Submitted URL: https://prod-boreholes.swissgeol.ch/
Effective URL: https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE
Submission: On November 21 via automatic, source certstream-suspicious — Scanned from CH

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 34 HTTP transactions. The main IP is 162.23.135.239, located in Switzerland and belongs to SWISSGOV Swiss Federation represented by FOITT, CH. The main domain is chlogin.zd.eiam.admin.ch.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on September 3rd 2024. Valid for: a year.
This is the only time chlogin.zd.eiam.admin.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2600:9000:205... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a05:d018:478... 16509 (AMAZON-02)
1 1 2a05:d018:478... 16509 (AMAZON-02)
1 162.23.136.147 33845 (SWISSGOV ...)
2 162.23.128.22 33845 (SWISSGOV ...)
7 162.23.135.239 33845 (SWISSGOV ...)
1 142.250.185.132 15169 (GOOGLE)
34 8
Domain Requested by
7 chlogin.zd.eiam.admin.ch chlogin.zd.eiam.admin.ch
7 prod-boreholes.swissgeol.ch prod-boreholes.swissgeol.ch
2 feds.eiam.admin.ch
2 fonts.googleapis.com prod-boreholes.swissgeol.ch
1 www.google.com chlogin.zd.eiam.admin.ch
1 sts001.swisstopo.admin.ch prod-boreholes.swissgeol.ch
1 ngm-prod.auth.eu-west-1.amazoncognito.com 1 redirects
1 cognito-idp.eu-west-1.amazonaws.com prod-boreholes.swissgeol.ch
0 www.gstatic.com Failed www.google.com
34 9

This site contains links to these domains. Also see Links.

Domain
www.eiam.admin.ch
www.disclaimer.admin.ch
Subject Issuer Validity Valid
prod-boreholes.swissgeol.ch
Amazon RSA 2048 M03
2024-11-20 -
2025-12-19
a year crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
cognito-idp.eu-west-1.amazonaws.com
Amazon RSA 2048 M03
2024-03-25 -
2025-04-23
a year crt.sh
sts001.swisstopo.admin.ch
QuoVadis Global SSL ICA G3
2024-04-18 -
2025-04-18
a year crt.sh
feds.eiam.admin.ch
QuoVadis Global SSL ICA G3
2024-01-10 -
2025-01-10
a year crt.sh
chlogin.zd.eiam.admin.ch
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-03 -
2025-09-03
a year crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE
Frame ID: D278D0ECEAAA3C331952197D1A60C5C7
Requests: 34 HTTP requests in this frame

Screenshot

Page Title

CH-LOGIN - Anmeldung

Page URL History Show full URLs

  1. https://prod-boreholes.swissgeol.ch/ Page URL
  2. https://ngm-prod.auth.eu-west-1.amazoncognito.com/oauth2/authorize?client_id=3ulg46i2dkilah403hluf6hoi7&redirect_uri=https%3A%... HTTP 302
    https://sts001.swisstopo.admin.ch/auth/saml2/sso?SAMLRequest=fZHLTgIxFIb3PsWk%2B3amwyDYMGOIhoTEW0BduCGdToEmtB1... Page URL
  3. https://feds.eiam.admin.ch/adfs/ls/ Page URL
  4. https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE Page URL

Page Statistics

34
Requests

62 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

3831 kB
Transfer

3824 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://prod-boreholes.swissgeol.ch/ Page URL
  2. https://ngm-prod.auth.eu-west-1.amazoncognito.com/oauth2/authorize?client_id=3ulg46i2dkilah403hluf6hoi7&redirect_uri=https%3A%2F%2Fprod-boreholes.swissgeol.ch&response_type=code&scope=openid+profile&state=f089a92f2ff247039de08f09b06898d3%3BeyJocmVmIjoiaHR0cHM6Ly9wcm9kLWJvcmVob2xlcy5zd2lzc2dlb2wuY2gvIn0%3D&code_challenge=nywnnoaLgZqnnDARbrayb7NCvT1Z_U0JcEiiBFGudgg&code_challenge_method=S256 HTTP 302
    https://sts001.swisstopo.admin.ch/auth/saml2/sso?SAMLRequest=fZHLTgIxFIb3PsWk%2B3amwyDYMGOIhoTEW0BduCGdToEmtB17zoj69Jab0Q3LNv%2Fl5PtH1592k3zoAMa7knCWkUQ75RvjViV5eZ7QIbmuLkYg7SZvxbjDtZvp904DJmMAHTD6bryDzuow1%2BHDKP0yuyvJGrEFkaZuZWkbfMNktDLd0W20Us6kld8%2BFq2cQc%2BUt%2Bm%2BIjVNGzS0MVGT5DZqjZO4v%2B2UCAhZxhlsDQD61jPZWOOYWqe7imMMgCfJ9LYki1pd9fRS9%2BmwvryixVBJKps6p0W9LHLV7zdFNohSgE5PHaB0WJI8ywvKOc35c8YF7wk%2BYL2Mv5Hk9UQq35GK7ByIA5uSdMEJL8GAcNJqEKjEfHx%2FJ6JURATold%2BQ6oBS7AtDMvHBSjzv3f2Yhi73UqEdGvz6133eLk8zkWonO4AXR%2FICWvE7yoI%2FKPu4fsJilP69sjo%2B%2F%2B9f%2FQA%3D&RelayState=H4sIAAAAAAAAAD2S23LaMBCG38XXMZFl-SA6vSABEhIDCSQhpNNhdLSEZYv6gIFO372iF737d_bb_Xe1-u0Rb-iJzu9F0_rBLliwcqleWuTdePSamY3m_qG23MXMxWFnchRryAttiEIgVKaTsbI6cQB3gGrbQzO8vb3W-NTWQlkjmkHT66bJhTUDphwpHMksF05KJ9ejeeZk7g1_ePYgKn21cx2kNsL7eeMpx0iQYoKhhFJClIAQcwFSCTAFcYpTHn4T5yfLyo9ytreaPK4Ae5zH2Rn3rMRFtnk6upyl8GTYObpwaC4MckNh321hfpxV4Luz1M6nOvdVZUmWf_2qqvFoRWtypsni_vgWfO3ewRObaH03feh4nruK_XV6GMVOFk6-vk7bt_3d5J1nQJSbzWUzbtgSLtYW7Zfv0xDRFuVfIn1mk8A98lZ2p1mRj5bbD_OQpEzhqd6M57vgo70sT4siVhd42h7AehdsV_Xn86c1n1N0r7d50hdZracjq-5aPlqKdp1ZVsyIOZRzBlePD4UCdWFfitlOxGPYx2M0yV7Ox9WriUq8CH3gJjbXdfPy330HpGvV4P9HGJCSXGzFbF7p1g6YLR1fesMgCWEQBRFO3IG8oSSmETde7RpRlOIwwMiXFEU-Son0ccKxLwUKYsTTkPKrZ-vQHWU4FFJEfkpj7FhGfMIp9BGVCLIo4ggk3p-_B83XyZwCAAA.H4sIAAAAAAAAAAEgAN__ARSt59PgiIaI9JAIkStKRqflrPWNvdUh-rTbX0S2-d08PloVIAAAAA.3 Page URL
  3. https://feds.eiam.admin.ch/adfs/ls/ Page URL
  4. https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://ngm-prod.auth.eu-west-1.amazoncognito.com/oauth2/authorize?client_id=3ulg46i2dkilah403hluf6hoi7&redirect_uri=https%3A%2F%2Fprod-boreholes.swissgeol.ch&response_type=code&scope=openid+profile&state=f089a92f2ff247039de08f09b06898d3%3BeyJocmVmIjoiaHR0cHM6Ly9wcm9kLWJvcmVob2xlcy5zd2lzc2dlb2wuY2gvIn0%3D&code_challenge=nywnnoaLgZqnnDARbrayb7NCvT1Z_U0JcEiiBFGudgg&code_challenge_method=S256 HTTP 302
  • https://sts001.swisstopo.admin.ch/auth/saml2/sso?SAMLRequest=fZHLTgIxFIb3PsWk%2B3amwyDYMGOIhoTEW0BduCGdToEmtB17zoj69Jab0Q3LNv%2Fl5PtH1592k3zoAMa7knCWkUQ75RvjViV5eZ7QIbmuLkYg7SZvxbjDtZvp904DJmMAHTD6bryDzuow1%2BHDKP0yuyvJGrEFkaZuZWkbfMNktDLd0W20Us6kld8%2BFq2cQc%2BUt%2Bm%2BIjVNGzS0MVGT5DZqjZO4v%2B2UCAhZxhlsDQD61jPZWOOYWqe7imMMgCfJ9LYki1pd9fRS9%2BmwvryixVBJKps6p0W9LHLV7zdFNohSgE5PHaB0WJI8ywvKOc35c8YF7wk%2BYL2Mv5Hk9UQq35GK7ByIA5uSdMEJL8GAcNJqEKjEfHx%2FJ6JURATold%2BQ6oBS7AtDMvHBSjzv3f2Yhi73UqEdGvz6133eLk8zkWonO4AXR%2FICWvE7yoI%2FKPu4fsJilP69sjo%2B%2F%2B9f%2FQA%3D&RelayState=H4sIAAAAAAAAAD2S23LaMBCG38XXMZFl-SA6vSABEhIDCSQhpNNhdLSEZYv6gIFO372iF737d_bb_Xe1-u0Rb-iJzu9F0_rBLliwcqleWuTdePSamY3m_qG23MXMxWFnchRryAttiEIgVKaTsbI6cQB3gGrbQzO8vb3W-NTWQlkjmkHT66bJhTUDphwpHMksF05KJ9ejeeZk7g1_ePYgKn21cx2kNsL7eeMpx0iQYoKhhFJClIAQcwFSCTAFcYpTHn4T5yfLyo9ytreaPK4Ae5zH2Rn3rMRFtnk6upyl8GTYObpwaC4MckNh321hfpxV4Luz1M6nOvdVZUmWf_2qqvFoRWtypsni_vgWfO3ewRObaH03feh4nruK_XV6GMVOFk6-vk7bt_3d5J1nQJSbzWUzbtgSLtYW7Zfv0xDRFuVfIn1mk8A98lZ2p1mRj5bbD_OQpEzhqd6M57vgo70sT4siVhd42h7AehdsV_Xn86c1n1N0r7d50hdZracjq-5aPlqKdp1ZVsyIOZRzBlePD4UCdWFfitlOxGPYx2M0yV7Ox9WriUq8CH3gJjbXdfPy330HpGvV4P9HGJCSXGzFbF7p1g6YLR1fesMgCWEQBRFO3IG8oSSmETde7RpRlOIwwMiXFEU-Son0ccKxLwUKYsTTkPKrZ-vQHWU4FFJEfkpj7FhGfMIp9BGVCLIo4ggk3p-_B83XyZwCAAA.H4sIAAAAAAAAAAEgAN__ARSt59PgiIaI9JAIkStKRqflrPWNvdUh-rTbX0S2-d08PloVIAAAAA.3

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
prod-boreholes.swissgeol.ch/
1 KB
2 KB
Document
General
Full URL
https://prod-boreholes.swissgeol.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9a00:9:2019:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
3b28144e3744cf76daeebc1dc6e9ca02c259eef50593c2ce58e0543aefaf3628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
public, max-age=0
content-length
1174
content-type
text/html; charset=UTF-8
date
Thu, 21 Nov 2024 01:13:14 GMT
etag
W/"496-192336f86c0"
last-modified
Fri, 27 Sep 2024 12:23:20 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-id
XYC0VnhsusCWDChpXUKHpKnrHGSnY-yoJK3r3UyL4uL0Hf7RYfKTig==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-powered-by
Express
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1732151655
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap
Requested by
Host: prod-boreholes.swissgeol.ch
URL: https://prod-boreholes.swissgeol.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0919ff36779eef85fa50af4b94fb2d496a765612b7c5edd31ba69ea1f4136736
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod-boreholes.swissgeol.ch/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 01:13:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 01:13:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 21 Nov 2024 00:01:36 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
index-BNZNsdkK.js
prod-boreholes.swissgeol.ch/assets/
3 MB
3 MB
Script
General
Full URL
https://prod-boreholes.swissgeol.ch/assets/index-BNZNsdkK.js
Requested by
Host: prod-boreholes.swissgeol.ch
URL: https://prod-boreholes.swissgeol.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9a00:9:2019:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
1d80452692db05bfdc2a5fbf6f4ab8bb3e1e9bf9d212ca2bf11c061e75df7fe1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://prod-boreholes.swissgeol.ch
Referer
https://prod-boreholes.swissgeol.ch/

Response headers

cache-control
public, max-age=0
etag
W/"29fd4d-192336f86c0"
x-ratelimit-reset
1732151636
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-ratelimit-remaining
997
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
2751821
x-amz-cf-id
KVZFiD22hXDBhUO2UAd1l-pCxhg55VKqITbrHtIE18pH60VVntvH9g==
date
Thu, 21 Nov 2024 01:13:14 GMT
x-ratelimit-limit
1000
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 27 Sep 2024 12:23:20 GMT
x-powered-by
Express
x-amz-cf-pop
FRA6-C1
index-HOjGv7sJ.css
prod-boreholes.swissgeol.ch/assets/
571 KB
572 KB
Stylesheet
General
Full URL
https://prod-boreholes.swissgeol.ch/assets/index-HOjGv7sJ.css
Requested by
Host: prod-boreholes.swissgeol.ch
URL: https://prod-boreholes.swissgeol.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9a00:9:2019:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
35f9dae018fe2eb7965c040ca9f93a86b7dec291adba9921dfd5153dd0eadb0d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://prod-boreholes.swissgeol.ch
Referer
https://prod-boreholes.swissgeol.ch/

Response headers

cache-control
public, max-age=0
etag
W/"8ea31-192336f86c0"
x-ratelimit-reset
1732151618
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-ratelimit-remaining
998
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
584241
x-amz-cf-id
uEcMxltvwOJyslfuftor7kiZUQI5CeAkZktePtiXRPKOgSLjQbu-ew==
date
Thu, 21 Nov 2024 01:13:14 GMT
x-ratelimit-limit
1000
content-type
text/css; charset=UTF-8
last-modified
Fri, 27 Sep 2024 12:23:20 GMT
x-powered-by
Express
x-amz-cf-pop
FRA6-C1
css
fonts.googleapis.com/
3 KB
596 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: prod-boreholes.swissgeol.ch
URL: https://prod-boreholes.swissgeol.ch/assets/index-HOjGv7sJ.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d52a5150edb54fde546e89151c657cbc4f83edb87452f5cd4662feaa006d5540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod-boreholes.swissgeol.ch/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 01:13:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 01:13:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Nov 2024 23:53:54 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
common.json
prod-boreholes.swissgeol.ch/locale/en/
21 KB
22 KB
Fetch
General
Full URL
https://prod-boreholes.swissgeol.ch/locale/en/common.json?v=1.0.0
Requested by
Host: prod-boreholes.swissgeol.ch
URL: https://prod-boreholes.swissgeol.ch/assets/index-BNZNsdkK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9a00:9:2019:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a6622f225919392a1d1c754093de6a60cd425c4149e3597d7e2daebf1c957194

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod-boreholes.swissgeol.ch/

Response headers

cache-control
public, max-age=0
etag
W/"5459-192336f82d8"
x-ratelimit-reset
1732151618
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-ratelimit-remaining
997
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
21593
x-amz-cf-id
Z2m99WI-Y9lcCLuSXQbPwMbKZm9_ZKrnJNcB7jcL3rPA5r1hSd_65w==
date
Thu, 21 Nov 2024 01:13:15 GMT
x-ratelimit-limit
1000
content-type
application/json; charset=UTF-8
last-modified
Fri, 27 Sep 2024 12:23:19 GMT
x-powered-by
Express
x-amz-cf-pop
FRA6-C1
swissgeol_boreholes.svg
prod-boreholes.swissgeol.ch/
9 KB
9 KB
Image
General
Full URL
https://prod-boreholes.swissgeol.ch/swissgeol_boreholes.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9a00:9:2019:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
6bcc1b50c162751ef426302484c2c098900d9b3c9bc04f089e10dd0378e45e24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod-boreholes.swissgeol.ch/

Response headers

cache-control
public, max-age=0
etag
W/"23c4-192336f82d8"
x-ratelimit-reset
1732151656
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-ratelimit-remaining
999
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
9156
x-amz-cf-id
BzLRyrKukew6g7eVrgg-FVO7CfkjhqqFQlt57ei_Mtt2FBCN-8WB8A==
date
Thu, 21 Nov 2024 01:13:15 GMT
x-ratelimit-limit
1000
content-type
image/svg+xml
last-modified
Fri, 27 Sep 2024 12:23:19 GMT
x-powered-by
Express
x-amz-cf-pop
FRA6-C1
auth
prod-boreholes.swissgeol.ch/api/v2/settings/
191 B
455 B
Fetch
General
Full URL
https://prod-boreholes.swissgeol.ch/api/v2/settings/auth
Requested by
Host: prod-boreholes.swissgeol.ch
URL: https://prod-boreholes.swissgeol.ch/assets/index-BNZNsdkK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9a00:9:2019:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d342758a05dc6ca1d03b93168b75f948f1fc169a84f9eb432c4fae2e4db8d25b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod-boreholes.swissgeol.ch/

Response headers

api-supported-versions
2.0
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
O2RHb76CIEd8lR2LbuReJLaETm5UDobcT-le2_3K0blxRuyYsVprYQ==
date
Thu, 21 Nov 2024 01:13:15 GMT
content-type
application/json; charset=utf-8
x-amz-cf-pop
FRA6-C1
server
Kestrel
favicon.ico
prod-boreholes.swissgeol.ch/
2 KB
2 KB
Other
General
Full URL
https://prod-boreholes.swissgeol.ch/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9a00:9:2019:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
ddff17d0667277ac73d368c2c6409631f7e0fd22c045ba6d6d929f8ddc57f48a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://prod-boreholes.swissgeol.ch/

Response headers

cache-control
public, max-age=0
etag
W/"6bf-192336f82d8"
x-ratelimit-reset
1732151618
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-ratelimit-remaining
996
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
1727
x-amz-cf-id
gJPYYzooyuoKjk9TQ-BrP5tkJAaT5CBm9JS7KL5m9j-GpKDwJxH-9g==
date
Thu, 21 Nov 2024 01:13:15 GMT
x-ratelimit-limit
1000
content-type
image/x-icon
last-modified
Fri, 27 Sep 2024 12:23:19 GMT
x-powered-by
Express
x-amz-cf-pop
FRA6-C1
openid-configuration
cognito-idp.eu-west-1.amazonaws.com/eu-west-1_1NcmOhPt4/.well-known/
881 B
1 KB
Fetch
General
Full URL
https://cognito-idp.eu-west-1.amazonaws.com/eu-west-1_1NcmOhPt4/.well-known/openid-configuration
Requested by
Host: prod-boreholes.swissgeol.ch
URL: https://prod-boreholes.swissgeol.ch/assets/index-BNZNsdkK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:478:8a02:69f2:87ba:eee5:6bac Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/jwk-set+json, application/json
Referer
https://prod-boreholes.swissgeol.ch/

Response headers

x-amzn-requestid
ecd39ef3-ab80-4e91-aebd-c4eda56505a2
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
content-length
881
date
Thu, 21 Nov 2024 01:13:16 GMT
content-type
application/json
sso
sts001.swisstopo.admin.ch/auth/saml2/
Redirect Chain
  • https://ngm-prod.auth.eu-west-1.amazoncognito.com/oauth2/authorize?client_id=3ulg46i2dkilah403hluf6hoi7&redirect_uri=https%3A%2F%2Fprod-boreholes.swissgeol.ch&response_type=code&scope=openid+profil...
  • https://sts001.swisstopo.admin.ch/auth/saml2/sso?SAMLRequest=fZHLTgIxFIb3PsWk%2B3amwyDYMGOIhoTEW0BduCGdToEmtB17zoj69Jab0Q3LNv%2Fl5PtH1592k3zoAMa7knCWkUQ75RvjViV5eZ7QIbmuLkYg7SZvxbjDtZvp904DJmMAHTD6...
3 KB
4 KB
Document
General
Full URL
https://sts001.swisstopo.admin.ch/auth/saml2/sso?SAMLRequest=fZHLTgIxFIb3PsWk%2B3amwyDYMGOIhoTEW0BduCGdToEmtB17zoj69Jab0Q3LNv%2Fl5PtH1592k3zoAMa7knCWkUQ75RvjViV5eZ7QIbmuLkYg7SZvxbjDtZvp904DJmMAHTD6bryDzuow1%2BHDKP0yuyvJGrEFkaZuZWkbfMNktDLd0W20Us6kld8%2BFq2cQc%2BUt%2Bm%2BIjVNGzS0MVGT5DZqjZO4v%2B2UCAhZxhlsDQD61jPZWOOYWqe7imMMgCfJ9LYki1pd9fRS9%2BmwvryixVBJKps6p0W9LHLV7zdFNohSgE5PHaB0WJI8ywvKOc35c8YF7wk%2BYL2Mv5Hk9UQq35GK7ByIA5uSdMEJL8GAcNJqEKjEfHx%2FJ6JURATold%2BQ6oBS7AtDMvHBSjzv3f2Yhi73UqEdGvz6133eLk8zkWonO4AXR%2FICWvE7yoI%2FKPu4fsJilP69sjo%2B%2F%2B9f%2FQA%3D&RelayState=H4sIAAAAAAAAAD2S23LaMBCG38XXMZFl-SA6vSABEhIDCSQhpNNhdLSEZYv6gIFO372iF737d_bb_Xe1-u0Rb-iJzu9F0_rBLliwcqleWuTdePSamY3m_qG23MXMxWFnchRryAttiEIgVKaTsbI6cQB3gGrbQzO8vb3W-NTWQlkjmkHT66bJhTUDphwpHMksF05KJ9ejeeZk7g1_ePYgKn21cx2kNsL7eeMpx0iQYoKhhFJClIAQcwFSCTAFcYpTHn4T5yfLyo9ytreaPK4Ae5zH2Rn3rMRFtnk6upyl8GTYObpwaC4MckNh321hfpxV4Luz1M6nOvdVZUmWf_2qqvFoRWtypsni_vgWfO3ewRObaH03feh4nruK_XV6GMVOFk6-vk7bt_3d5J1nQJSbzWUzbtgSLtYW7Zfv0xDRFuVfIn1mk8A98lZ2p1mRj5bbD_OQpEzhqd6M57vgo70sT4siVhd42h7AehdsV_Xn86c1n1N0r7d50hdZracjq-5aPlqKdp1ZVsyIOZRzBlePD4UCdWFfitlOxGPYx2M0yV7Ox9WriUq8CH3gJjbXdfPy330HpGvV4P9HGJCSXGzFbF7p1g6YLR1fesMgCWEQBRFO3IG8oSSmETde7RpRlOIwwMiXFEU-Son0ccKxLwUKYsTTkPKrZ-vQHWU4FFJEfkpj7FhGfMIp9BGVCLIo4ggk3p-_B83XyZwCAAA.H4sIAAAAAAAAAAEgAN__ARSt59PgiIaI9JAIkStKRqflrPWNvdUh-rTbX0S2-d08PloVIAAAAA.3
Requested by
Host: prod-boreholes.swissgeol.ch
URL: https://prod-boreholes.swissgeol.ch/assets/index-BNZNsdkK.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.23.136.147 , Switzerland, ASN33845 (SWISSGOV Swiss Federation represented by FOITT, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-BdZGH1CvnFw=';
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://prod-boreholes.swissgeol.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Security-Policy
script-src 'nonce-BdZGH1CvnFw=';
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Nov 2024 01:13:18 GMT
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=16070400; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 21 Nov 2024 01:13:17 GMT
location
https://sts001.swisstopo.admin.ch/auth/saml2/sso?SAMLRequest=fZHLTgIxFIb3PsWk%2B3amwyDYMGOIhoTEW0BduCGdToEmtB17zoj69Jab0Q3LNv%2Fl5PtH1592k3zoAMa7knCWkUQ75RvjViV5eZ7QIbmuLkYg7SZvxbjDtZvp904DJmMAHTD6bryDzuow1%2BHDKP0yuyvJGrEFkaZuZWkbfMNktDLd0W20Us6kld8%2BFq2cQc%2BUt%2Bm%2BIjVNGzS0MVGT5DZqjZO4v%2B2UCAhZxhlsDQD61jPZWOOYWqe7imMMgCfJ9LYki1pd9fRS9%2BmwvryixVBJKps6p0W9LHLV7zdFNohSgE5PHaB0WJI8ywvKOc35c8YF7wk%2BYL2Mv5Hk9UQq35GK7ByIA5uSdMEJL8GAcNJqEKjEfHx%2FJ6JURATold%2BQ6oBS7AtDMvHBSjzv3f2Yhi73UqEdGvz6133eLk8zkWonO4AXR%2FICWvE7yoI%2FKPu4fsJilP69sjo%2B%2F%2B9f%2FQA%3D&RelayState=H4sIAAAAAAAAAD2S23LaMBCG38XXMZFl-SA6vSABEhIDCSQhpNNhdLSEZYv6gIFO372iF737d_bb_Xe1-u0Rb-iJzu9F0_rBLliwcqleWuTdePSamY3m_qG23MXMxWFnchRryAttiEIgVKaTsbI6cQB3gGrbQzO8vb3W-NTWQlkjmkHT66bJhTUDphwpHMksF05KJ9ejeeZk7g1_ePYgKn21cx2kNsL7eeMpx0iQYoKhhFJClIAQcwFSCTAFcYpTHn4T5yfLyo9ytreaPK4Ae5zH2Rn3rMRFtnk6upyl8GTYObpwaC4MckNh321hfpxV4Luz1M6nOvdVZUmWf_2qqvFoRWtypsni_vgWfO3ewRObaH03feh4nruK_XV6GMVOFk6-vk7bt_3d5J1nQJSbzWUzbtgSLtYW7Zfv0xDRFuVfIn1mk8A98lZ2p1mRj5bbD_OQpEzhqd6M57vgo70sT4siVhd42h7AehdsV_Xn86c1n1N0r7d50hdZracjq-5aPlqKdp1ZVsyIOZRzBlePD4UCdWFfitlOxGPYx2M0yV7Ox9WriUq8CH3gJjbXdfPy330HpGvV4P9HGJCSXGzFbF7p1g6YLR1fesMgCWEQBRFO3IG8oSSmETde7RpRlOIwwMiXFEU-Son0ccKxLwUKYsTTkPKrZ-vQHWU4FFJEfkpj7FhGfMIp9BGVCLIo4ggk3p-_B83XyZwCAAA.H4sIAAAAAAAAAAEgAN__ARSt59PgiIaI9JAIkStKRqflrPWNvdUh-rTbX0S2-d08PloVIAAAAA.3
pragma
no-cache
server
Server
strict-transport-security
max-age=31536000 ; includeSubDomains
x-amz-cognito-request-id
b4893194-fb45-48af-97d9-fe4164d83bd0
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
/
feds.eiam.admin.ch/adfs/ls/
6 KB
7 KB
Document
General
Full URL
https://feds.eiam.admin.ch/adfs/ls/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.23.128.22 , Switzerland, ASN33845 (SWISSGOV Swiss Federation represented by FOITT, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://sts001.swisstopo.admin.ch
Referer
https://sts001.swisstopo.admin.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-control
no-cache, no-store
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Thu, 21 Nov 2024 01:13:18 GMT
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
0
Primary Request IDP-PRIVATE
chlogin.zd.eiam.admin.ch/auth/saml2/sso/
13 KB
14 KB
Document
General
Full URL
https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.23.135.239 , Switzerland, ASN33845 (SWISSGOV Swiss Federation represented by FOITT, CH),
Reverse DNS
Software
/
Resource Hash
41c935f66b1037f7b05fbbdab56184d65f0bcae6886014ba3caa5ba823f46982
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://feds.eiam.admin.ch
Referer
https://feds.eiam.admin.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate, private
Connection
keep-alive
Content-Type
text/html;charset=utf-8
Date
Thu, 21 Nov 2024 01:13:19 GMT
Expires
Thu, 1 Jan 1970 00:00:00 GMT
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=15552000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
content-length
13752
favicon.ico
feds.eiam.admin.ch/
5 KB
6 KB
Other
General
Full URL
https://feds.eiam.admin.ch/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.23.128.22 , Switzerland, ASN33845 (SWISSGOV Swiss Federation represented by FOITT, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://feds.eiam.admin.ch/adfs/ls/

Response headers

X-Robots-Tag
noindex, nofollow
X-Content-Type-Options
nosniff
Expires
0
Date
Thu, 21 Nov 2024 01:13:18 GMT
Content-Type
image/x-icon
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified
Thu, 01 Jan 1970 00:00:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Connection
keep-alive
Referrer-Policy
origin-when-cross-origin
Accept-Ranges
bytes
Content-Length
5430
X-XSS-Protection
0
tailwind.css
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/
16 KB
17 KB
Stylesheet
General
Full URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/tailwind.css
Requested by
Host: chlogin.zd.eiam.admin.ch
URL: https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.23.135.239 , Switzerland, ASN33845 (SWISSGOV Swiss Federation represented by FOITT, CH),
Reverse DNS
Software
/
Resource Hash
d7e449025726d56f195f24818191ac50ba30a9b1dfa055677e948b75f0715003
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE

Response headers

Strict-Transport-Security
max-age=15552000
Cache-Control
must-revalidate
Connection
keep-alive
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Expires
Thu, 21 Nov 2024 01:26:00 GMT
content-length
16536
Date
Thu, 21 Nov 2024 01:13:19 GMT
Content-Type
text/css;charset=utf-8
X-Frame-Options
SAMEORIGIN
bundle.css
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/
107 KB
107 KB
Stylesheet
General
Full URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/bundle.css
Requested by
Host: chlogin.zd.eiam.admin.ch
URL: https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.23.135.239 , Switzerland, ASN33845 (SWISSGOV Swiss Federation represented by FOITT, CH),
Reverse DNS
Software
/
Resource Hash
e54f606eae2d997396c5c327044074aafc7680e2c08f2dd005dd739443154c0a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE

Response headers

Strict-Transport-Security
max-age=15552000
Cache-Control
must-revalidate
Connection
keep-alive
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Expires
Thu, 21 Nov 2024 01:26:00 GMT
content-length
109688
Date
Thu, 21 Nov 2024 01:13:19 GMT
Content-Type
text/css;charset=utf-8
X-Frame-Options
SAMEORIGIN
logo.svg
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/
20 KB
20 KB
Image
General
Full URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/logo.svg
Requested by
Host: chlogin.zd.eiam.admin.ch
URL: https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.23.135.239 , Switzerland, ASN33845 (SWISSGOV Swiss Federation represented by FOITT, CH),
Reverse DNS
Software
/
Resource Hash
5b2d5173ce66b240b29d22f73f51753f5ca265c1b546fc9177ce4e8ee135995b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE

Response headers

Strict-Transport-Security
max-age=15552000
Cache-Control
must-revalidate
Connection
keep-alive
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Expires
Thu, 21 Nov 2024 01:26:00 GMT
content-length
20519
Date
Thu, 21 Nov 2024 01:13:19 GMT
Content-Type
image/svg+xml;charset=utf-8
X-Frame-Options
SAMEORIGIN
CH-Login.svg
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/
68 KB
68 KB
Image
General
Full URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/CH-Login.svg
Requested by
Host: chlogin.zd.eiam.admin.ch
URL: https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.23.135.239 , Switzerland, ASN33845 (SWISSGOV Swiss Federation represented by FOITT, CH),
Reverse DNS
Software
/
Resource Hash
dc7de1b15a7ee116d0d140bef84b878472bc6ee57be8b4d64c78ec0aee26d6e8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE

Response headers

Strict-Transport-Security
max-age=15552000
Cache-Control
must-revalidate
Connection
keep-alive
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Expires
Thu, 21 Nov 2024 01:26:00 GMT
content-length
69653
Date
Thu, 21 Nov 2024 01:13:19 GMT
Content-Type
image/svg+xml;charset=utf-8
X-Frame-Options
SAMEORIGIN
enterprise.js
www.google.com/recaptcha/
2 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LekwW0mAAAAAND2i9GXfc6fZBflwHLS0RRahrfR
Requested by
Host: chlogin.zd.eiam.admin.ch
URL: https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
ESF /
Resource Hash
3273067c969ead4d01f048474d295592669bfc0c2ef8a0b6a3881adb0dc49d5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://chlogin.zd.eiam.admin.ch/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 01:13:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 21 Nov 2024 01:13:19 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
footer-login.svg
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/
19 KB
19 KB
Image
General
Full URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/footer-login.svg
Requested by
Host: chlogin.zd.eiam.admin.ch
URL: https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.23.135.239 , Switzerland, ASN33845 (SWISSGOV Swiss Federation represented by FOITT, CH),
Reverse DNS
Software
/
Resource Hash
02e8e967487a6358056cdffe50816f145ab25b09883807d4cdd34c5c5e7fa003
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE

Response headers

Strict-Transport-Security
max-age=15552000
Cache-Control
must-revalidate
Connection
keep-alive
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Expires
Thu, 21 Nov 2024 01:26:00 GMT
content-length
19571
Date
Thu, 21 Nov 2024 01:13:19 GMT
Content-Type
image/svg+xml;charset=utf-8
X-Frame-Options
SAMEORIGIN
bundle.js
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/
266 KB
267 KB
Script
General
Full URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/bundle.js
Requested by
Host: chlogin.zd.eiam.admin.ch
URL: https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.23.135.239 , Switzerland, ASN33845 (SWISSGOV Swiss Federation represented by FOITT, CH),
Reverse DNS
Software
/
Resource Hash
7d62138a75456798ff4ef72119a885a28549892776af08168833e48cb99ca11b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://chlogin.zd.eiam.admin.ch/auth/saml2/sso/IDP-PRIVATE

Response headers

Strict-Transport-Security
max-age=15552000
Cache-Control
must-revalidate
Connection
keep-alive
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Expires
Thu, 21 Nov 2024 01:14:16 GMT
content-length
272586
Date
Thu, 21 Nov 2024 01:13:19 GMT
Content-Type
application/javascript;charset=utf-8
X-Frame-Options
SAMEORIGIN
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/
0
0

b1bd3d1473d4178b0cfe.woff
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/
0
0

6f4a128e881cb1ea0dc1.woff
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/
0
0

1915080092b357172b50.woff
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/
0
0

24a6611c28f373a0e1d7.ttf
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/
0
0

Button_AGOVLogin.svg
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/
0
0

Button_EDALogin.svg
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/
0
0

Button_eduIdLogin.svg
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/
0
0

Button_BELogin.svg
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/
0
0

Button_GELogin.svg
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/
0
0

Button_SHLogin.svg
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/
0
0

Button_EZugLogin.svg
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/
0
0

Button_ZGLogin.svg
chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.gstatic.com
URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de_ch.js
Domain
chlogin.zd.eiam.admin.ch
URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/b1bd3d1473d4178b0cfe.woff
Domain
chlogin.zd.eiam.admin.ch
URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/6f4a128e881cb1ea0dc1.woff
Domain
chlogin.zd.eiam.admin.ch
URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/1915080092b357172b50.woff
Domain
chlogin.zd.eiam.admin.ch
URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/24a6611c28f373a0e1d7.ttf
Domain
chlogin.zd.eiam.admin.ch
URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/Button_AGOVLogin.svg
Domain
chlogin.zd.eiam.admin.ch
URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/Button_EDALogin.svg
Domain
chlogin.zd.eiam.admin.ch
URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/Button_eduIdLogin.svg
Domain
chlogin.zd.eiam.admin.ch
URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/Button_BELogin.svg
Domain
chlogin.zd.eiam.admin.ch
URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/Button_GELogin.svg
Domain
chlogin.zd.eiam.admin.ch
URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/Button_SHLogin.svg
Domain
chlogin.zd.eiam.admin.ch
URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/Button_EZugLogin.svg
Domain
chlogin.zd.eiam.admin.ch
URL
https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/images/Button_ZGLogin.svg

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| emailCaptcha function| addButton object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| displayToast object| languageDropdown function| toggleNav function| toggleHelpBar function| closeHelpBarOnClickOutside function| toggleDescription

11 Cookies

Domain/Path Name / Value
prod-boreholes.swissgeol.ch/ Name: i18next
Value: en
ngm-prod.auth.eu-west-1.amazoncognito.com/ Name: XSRF-TOKEN
Value: 7c36637a-5ec7-4335-ad67-8bc800fddf36
ngm-prod.auth.eu-west-1.amazoncognito.com/ Name: csrf-state
Value: QQFtTjBEUdL0emWWzWDscO2NSo4jOUF34bt4gZe8KcE1Pt4YfuxIkgAOYVlG78ch9FiWDM_1VtzOxNk6hz2xYp0S_1YRrXKXolXF4CiYg7wkLriFAohBtdAOetSLockIalpmMc2RHGkh0rkoPkI_e6D2w6D4ELPyvRQl5m9N3-0
ngm-prod.auth.eu-west-1.amazoncognito.com/ Name: csrf-state-legacy
Value: QQFtTjBEUdL0emWWzWDscO2NSo4jOUF34bt4gZe8KcE1Pt4YfuxIkgAOYVlG78ch9FiWDM_1VtzOxNk6hz2xYp0S_1YRrXKXolXF4CiYg7wkLriFAohBtdAOetSLockIalpmMc2RHGkh0rkoPkI_e6D2w6D4ELPyvRQl5m9N3-0
sts001.swisstopo.admin.ch/ Name: p_route
Value: 1732151598.936.593.75692|9795e561a1062141152fa25c7eebbd09
sts001.swisstopo.admin.ch/ Name: NPSession
Value: 0016010a7a00BEJWY0mg6DP5wyarSoOKKWrUGjUDbRJI0iOlkmymmnARf5
sts001.swisstopo.admin.ch/ Name: TS013f8917
Value: 01f340e0fb8d00812c693380b1af8c412953005ba9512285a9cb8d868aa32c891d819b0f93f0423cd3f6032770ca3a556b0779d6a6
chlogin.zd.eiam.admin.ch/ Name: p_route
Value: 1732151599.966.56.545418|84b7623b6f1c26d0056920f281d5e510
.admin.ch/ Name: LANG
Value: de
chlogin.zd.eiam.admin.ch/ Name: Session_arm_sso_chlogin
Value: 0016010a7d02BT5GgjRVBlzxpqNBpJBmMMrNQRMGXCuRO2HZAwc50TAWiA
chlogin.zd.eiam.admin.ch/ Name: cookiesession1
Value: 678A3F12A39D94018EAC0AFDF7C6FA05

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chlogin.zd.eiam.admin.ch
cognito-idp.eu-west-1.amazonaws.com
feds.eiam.admin.ch
fonts.googleapis.com
ngm-prod.auth.eu-west-1.amazoncognito.com
prod-boreholes.swissgeol.ch
sts001.swisstopo.admin.ch
www.google.com
www.gstatic.com
chlogin.zd.eiam.admin.ch
www.gstatic.com
142.250.185.132
162.23.128.22
162.23.135.239
162.23.136.147
2600:9000:2057:9a00:9:2019:2b40:93a1
2a00:1450:4001:81d::200a
2a05:d018:478:8a02:6235:1f5c:61a1:9cbc
2a05:d018:478:8a02:69f2:87ba:eee5:6bac
02e8e967487a6358056cdffe50816f145ab25b09883807d4cdd34c5c5e7fa003
0919ff36779eef85fa50af4b94fb2d496a765612b7c5edd31ba69ea1f4136736
1d80452692db05bfdc2a5fbf6f4ab8bb3e1e9bf9d212ca2bf11c061e75df7fe1
3273067c969ead4d01f048474d295592669bfc0c2ef8a0b6a3881adb0dc49d5c
35f9dae018fe2eb7965c040ca9f93a86b7dec291adba9921dfd5153dd0eadb0d
3b28144e3744cf76daeebc1dc6e9ca02c259eef50593c2ce58e0543aefaf3628
41c935f66b1037f7b05fbbdab56184d65f0bcae6886014ba3caa5ba823f46982
5b2d5173ce66b240b29d22f73f51753f5ca265c1b546fc9177ce4e8ee135995b
6bcc1b50c162751ef426302484c2c098900d9b3c9bc04f089e10dd0378e45e24
7d62138a75456798ff4ef72119a885a28549892776af08168833e48cb99ca11b
a6622f225919392a1d1c754093de6a60cd425c4149e3597d7e2daebf1c957194
d342758a05dc6ca1d03b93168b75f948f1fc169a84f9eb432c4fae2e4db8d25b
d52a5150edb54fde546e89151c657cbc4f83edb87452f5cd4662feaa006d5540
d7e449025726d56f195f24818191ac50ba30a9b1dfa055677e948b75f0715003
dc7de1b15a7ee116d0d140bef84b878472bc6ee57be8b4d64c78ec0aee26d6e8
ddff17d0667277ac73d368c2c6409631f7e0fd22c045ba6d6d929f8ddc57f48a
e54f606eae2d997396c5c327044074aafc7680e2c08f2dd005dd739443154c0a