odj.cloud
Referer: https://adfresh-frontend.prod.sit.svc.odj.cloud/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 3422696
date: Tue, 12 Nov 2024 23:19:32 GMT
etag: "67239d0b-3439e8"
content-type: application/javascript
last-modified: Thu, 31 Oct 2024 15:06:51 GMT

GET
H2 200 index-NCIBMd8N.css
adfresh-frontend.prod.sit.svc.odj.cloud/assets/ 271 KB
271 KB 12ms
12ms Stylesheet
text/css 45.141.75.231
SCHWARZ-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://adfresh-frontend.prod.sit.svc.odj.cloud/assets/index-NCIBMd8N.css

Requested by

Host: adfresh-frontend.prod.sit.svc.odj.cloud
URL: https://adfresh-frontend.prod.sit.svc.odj.cloud/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

45.141.75.231 Heilbronn, Germany, ASN44076 (SCHWARZ-IT, DE),

Reverse DNS

Software

/

Resource Hash

2ab88a5f15746efe684c2d04776227c592cab32fc28dda88311c560230c7364d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://adfresh-frontend.prod.sit.svc.odj.cloud
Referer: https://adfresh-frontend.prod.sit.svc.odj.cloud/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 277474
date: Tue, 12 Nov 2024 23:19:32 GMT
etag: "67239d0a-43be2"
content-type: text/css
last-modified: Thu, 31 Oct 2024 15:06:50 GMT

GET
H/1.1 200 openid-configuration
federation.auth.schwarz/nidp/oauth/nam/.well-known/ 2 KB
4 KB 357ms
18ms Fetch
application/json 185.124.192.136
SCHWARZ-IT-LEGACY

General

Check archive.org

Show headers Download Go to

Full URL

https://federation.auth.schwarz/nidp/oauth/nam/.well-known/openid-configuration

Requested by

Host: adfresh-frontend.prod.sit.svc.odj.cloud
URL: https://adfresh-frontend.prod.sit.svc.odj.cloud/assets/index-bZy-DjPj.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.124.192.136 Heilbronn, Germany, ASN211768 (SCHWARZ-IT-LEGACY, DE),

Reverse DNS

Software

/

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://federation.auth.schwarz https://itdoc.schwarz/ https://performancemanager5.successfactors.eu/ https://lidl.staffbase.com https://de.eyo.com https://sp-backupapps-ui.qa.sit.az.odj.cloud/ https://sp-backupapps-ui.prod.sit.az.odj.cloud/ https://okxiy8r6czzstv4bjnw6mhm.eu1.analytics.cloud.sap
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/jwk-set+json, application/json
Referer: https://adfresh-frontend.prod.sit.svc.odj.cloud/

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: frame-ancestors https://federation.auth.schwarz https://itdoc.schwarz/ https://performancemanager5.successfactors.eu/ https://lidl.staffbase.com https://de.eyo.com https://sp-backupapps-ui.qa.sit.az.odj.cloud/ https://sp-backupapps-ui.prod.sit.az.odj.cloud/ https://okxiy8r6czzstv4bjnw6mhm.eu1.analytics.cloud.sap
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://adfresh-frontend.prod.sit.svc.odj.cloud
Content-Length: 2493
Keep-Alive: timeout=60
X-XSS-Protection: 1; mode=block
Date: Tue, 12 Nov 2024 23:19:33 GMT
Content-Type: application/json
X-FRAME-OPTIONS: SAMEORIGIN

GET
H2 200 favicon.svg
adfresh-frontend.prod.sit.svc.odj.cloud/ 2 KB
2 KB 15ms
15ms Other
image/svg+xml 45.141.75.231
SCHWARZ-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://adfresh-frontend.prod.sit.svc.odj.cloud/favicon.svg

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

45.141.75.231 Heilbronn, Germany, ASN44076 (SCHWARZ-IT, DE),

Reverse DNS

Software

/

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://adfresh-frontend.prod.sit.svc.odj.cloud/adfresh/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 1662
date: Tue, 12 Nov 2024 23:19:33 GMT
etag: "67239d08-67e"
content-type: image/svg+xml
last-modified: Thu, 31 Oct 2024 15:06:48 GMT

GET
H/1.1 400 Primary Request authz Show response
federation.auth.schwarz/nidp/oauth/nam/ 97 B
1 KB 65ms
22ms Document
text/plain 185.124.192.136
SCHWARZ-IT-LEGACY

General

Check archive.org

Show headers Download Go to

Full URL

https://federation.auth.schwarz/nidp/oauth/nam/authz?client_id=1d2c70d6-8d9b-4a31-9a25-e58f4326e373&redirect_uri=https%3A%2F%2Fadfresh-frontend.prod.sit.svc.odj.cloud&response_type=code&scope=siam&state=0b4500435ea9423b91817a9223fdea81&code_challenge=RTVX34ilHhn8wvOPutbLicPlVVY4q1rn6ltMrgDr-Ek&code_challenge_method=S256&response_mode=query

Requested by

Host: adfresh-frontend.prod.sit.svc.odj.cloud
URL: https://adfresh-frontend.prod.sit.svc.odj.cloud/assets/index-bZy-DjPj.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.124.192.136 Heilbronn, Germany, ASN211768 (SCHWARZ-IT-LEGACY, DE),

Reverse DNS

Software

/

Resource Hash

394452f22511a921c5df267df26c4344076dc9ec59c16c9184130c8cf047449a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://federation.auth.schwarz https://itdoc.schwarz/ https://performancemanager5.successfactors.eu/ https://lidl.staffbase.com https://de.eyo.com https://sp-backupapps-ui.qa.sit.az.odj.cloud/ https://sp-backupapps-ui.prod.sit.az.odj.cloud/ https://okxiy8r6czzstv4bjnw6mhm.eu1.analytics.cloud.sap
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adfresh-frontend.prod.sit.svc.odj.cloud/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS
Connection: close
Content-Length: 97
Content-Security-Policy: frame-ancestors https://federation.auth.schwarz https://itdoc.schwarz/ https://performancemanager5.successfactors.eu/ https://lidl.staffbase.com https://de.eyo.com https://sp-backupapps-ui.qa.sit.az.odj.cloud/ https://sp-backupapps-ui.prod.sit.az.odj.cloud/ https://okxiy8r6czzstv4bjnw6mhm.eu1.analytics.cloud.sap
Content-Type: text/plain
Date: Tue, 12 Nov 2024 23:19:33 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 404 favicon.ico
federation.auth.schwarz/ 120 B
408 B 68ms
21ms Other
text/html 185.124.192.136
SCHWARZ-IT-LEGACY

General

Check archive.org

Show headers Download Go to

Full URL

https://federation.auth.schwarz/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.124.192.136 Heilbronn, Germany, ASN211768 (SCHWARZ-IT-LEGACY, DE),

Reverse DNS

Software

/

Resource Hash

67037b80c615b13fefdbd77e334aa36111cfa60d80fb4e387358fd589b686eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://federation.auth.schwarz/nidp/oauth/nam/authz?client_id=1d2c70d6-8d9b-4a31-9a25-e58f4326e373&redirect_uri=https%3A%2F%2Fadfresh-frontend.prod.sit.svc.odj.cloud&response_type=code&scope=siam&state=0b4500435ea9423b91817a9223fdea81&code_challenge=RTVX34ilHhn8wvOPutbLicPlVVY4q1rn6ltMrgDr-Ek&code_challenge_method=S256&response_mode=query

Response headers

Strict-Transport-Security: max-age=31536000
Connection: keep-alive
X-Content-Type-Options: nosniff
Content-Length: 120
Keep-Alive: timeout=60
X-XSS-Protection: 1; mode=block
Date: Tue, 12 Nov 2024 23:19:33 GMT
Content-Type: text/html
X-Frame-Options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
federation.auth.schwarz/nidp	1969-12-31 23:59:59	Name: JSESSIONID Value: EBBFF946E6BE50C8BF61E83688DB0F0B
federation.auth.schwarz/nidp	1969-12-31 23:59:59	Name: TS01e52998 Value: 014c3ac9f08ce64dc3c02332d734cb5717f15dae8a4a6799959630f582a0c3078a0779766db9c6c0c7c8085364ea3a497f9a255635
federation.auth.schwarz/	1969-12-31 23:59:59	Name: lbcookie Value: !AvtSMvtq5LHQaJcQ96UN92j9HtPQnd6hCdeOF1jIYMY8vxwjdjh6vShytGVjfiQAtFR77d8wDiHzZcg=
federation.auth.schwarz/	1969-12-31 23:59:59	Name: TS015509ed Value: 014c3ac9f08ce64dc3c02332d734cb5717f15dae8a4a6799959630f582a0c3078a0779766db9c6c0c7c8085364ea3a497f9a255635

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://federation.auth.schwarz/nidp/oauth/nam/authz?client_id=1d2c70d6-8d9b-4a31-9a25-e58f4326e373&redirect_uri=https%3A%2F%2Fadfresh-frontend.prod.sit.svc.odj.cloud&response_type=code&scope=siam&state=0b4500435ea9423b91817a9223fdea81&code_challenge=RTVX34ilHhn8wvOPutbLicPlVVY4q1rn6ltMrgDr-Ek&code_challenge_method=S256&response_mode=query Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://federation.auth.schwarz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adfresh-frontend.prod.sit.svc.odj.cloud
federation.auth.schwarz
185.124.192.136
45.141.75.231
207cb6a902cbd1e8f945a919e6d672b2daf48f20a7fa9258c0700b3b789f8dc3
2ab88a5f15746efe684c2d04776227c592cab32fc28dda88311c560230c7364d
394452f22511a921c5df267df26c4344076dc9ec59c16c9184130c8cf047449a
67037b80c615b13fefdbd77e334aa36111cfa60d80fb4e387358fd589b686eec
c0fa6f180d3fd6131e134907c7228d9704415aede9afaddc51f92e49d3fd3d2f

federation.auth.schwarz Open in urlscan Pro 185.124.192.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

3627 kBTransfer

3619 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

4 Cookies

2 Console Messages

Security Headers

Indicators

federation.auth.schwarz Open in urlscan Pro
185.124.192.136 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

3627 kB
Transfer

3619 kB
Size

4
Cookies

7 HTTP transactions
0 data transactions