Submitted URL: https://portal.withsecure.com/
Effective URL: https://login.withsecure.com/u/login?state=hKFo2SA1aFI0bV92V3hkbHNrWFRuN2xlVTZFRkpoWTk4YU5yeaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE...
Submission: On January 20 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6810:605e, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.withsecure.com.
TLS certificate: Issued by R3 on January 13th 2023. Valid for: 3 months.
This is the only time login.withsecure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 176.34.199.153 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 143.204.207.119 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 65.9.66.92 16509 (AMAZON-02)
14 6
Apex Domain
Subdomains
Transfer
10 withsecure.com
portal.withsecure.com
login.withsecure.com Failed
www.withsecure.com
2 MB
2 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 8614
56 KB
1 f-secure.com
static.accounts-emea.f-secure.com
110 KB
14 3
Domain Requested by
7 portal.withsecure.com portal.withsecure.com
2 cdn.auth0.com login.withsecure.com
2 login.withsecure.com portal.withsecure.com
1 static.accounts-emea.f-secure.com login.withsecure.com
1 www.withsecure.com login.withsecure.com
14 5

This site contains links to these domains. Also see Links.

Domain
www.f-secure.com
Subject Issuer Validity Valid
portal.int.gbl.oneid-prd.fsxt.net
Amazon RSA 2048 M02
2023-01-20 -
2024-02-18
a year crt.sh
login.withsecure.com
R3
2023-01-13 -
2023-04-13
3 months crt.sh
*.auth0.com
Amazon
2022-03-26 -
2023-04-24
a year crt.sh
withsecure.com
DigiCert SHA2 Extended Validation Server CA
2022-09-13 -
2023-09-16
a year crt.sh
static.accounts.f-secure.com
Amazon
2022-03-15 -
2023-04-13
a year crt.sh

This page contains 1 frames:

Primary Page: https://login.withsecure.com/u/login?state=hKFo2SA1aFI0bV92V3hkbHNrWFRuN2xlVTZFRkpoWTk4YU5yeaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1TaW01RFBKclZLV280dndheFhidHR4V2N4WWt0Y29qo2NpZNkgY2ZnVkh0TWRJMWdLT2YwVEtIc0dlY2hNUDBJakt2eG4
Frame ID: D1985FF10612EFBB5A196E35DFD0DF37
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

OneID

Page URL History Show full URLs

  1. https://portal.withsecure.com/ Page URL
  2. https://login.withsecure.com/authorize?audience=cfgVHtMdI1gKOf0TKHsGechMP0IjKvxn&scope=openid%20profile%2... HTTP 302
    https://login.withsecure.com/u/login?state=hKFo2SA1aFI0bV92V3hkbHNrWFRuN2xlVTZFRkpoWTk4YU5yeaFur3VuaXZlcn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/

Page Statistics

14
Requests

86 %
HTTPS

40 %
IPv6

3
Domains

5
Subdomains

6
IPs

3
Countries

2164 kB
Transfer

2339 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://portal.withsecure.com/ Page URL
  2. https://login.withsecure.com/authorize?audience=cfgVHtMdI1gKOf0TKHsGechMP0IjKvxn&scope=openid%20profile%20email%20portal%3Adelete%3Amfa%20portal%3Aput%3Apassword%20portal%3Aput%20portal%3Awrite%20portal%3Aget%20portal%3Aput%3Amfa%20offline_access&client_id=cfgVHtMdI1gKOf0TKHsGechMP0IjKvxn&redirect_uri=https%3A%2F%2Fportal.withsecure.com%2Fedit&response_type=code&response_mode=query&state=ZTVMaC5MTkE5VTM5YUFwdlBDQklVYk1Md1FaX1lsZkVpNDRwbzN2Rk5MRw%3D%3D&nonce=NFh4dDY3fnhINGo0Y1VsNExCSk1scm9BVld3NVBzd092SVEyS2YyZ2tZRw%3D%3D&code_challenge=uwanYNsXP7k62hFBxJQkdYoUrwTWY-3aIf-CixoPc5M&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D HTTP 302
    https://login.withsecure.com/u/login?state=hKFo2SA1aFI0bV92V3hkbHNrWFRuN2xlVTZFRkpoWTk4YU5yeaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1TaW01RFBKclZLV280dndheFhidHR4V2N4WWt0Y29qo2NpZNkgY2ZnVkh0TWRJMWdLT2YwVEtIc0dlY2hNUDBJakt2eG4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
portal.withsecure.com/
664 B
1002 B
Document
General
Full URL
https://portal.withsecure.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.199.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-199-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3a147925e896f8f103302aea4a6a67a7bc83b072d86201e13b73953ecac3b55c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-language
de-DE
content-length
664
content-type
text/html
date
Fri, 20 Jan 2023 07:34:09 GMT
expires
0
last-modified
Tue, 17 Jan 2023 07:26:51 GMT
pragma
no-cache
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
main.a61b9404.js
portal.withsecure.com/static/js/
2 MB
2 MB
Script
General
Full URL
https://portal.withsecure.com/static/js/main.a61b9404.js
Requested by
Host: portal.withsecure.com
URL: https://portal.withsecure.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.199.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-199-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
eadd806a478334683863598a4ef6f7e71da35a41a7c9628dad6506830426b13d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:34:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Jan 2023 07:26:51 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
1604729
x-xss-protection
1; mode=block
expires
0
main.12a6e989.css
portal.withsecure.com/static/css/
879 B
1 KB
Stylesheet
General
Full URL
https://portal.withsecure.com/static/css/main.12a6e989.css
Requested by
Host: portal.withsecure.com
URL: https://portal.withsecure.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.199.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-199-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a88e9c89a3b532099c272e8c35054136ef87c7faa9f9727374dbcc119ac59107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:34:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Jan 2023 07:26:51 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
text/css
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
879
x-xss-protection
1; mode=block
expires
0
background_rebranded.b0a18786d9cad436f4ad.jpeg
portal.withsecure.com/static/media/
271 KB
272 KB
Image
General
Full URL
https://portal.withsecure.com/static/media/background_rebranded.b0a18786d9cad436f4ad.jpeg
Requested by
Host: portal.withsecure.com
URL: https://portal.withsecure.com/static/css/main.12a6e989.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.199.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-199-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
730c8f4d8e558124ad73082f6c67a493ca18052d3bf79cde7337d0144a9f418f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.withsecure.com/static/css/main.12a6e989.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:34:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Jan 2023 07:26:51 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/jpeg
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
277542
x-xss-protection
1; mode=block
expires
0
translation.json
portal.withsecure.com/assets/locales/en-US/
664 B
0
Fetch
General
Full URL
https://portal.withsecure.com/assets/locales/en-US/translation.json
Requested by
Host: portal.withsecure.com
URL: https://portal.withsecure.com/static/js/main.a61b9404.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.199.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-199-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:34:09 GMT
x-content-type-options
nosniff
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
text/html
content-language
de-DE
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
664
x-xss-protection
1; mode=block
expires
0
translation.json
portal.withsecure.com/assets/locales/en/
3 KB
3 KB
Fetch
General
Full URL
https://portal.withsecure.com/assets/locales/en/translation.json
Requested by
Host: portal.withsecure.com
URL: https://portal.withsecure.com/static/js/main.a61b9404.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.199.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-199-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:34:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Jan 2023 07:26:51 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
3125
x-xss-protection
1; mode=block
expires
0
frontend-configs
portal.withsecure.com/api/v1/
306 B
574 B
XHR
General
Full URL
https://portal.withsecure.com/api/v1/frontend-configs
Requested by
Host: portal.withsecure.com
URL: https://portal.withsecure.com/static/js/main.a61b9404.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.199.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-199-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://portal.withsecure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 07:34:09 GMT
x-content-type-options
nosniff
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
1; mode=block
expires
0
76297427-406f-43f8-8ee1-54bca6799387
https://portal.withsecure.com/
5 KB
0
Other
General
Full URL
blob:https://portal.withsecure.com/76297427-406f-43f8-8ee1-54bca6799387
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length
5040
Content-Type
application/javascript
authorize
login.withsecure.com/
0
0

Primary Request login
login.withsecure.com/u/
Redirect Chain
  • https://login.withsecure.com/authorize?audience=cfgVHtMdI1gKOf0TKHsGechMP0IjKvxn&scope=openid%20profile%20email%20portal%3Adelete%3Amfa%20portal%3Aput%3Apassword%20portal%3Aput%20portal%3Awrite%20p...
  • https://login.withsecure.com/u/login?state=hKFo2SA1aFI0bV92V3hkbHNrWFRuN2xlVTZFRkpoWTk4YU5yeaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1TaW01RFBKclZLV280dndheFhidHR4V2N4WWt0Y29qo2NpZNkgY2ZnVkh0TWRJMWdLT2YwVE...
17 KB
17 KB
Document
General
Full URL
https://login.withsecure.com/u/login?state=hKFo2SA1aFI0bV92V3hkbHNrWFRuN2xlVTZFRkpoWTk4YU5yeaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1TaW01RFBKclZLV280dndheFhidHR4V2N4WWt0Y29qo2NpZNkgY2ZnVkh0TWRJMWdLT2YwVEtIc0dlY2hNUDBJakt2eG4
Requested by
Host: portal.withsecure.com
URL: https://portal.withsecure.com/static/js/main.a61b9404.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:605e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20acabc59fa13a5718167077bd2ae59ef4f1d71a0bbc1ee6facede7f71a10f48
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.withsecure.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
78c620486eb5697f-FRA
content-language
de
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Fri, 20 Jan 2023 07:34:10 GMT
etag
W/"4261-54oCP5hPtY1WzMXnCQh77YLuzqg"
expires
Fri, 20 Jan 2023 07:34:10 GMT
ot-baggage-auth0-request-id
78c620486eb5697f
ot-tracer-sampled
true
ot-tracer-spanid
6251c4c41e923686
ot-tracer-traceid
3f730fdc3fb4f7f9
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-00000000000000003f730fdc3fb4f7f9-6251c4c41e923686-01
tracestate
auth0-request-id=78c620486eb5697f,auth0=true
vary
Accept-Encoding
x-auth0-requestid
753eaac4e2905c84f9c4
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1674200057
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
78c62046cc2a697f-FRA
content-length
424
content-type
text/html; charset=utf-8
date
Fri, 20 Jan 2023 07:34:09 GMT
location
/u/login?state=hKFo2SA1aFI0bV92V3hkbHNrWFRuN2xlVTZFRkpoWTk4YU5yeaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1TaW01RFBKclZLV280dndheFhidHR4V2N4WWt0Y29qo2NpZNkgY2ZnVkh0TWRJMWdLT2YwVEtIc0dlY2hNUDBJakt2eG4
ot-baggage-auth0-request-id
78c62046cc2a697f
ot-tracer-sampled
true
ot-tracer-spanid
0aca141c35e52a1b
ot-tracer-traceid
373790fc33c78d4f
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-0000000000000000373790fc33c78d4f-0aca141c35e52a1b-01
tracestate
auth0-request-id=78c62046cc2a697f,auth0=true
vary
Accept, Accept-Encoding
x-auth0-requestid
d445391033b944970b3a
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1674200050
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.65.15/css/
228 KB
54 KB
Stylesheet
General
Full URL
https://cdn.auth0.com/ulp/react-components/1.65.15/css/main.cdn.min.css
Requested by
Host: login.withsecure.com
URL: https://login.withsecure.com/u/login?state=hKFo2SA1aFI0bV92V3hkbHNrWFRuN2xlVTZFRkpoWTk4YU5yeaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1TaW01RFBKclZLV280dndheFhidHR4V2N4WWt0Y29qo2NpZNkgY2ZnVkh0TWRJMWdLT2YwVEtIc0dlY2hNUDBJakt2eG4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-119.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fc09d0c8fdd4884dde3628f1474a1141324cb00f5148a62bdb150daa35e9459

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 20:29:50 GMT
x-amz-version-id
NHJsLrGaKAvY0K2g3kXBsiQtoSvyRv3T
content-encoding
gzip
last-modified
Wed, 18 Jan 2023 17:49:00 GMT
server
AmazonS3
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"baedacc5e14e1213953c658829e1ab45"
age
39861
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=2628000,public
x-amz-replication-status
FAILED
x-amz-cf-id
4vsL6eScT9leqA2aBm3Xaonkc59G6eUBA_-kpGdeweBqZ2DiVor5Kg==
badge.png
cdn.auth0.com/styleguide/components/1.0.8/media/logos/img/
2 KB
2 KB
Image
General
Full URL
https://cdn.auth0.com/styleguide/components/1.0.8/media/logos/img/badge.png
Requested by
Host: login.withsecure.com
URL: https://login.withsecure.com/u/login?state=hKFo2SA1aFI0bV92V3hkbHNrWFRuN2xlVTZFRkpoWTk4YU5yeaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1TaW01RFBKclZLV280dndheFhidHR4V2N4WWt0Y29qo2NpZNkgY2ZnVkh0TWRJMWdLT2YwVEtIc0dlY2hNUDBJakt2eG4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-119.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33fb88f606a3f32f2f218df25dcc69283d9a555a0f8e253f2092f3af53404c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
CghttMoXpqZBzj9pIZwTb7OuGonBat5c
date
Fri, 20 Jan 2023 05:35:29 GMT
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
22858
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
1591
last-modified
Thu, 04 May 2017 21:37:11 GMT
server
AmazonS3
etag
"e3842ac36d4fbd8d4e31a39999c0eba6"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2628000,public
accept-ranges
bytes
x-amz-cf-id
c1TA2hzgAVsJbH_4EIXdX8vakYszvICvhEsyFaq3WlGYvvO6eo4Oag==
blue-clouds-1.webp
www.withsecure.com/etc.clientlibs/f-secure/clientlibs/backgroundgradient/resources/fallback/
134 KB
134 KB
Image
General
Full URL
https://www.withsecure.com/etc.clientlibs/f-secure/clientlibs/backgroundgradient/resources/fallback/blue-clouds-1.webp
Requested by
Host: login.withsecure.com
URL: https://login.withsecure.com/u/login?state=hKFo2SA1aFI0bV92V3hkbHNrWFRuN2xlVTZFRkpoWTk4YU5yeaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1TaW01RFBKclZLV280dndheFhidHR4V2N4WWt0Y29qo2NpZNkgY2ZnVkh0TWRJMWdLT2YwVEtIc0dlY2hNUDBJakt2eG4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:14::1724:a251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3d605e246a84d693df639cff5cc85e6e95ae538840b0cd470c06f10cec263428
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.f-secure.com/

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-dispatcher
dispatcher2euwest1
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 07:34:10 GMT
last-modified
Wed, 22 Jun 2022 08:10:54 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-vhost
publish
x-frame-options
ALLOW-FROM https://www.f-secure.com/
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
136841
truncated
/
650 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin
https://login.withsecure.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
product-logo.png
static.accounts-emea.f-secure.com/ux/withsecure/images/
110 KB
110 KB
Image
General
Full URL
https://static.accounts-emea.f-secure.com/ux/withsecure/images/product-logo.png
Requested by
Host: login.withsecure.com
URL: https://login.withsecure.com/u/login?state=hKFo2SA1aFI0bV92V3hkbHNrWFRuN2xlVTZFRkpoWTk4YU5yeaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE1TaW01RFBKclZLV280dndheFhidHR4V2N4WWt0Y29qo2NpZNkgY2ZnVkh0TWRJMWdLT2YwVEtIc0dlY2hNUDBJakt2eG4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-92.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
65a2af79bbd726bcbff559a9bb2eb644e275020cceb242c0b41ddae63789494b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 07:26:10 GMT
Via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
Last-Modified
Fri, 13 Jan 2023 09:25:00 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
Age
947
ETag
"7f1d57ec901849746f97d792d458fab1"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
112628
X-Amz-Cf-Id
rm0GvqQS8ClU-v99x4HypE7hmdilmUoOmhl30b8uR72vqaXqRRHHsw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.withsecure.com
URL
https://login.withsecure.com/authorize?audience=cfgVHtMdI1gKOf0TKHsGechMP0IjKvxn&scope=openid%20profile%20email%20portal%3Adelete%3Amfa%20portal%3Aput%3Apassword%20portal%3Aput%20portal%3Awrite%20portal%3Aget%20portal%3Aput%3Amfa%20offline_access&client_id=cfgVHtMdI1gKOf0TKHsGechMP0IjKvxn&redirect_uri=https%3A%2F%2Fportal.withsecure.com%2Fedit&response_type=code&response_mode=query&state=LXBnOE1hcn5XNTZRaGdzVmNYV2xySWgwbFJMM3RFbmdDUUFKeUNBeU1ETA%3D%3D&nonce=dUhEWEtsOHA0UjEtRVNJRzl5MWhFZ1lqMnVtVmt0R2JJZVM4TjR1WHVxZQ%3D%3D&code_challenge=Glk4pMn6vLlwhEFAQZ3GtsBbxXlzzCZbNq9tU-Tsui4&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| updateValue function| utf8_to_b64 function| base64RemovePadding

5 Cookies

Domain/Path Name / Value
login.withsecure.com/ Name: did
Value: s%3Av0%3Ad413c2c0-9894-11ed-86b1-551778620e79.xfT08BVCE6aXDuGv55kPSZAIe%2BfWRYr%2BpQp0ABoJ8nA
login.withsecure.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQBI_e-8gf_raP_Icp7yoY9KsYPXrpUHxjXtgY_VrBuidWVFeqCm1WMD-HG2TwfjD8hrjcav_v47P9DKoeCKZLqGmY29va2llg6dleHBpcmVz1__kpLcAY844ca5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Ch5WuqtwmGLCOfRFvcvoQQDrkpYE0UceLFrDJb03a%2BA
login.withsecure.com/ Name: did_compat
Value: s%3Av0%3Ad413c2c0-9894-11ed-86b1-551778620e79.xfT08BVCE6aXDuGv55kPSZAIe%2BfWRYr%2BpQp0ABoJ8nA
login.withsecure.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQBI_e-8gf_raP_Icp7yoY9KsYPXrpUHxjXtgY_VrBuidWVFeqCm1WMD-HG2TwfjD8hrjcav_v47P9DKoeCKZLqGmY29va2llg6dleHBpcmVz1__kpLcAY844ca5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Ch5WuqtwmGLCOfRFvcvoQQDrkpYE0UceLFrDJb03a%2BA
.login.withsecure.com/ Name: __cf_bm
Value: UfwvfNmmgSiR292JJ.hq9_QypXplHIYD8ZZ.rWObvS8-1674200049-0-AUo0SPWkR9NlHa8oi2bIaC3yK/IR8nmJFEtwjN0BARMdpW0qHl+wPdW8oLtfl3mBnj9JeL6820SmW0cyIX5SnCY=

1 Console Messages

Source Level URL
Text
network error URL: https://portal.withsecure.com/assets/locales/en-US/translation.json
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block