urlscan.io logo urlscan.io
SecurityTrails logo

wes-idp.six-group.com Open in urlscan Pro
153.46.107.142  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://myportal.six-payment-services.com/merchantportal
Effective URL: https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22value%22%...
Submission: On November 28 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 153.46.107.142, located in United States and belongs to SIX Zuerich, Switzerland, CH. The main domain is wes-idp.six-group.com.
TLS certificate: Issued by SwissSign RSA TLS OV ICA 2021 - 1 on August 15th 2022. Valid for: a year.
This is the only time wes-idp.six-group.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 153.46.250.47 9042 (SIX Zuerich)
9 153.46.107.142 9042 (SIX Zuerich)
9 1
Apex Domain
Subdomains		 Transfer
9 six-group.com
wes-idp.six-group.com
584 KB
2 six-payment-services.com
myportal.six-payment-services.com
1 KB
9 2
Domain Requested by
9 wes-idp.six-group.com wes-idp.six-group.com
2 myportal.six-payment-services.com 2 redirects
9 2

This site contains links to these domains. Also see Links.

Domain
www.six-payment-services.com
Subject Issuer Validity Valid
wes-idp.six-group.com
SwissSign RSA TLS OV ICA 2021 - 1		 2022-08-15 -
2023-08-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22value%22%3A%221%3Apassword%22%2C%22essential%22%3Atrue%7D%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fmyportal.six-payment-services.com%2Fmerchantportal%2F&state=Xsy0CvyQdYETt9hbQB94GHqzqFNHr0D_QTw5T7QFjng&nonce=rGelRlRBTg8Qa0vLy2HklCgqFegViqFTsKM0dCtSXUc&client_id=wdlmepo-myportal&response_mode=query&valid_before=2022-11-28T15%3A49%3A55.230Z&prompt=login
Frame ID: 4E0032F3C456BAB1B3C32CC572D2B3F2
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

myPortal Login

Page URL History Show full URLs

  1. https://myportal.six-payment-services.com/merchantportal HTTP 302
    https://myportal.six-payment-services.com/merchantportal/ HTTP 302
    https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

584 kB
Transfer

575 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://myportal.six-payment-services.com/merchantportal HTTP 302
    https://myportal.six-payment-services.com/merchantportal/ HTTP 302
    https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22value%22%3A%221%3Apassword%22%2C%22essential%22%3Atrue%7D%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fmyportal.six-payment-services.com%2Fmerchantportal%2F&state=Xsy0CvyQdYETt9hbQB94GHqzqFNHr0D_QTw5T7QFjng&nonce=rGelRlRBTg8Qa0vLy2HklCgqFegViqFTsKM0dCtSXUc&client_id=wdlmepo-myportal&response_mode=query&valid_before=2022-11-28T15%3A49%3A55.230Z&prompt=login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wes-idp.six-group.com/myportal/authorize/
Redirect Chain
  • https://myportal.six-payment-services.com/merchantportal
  • https://myportal.six-payment-services.com/merchantportal/
  • https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22value%22%3A%221%3Apassword%22%2C%22essential%22%3Atrue%7D%7D%7D&response_type=co...
8 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22value%22%3A%221%3Apassword%22%2C%22essential%22%3Atrue%7D%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fmyportal.six-payment-services.com%2Fmerchantportal%2F&state=Xsy0CvyQdYETt9hbQB94GHqzqFNHr0D_QTw5T7QFjng&nonce=rGelRlRBTg8Qa0vLy2HklCgqFegViqFTsKM0dCtSXUc&client_id=wdlmepo-myportal&response_mode=query&valid_before=2022-11-28T15%3A49%3A55.230Z&prompt=login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.46.107.142 , United States, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
wes-idp.six-group.com
Software
Apache /
Resource Hash
998790be878a80f140cecf9a012cf1ef3bd93052ac8cd8644bc16748ecd52ba2
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, private
Connection
Keep-Alive
Content-Security-Policy
base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
Content-Type
text/html;charset=utf-8
Date
Mon, 28 Nov 2022 15:44:56 GMT
Expires
Thu, 1 Jan 1970 00:00:00 GMT
Feature-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none'
Keep-Alive
timeout=5, max=100
Permissions-Policy
layout-animations=(none), unoptimized-images=(none), oversized-images=(none), sync-script=(none), sync-xhr=(none), unsized-media=(none)
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Transfer-ID
68edc11c-00f0ea-f00a50aa-184bee9add9-000cd266
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Connection
close
Content-Length
791
Content-Type
text/html; charset=utf-8
Date
Mon, 28 Nov 2022 15:44:55 GMT
Location
https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22value%22%3A%221%3Apassword%22%2C%22essential%22%3Atrue%7D%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fmyportal.six-payment-services.com%2Fmerchantportal%2F&state=Xsy0CvyQdYETt9hbQB94GHqzqFNHr0D_QTw5T7QFjng&nonce=rGelRlRBTg8Qa0vLy2HklCgqFegViqFTsKM0dCtSXUc&client_id=wdlmepo-myportal&response_mode=query&valid_before=2022-11-28T15%3A49%3A55.230Z&prompt=login
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
main.css
wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/styles/ 		111 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/styles/main.css?44c55ec788
Requested by
Host: wes-idp.six-group.com
URL: https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22value%22%3A%221%3Apassword%22%2C%22essential%22%3Atrue%7D%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fmyportal.six-payment-services.com%2Fmerchantportal%2F&state=Xsy0CvyQdYETt9hbQB94GHqzqFNHr0D_QTw5T7QFjng&nonce=rGelRlRBTg8Qa0vLy2HklCgqFegViqFTsKM0dCtSXUc&client_id=wdlmepo-myportal&response_mode=query&valid_before=2022-11-28T15%3A49%3A55.230Z&prompt=login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.46.107.142 , United States, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
wes-idp.six-group.com
Software
Apache /
Resource Hash
c44cfa413ad3cef949065d9d3417d3a400e937e4ae5fe3832460ec973ccbeb05
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22value%22%3A%221%3Apassword%22%2C%22essential%22%3Atrue%7D%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fmyportal.six-payment-services.com%2Fmerchantportal%2F&state=Xsy0CvyQdYETt9hbQB94GHqzqFNHr0D_QTw5T7QFjng&nonce=rGelRlRBTg8Qa0vLy2HklCgqFegViqFTsKM0dCtSXUc&client_id=wdlmepo-myportal&response_mode=query&valid_before=2022-11-28T15%3A49%3A55.230Z&prompt=login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 15:44:56 GMT
Content-Security-Policy
base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Connection
Keep-Alive
X-Transfer-ID
68edc11c-00f0ea-f00a50aa-184bee9aebb-000cd267
Content-Length
113816
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
must-revalidate
Feature-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none'
Permissions-Policy
layout-animations=(none), unoptimized-images=(none), oversized-images=(none), sync-script=(none), sync-xhr=(none), unsized-media=(none)
Keep-Alive
timeout=5, max=99
Expires
Mon, 28 Nov 2022 15:59:34 GMT
Worldline-Mint-Horizontal.svg
wes-idp.six-group.com/resources/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wes-idp.six-group.com/resources/Worldline-Mint-Horizontal.svg
Requested by
Host: wes-idp.six-group.com
URL: https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22value%22%3A%221%3Apassword%22%2C%22essential%22%3Atrue%7D%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fmyportal.six-payment-services.com%2Fmerchantportal%2F&state=Xsy0CvyQdYETt9hbQB94GHqzqFNHr0D_QTw5T7QFjng&nonce=rGelRlRBTg8Qa0vLy2HklCgqFegViqFTsKM0dCtSXUc&client_id=wdlmepo-myportal&response_mode=query&valid_before=2022-11-28T15%3A49%3A55.230Z&prompt=login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.46.107.142 , United States, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
wes-idp.six-group.com
Software
Apache /
Resource Hash
acef47b8af1fc235c82da200e037394a63946c0e1138cf1e46dee45efda1e26c
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22value%22%3A%221%3Apassword%22%2C%22essential%22%3Atrue%7D%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fmyportal.six-payment-services.com%2Fmerchantportal%2F&state=Xsy0CvyQdYETt9hbQB94GHqzqFNHr0D_QTw5T7QFjng&nonce=rGelRlRBTg8Qa0vLy2HklCgqFegViqFTsKM0dCtSXUc&client_id=wdlmepo-myportal&response_mode=query&valid_before=2022-11-28T15%3A49%3A55.230Z&prompt=login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 15:44:56 GMT
Content-Security-Policy
base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Connection
Keep-Alive
X-Transfer-ID
68edc11c-00f0ea-f00a50aa-184bee9aebc-000cd268
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Sun, 07 Nov 2021 08:15:10 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml;charset=utf-8
Feature-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none'
Permissions-Policy
layout-animations=(none), unoptimized-images=(none), oversized-images=(none), sync-script=(none), sync-xhr=(none), unsized-media=(none)
Keep-Alive
timeout=5, max=100
main.js
wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/scripts/ 		150 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/scripts/main.js?dc572764f7
Requested by
Host: wes-idp.six-group.com
URL: https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22value%22%3A%221%3Apassword%22%2C%22essential%22%3Atrue%7D%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fmyportal.six-payment-services.com%2Fmerchantportal%2F&state=Xsy0CvyQdYETt9hbQB94GHqzqFNHr0D_QTw5T7QFjng&nonce=rGelRlRBTg8Qa0vLy2HklCgqFegViqFTsKM0dCtSXUc&client_id=wdlmepo-myportal&response_mode=query&valid_before=2022-11-28T15%3A49%3A55.230Z&prompt=login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.46.107.142 , United States, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
wes-idp.six-group.com
Software
Apache /
Resource Hash
16853395a1c3d9eb6f82c65c6498cdaa2b7cf7c5d9b172b18da0b39a5110e6ed
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22value%22%3A%221%3Apassword%22%2C%22essential%22%3Atrue%7D%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fmyportal.six-payment-services.com%2Fmerchantportal%2F&state=Xsy0CvyQdYETt9hbQB94GHqzqFNHr0D_QTw5T7QFjng&nonce=rGelRlRBTg8Qa0vLy2HklCgqFegViqFTsKM0dCtSXUc&client_id=wdlmepo-myportal&response_mode=query&valid_before=2022-11-28T15%3A49%3A55.230Z&prompt=login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 15:44:56 GMT
Content-Security-Policy
base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Connection
Keep-Alive
X-Transfer-ID
68edc11c-00f0ea-f00a50aa-184bee9af4b-000cd269
Content-Length
153587
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
must-revalidate
Feature-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none'
Permissions-Policy
layout-animations=(none), unoptimized-images=(none), oversized-images=(none), sync-script=(none), sync-xhr=(none), unsized-media=(none)
Keep-Alive
timeout=5, max=99
Expires
Mon, 28 Nov 2022 15:59:34 GMT
jquery-3.5.1.min.js
wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/jquery-3.5.1.min.js
Requested by
Host: wes-idp.six-group.com
URL: https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22value%22%3A%221%3Apassword%22%2C%22essential%22%3Atrue%7D%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fmyportal.six-payment-services.com%2Fmerchantportal%2F&state=Xsy0CvyQdYETt9hbQB94GHqzqFNHr0D_QTw5T7QFjng&nonce=rGelRlRBTg8Qa0vLy2HklCgqFegViqFTsKM0dCtSXUc&client_id=wdlmepo-myportal&response_mode=query&valid_before=2022-11-28T15%3A49%3A55.230Z&prompt=login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.46.107.142 , United States, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
wes-idp.six-group.com
Software
Apache /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wes-idp.six-group.com/myportal/authorize/?scope=openid+roles&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22value%22%3A%221%3Apassword%22%2C%22essential%22%3Atrue%7D%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fmyportal.six-payment-services.com%2Fmerchantportal%2F&state=Xsy0CvyQdYETt9hbQB94GHqzqFNHr0D_QTw5T7QFjng&nonce=rGelRlRBTg8Qa0vLy2HklCgqFegViqFTsKM0dCtSXUc&client_id=wdlmepo-myportal&response_mode=query&valid_before=2022-11-28T15%3A49%3A55.230Z&prompt=login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 15:44:56 GMT
Content-Security-Policy
base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Connection
Keep-Alive
X-Transfer-ID
68edc11c-00f0ea-f00a50aa-184bee9b069-000cd26b
Content-Length
89476
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
must-revalidate
Feature-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none'
Permissions-Policy
layout-animations=(none), unoptimized-images=(none), oversized-images=(none), sync-script=(none), sync-xhr=(none), unsized-media=(none)
Keep-Alive
timeout=5, max=98
Expires
Mon, 28 Nov 2022 15:59:34 GMT
noto-sans-v7-latin-ext_latin-700.woff2
wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/fonts/noto-sans-v7-latin-ext_latin/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/fonts/noto-sans-v7-latin-ext_latin/noto-sans-v7-latin-ext_latin-700.woff2
Requested by
Host: wes-idp.six-group.com
URL: https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/styles/main.css?44c55ec788
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.46.107.142 , United States, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
wes-idp.six-group.com
Software
Apache /
Resource Hash
7e92a2edfad1a82e2c576a165534b9b2d9444b754e329dc0a412e4ee80ec014a
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/styles/main.css?44c55ec788
Origin
https://wes-idp.six-group.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 15:44:57 GMT
Content-Security-Policy
base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Connection
Keep-Alive
X-Transfer-ID
68edc11c-00f0ea-f00a50aa-184bee9b103-000cd26c
Content-Length
40420
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
must-revalidate
Feature-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none'
Permissions-Policy
layout-animations=(none), unoptimized-images=(none), oversized-images=(none), sync-script=(none), sync-xhr=(none), unsized-media=(none)
Keep-Alive
timeout=5, max=97
Expires
Mon, 28 Nov 2022 15:59:34 GMT
hinted-subset-NotoSans-CondensedBold.woff2
wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/fonts/noto-sans-condensed/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/fonts/noto-sans-condensed/hinted-subset-NotoSans-CondensedBold.woff2
Requested by
Host: wes-idp.six-group.com
URL: https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/styles/main.css?44c55ec788
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.46.107.142 , United States, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
wes-idp.six-group.com
Software
Apache /
Resource Hash
f6155ef82db6c7389fff008ff32b6ac8c043fc5ac08a767ebee2b64bf5c23528
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/styles/main.css?44c55ec788
Origin
https://wes-idp.six-group.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 15:44:57 GMT
Content-Security-Policy
base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Connection
Keep-Alive
X-Transfer-ID
68edc11c-00f0ea-f00a50aa-184bee9b16b-000cd26d
Content-Length
76964
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
must-revalidate
Feature-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none'
Permissions-Policy
layout-animations=(none), unoptimized-images=(none), oversized-images=(none), sync-script=(none), sync-xhr=(none), unsized-media=(none)
Keep-Alive
timeout=5, max=98
Expires
Mon, 28 Nov 2022 15:59:34 GMT
noto-sans-v7-latin-ext_latin-regular.woff2
wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/fonts/noto-sans-v7-latin-ext_latin/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/fonts/noto-sans-v7-latin-ext_latin/noto-sans-v7-latin-ext_latin-regular.woff2
Requested by
Host: wes-idp.six-group.com
URL: https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/styles/main.css?44c55ec788
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.46.107.142 , United States, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
wes-idp.six-group.com
Software
Apache /
Resource Hash
a1074351ac6df432e365ab5d53e2cf590968f5c8f0681b3d4e55bb018dbdeab5
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/styles/main.css?44c55ec788
Origin
https://wes-idp.six-group.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 15:44:57 GMT
Content-Security-Policy
base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Connection
Keep-Alive
X-Transfer-ID
68edc11c-00f0ea-f00a50aa-184bee9b181-000cd26e
Content-Length
40216
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
must-revalidate
Feature-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none'
Permissions-Policy
layout-animations=(none), unoptimized-images=(none), oversized-images=(none), sync-script=(none), sync-xhr=(none), unsized-media=(none)
Keep-Alive
timeout=5, max=100
Expires
Mon, 28 Nov 2022 15:59:34 GMT
MaterialIcons-Regular.woff2
wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/fonts/materialdesign/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/fonts/materialdesign/MaterialIcons-Regular.woff2
Requested by
Host: wes-idp.six-group.com
URL: https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/styles/main.css?44c55ec788
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.46.107.142 , United States, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
wes-idp.six-group.com
Software
Apache /
Resource Hash
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wes-idp.six-group.com/static/nevislogrend/applications/oidc-op-myportal-realm/webdata/resources/styles/main.css?44c55ec788
Origin
https://wes-idp.six-group.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 15:44:57 GMT
Content-Security-Policy
base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Connection
Keep-Alive
X-Transfer-ID
68edc11c-00f0ea-f00a50aa-184bee9b185-000cd26f
Content-Length
60840
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
must-revalidate
Feature-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none'
Permissions-Policy
layout-animations=(none), unoptimized-images=(none), oversized-images=(none), sync-script=(none), sync-xhr=(none), unsized-media=(none)
Keep-Alive
timeout=5, max=100
Expires
Mon, 28 Nov 2022 15:59:34 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __core-js_shared__ object| core function| $ function| jQuery

3 Cookies

Domain/Path Name / Value
myportal.six-payment-services.com/ Name: rp-myportal-session
Value: 7574f00a0e2aORkcAObLFrP41ijFlcfRnftvR6QIaVGvXCfCJjxCOhALUl
wes-idp.six-group.com/ Name: LANG
Value: en
wes-idp.six-group.com/ Name: oidc-op-myportal
Value: f0eaf00a50aajQ6jsZFlRGpHJFk6MuNmZDEs4L8yQuXCTK5VIdsE6zAS3w

17 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'unoptimized-images'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'sync-script'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'unsized-media'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: sync-xhr. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Invalid allowlist item(none) for feature layout-animations. Allowlist item must be *, self or quoted url.
security warning
Message:
Error with Permissions-Policy header: Invalid allowlist item(none) for feature unoptimized-images. Allowlist item must be *, self or quoted url.
security warning
Message:
Error with Permissions-Policy header: Invalid allowlist item(none) for feature oversized-images. Allowlist item must be *, self or quoted url.
security warning
Message:
Error with Permissions-Policy header: Invalid allowlist item(none) for feature sync-script. Allowlist item must be *, self or quoted url.
security warning
Message:
Error with Permissions-Policy header: Invalid allowlist item(none) for feature sync-xhr. Allowlist item must be *, self or quoted url.
security warning
Message:
Error with Permissions-Policy header: Invalid allowlist item(none) for feature unsized-media. Allowlist item must be *, self or quoted url.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'layout-animations'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'unoptimized-images'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'oversized-images'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'sync-script'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'unsized-media'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'none'; default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block