customer.xpd.se - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2001:16d8:beef:0:8cc5:97ff:fec7:db7f, located in Sweden and belongs to PORT80-GLOBALTRANSIT, SE. The main domain is customer.xpd.se.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 23rd 2018. Valid for: 2 years.

This is the only time customer.xpd.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
7	2001:16d8:bee... 2001:16d8:beef:0:8cc5:97ff:fec7:db7f		16150 (PORT80-GL...) (PORT80-GLOBALTRANSIT)
7	1

7 2001:16d8:beef:0:8cc5:97ff:fec7:db7f (Sweden)

ASN16150 (PORT80-GLOBALTRANSIT, SE)

customer.xpd.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	xpd.se customer.xpd.se	258 KB
7	1

	Domain	Requested by
7	customer.xpd.se	customer.xpd.se
7	1

This site contains no links.

Subject Issuer	Validity	Valid
xpd.se DigiCert SHA2 Extended Validation Server CA	`2018-08-23` - `2020-07-30`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://customer.xpd.se/
Frame ID: 9572BD88118E37A289D5C005185B0803
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

7
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

258 kB
Transfer

256 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
customer.xpd.se/ 3 KB
2 KB 2907ms
27ms Document
text/html 2001:16d8:beef:0:8cc5:97ff:fec7:db7f
PORT80-GLOBALTRANSIT

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.xpd.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:16d8:beef:0:8cc5:97ff:fec7:db7f , Sweden, ASN16150 (PORT80-GLOBALTRANSIT, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

5ee8c27f6be25eb3e765e125e3311e25863e70073ffd76359dbdfdbe6e881d6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: customer.xpd.se
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 30 Jun 2020 17:35:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: StoredSafe
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: none
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Content-Encoding: gzip

GET
H/1.1 200
OK login.css
customer.xpd.se/css/ 5 KB
6 KB 72ms
71ms Stylesheet
text/css 2001:16d8:beef:0:8cc5:97ff:fec7:db7f
PORT80-GLOBALTRANSIT

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.xpd.se/css/login.css?rand=1923

Requested by

Host: customer.xpd.se
URL: https://customer.xpd.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:16d8:beef:0:8cc5:97ff:fec7:db7f , Sweden, ASN16150 (PORT80-GLOBALTRANSIT, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

7f9039f27af9b6c3fb26422fcf500ebec66ab28a11569d4d2d4d6ce4bab30e26

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customer.xpd.se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 30 Jun 2020 17:35:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 06 Mar 2020 11:08:46 GMT
Server: StoredSafe
ETag: "5e622f3e-13f6"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-Permitted-Cross-Domain-Policies: master-only
Connection: keep-alive
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 5110
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK login.js Show response
customer.xpd.se/js/ 3 KB
4 KB 100ms
27ms Script
application/javascript 2001:16d8:beef:0:8cc5:97ff:fec7:db7f
PORT80-GLOBALTRANSIT

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.xpd.se/js/login.js

Requested by

Host: customer.xpd.se
URL: https://customer.xpd.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:16d8:beef:0:8cc5:97ff:fec7:db7f , Sweden, ASN16150 (PORT80-GLOBALTRANSIT, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

00551204527e54beaaddc1b0fa2399d318d58ecf757bc546fa0bd070811d65cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customer.xpd.se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 30 Jun 2020 17:35:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 06 Mar 2020 11:08:46 GMT
Server: StoredSafe
ETag: "5e622f3e-d0d"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-Permitted-Cross-Domain-Policies: master-only
Connection: keep-alive
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 3341
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logotype-storedsafe.png
customer.xpd.se/img/ 32 KB
32 KB 56ms
56ms Image
image/png 2001:16d8:beef:0:8cc5:97ff:fec7:db7f
PORT80-GLOBALTRANSIT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer.xpd.se/img/logotype-storedsafe.png

Requested by

Host: customer.xpd.se
URL: https://customer.xpd.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:16d8:beef:0:8cc5:97ff:fec7:db7f , Sweden, ASN16150 (PORT80-GLOBALTRANSIT, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

d0785fa2f7b9adbb01c30a0dbda327f6a9d5671192629d42e6f6b3f7ab27085b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customer.xpd.se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 30 Jun 2020 17:35:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 06 Mar 2020 11:08:46 GMT
Server: StoredSafe
ETag: "5e622f3e-7ef4"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: master-only
Connection: keep-alive
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 32500
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK background-light.png
customer.xpd.se/img/ 171 KB
172 KB 66ms
66ms Image
image/png 2001:16d8:beef:0:8cc5:97ff:fec7:db7f
PORT80-GLOBALTRANSIT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer.xpd.se/img/background-light.png

Requested by

Host: customer.xpd.se
URL: https://customer.xpd.se/js/login.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:16d8:beef:0:8cc5:97ff:fec7:db7f , Sweden, ASN16150 (PORT80-GLOBALTRANSIT, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

d42f30bdd1420589d990ff61ca1da9309a9126e09bbd395a09f5111ec29b27ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customer.xpd.se/css/login.css?rand=1923
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 30 Jun 2020 17:35:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 06 Mar 2020 11:08:46 GMT
Server: StoredSafe
ETag: "5e622f3e-2abae"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: master-only
Connection: keep-alive
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 175022
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK yubico.png
customer.xpd.se/img/ico/sys/ 19 KB
20 KB 50ms
28ms Image
image/png 2001:16d8:beef:0:8cc5:97ff:fec7:db7f
PORT80-GLOBALTRANSIT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer.xpd.se/img/ico/sys/yubico.png

Requested by

Host: customer.xpd.se
URL: https://customer.xpd.se/js/login.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:16d8:beef:0:8cc5:97ff:fec7:db7f , Sweden, ASN16150 (PORT80-GLOBALTRANSIT, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

db64ff38aa24a51f5e029a1b8466945eaa5ea9b5c90e19edf2dd8524a9a5c083

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customer.xpd.se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 30 Jun 2020 17:35:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 06 Mar 2020 11:08:46 GMT
Server: StoredSafe
ETag: "5e622f3e-4d43"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: master-only
Connection: keep-alive
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 19779
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK totp.png
customer.xpd.se/img/ico/sys/ 23 KB
23 KB 101ms
50ms Image
image/png 2001:16d8:beef:0:8cc5:97ff:fec7:db7f
PORT80-GLOBALTRANSIT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer.xpd.se/img/ico/sys/totp.png

Requested by

Host: customer.xpd.se
URL: https://customer.xpd.se/js/login.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:16d8:beef:0:8cc5:97ff:fec7:db7f , Sweden, ASN16150 (PORT80-GLOBALTRANSIT, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

ca3c8da6d52545c3efa76e22ebd80312597f985df4239cfd214927a56f983dcf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customer.xpd.se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 30 Jun 2020 17:35:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 06 Mar 2020 11:08:46 GMT
Server: StoredSafe
ETag: "5e622f3e-5a07"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: master-only
Connection: keep-alive
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 23047
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

customer.xpd.se
2001:16d8:beef:0:8cc5:97ff:fec7:db7f
00551204527e54beaaddc1b0fa2399d318d58ecf757bc546fa0bd070811d65cb
5ee8c27f6be25eb3e765e125e3311e25863e70073ffd76359dbdfdbe6e881d6f
7f9039f27af9b6c3fb26422fcf500ebec66ab28a11569d4d2d4d6ce4bab30e26
ca3c8da6d52545c3efa76e22ebd80312597f985df4239cfd214927a56f983dcf
d0785fa2f7b9adbb01c30a0dbda327f6a9d5671192629d42e6f6b3f7ab27085b
d42f30bdd1420589d990ff61ca1da9309a9126e09bbd395a09f5111ec29b27ef
db64ff38aa24a51f5e029a1b8466945eaa5ea9b5c90e19edf2dd8524a9a5c083

customer.xpd.se Open in urlscan Pro 2001:16d8:beef:0:8cc5:97ff:fec7:db7f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

7 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

258 kBTransfer

256 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

customer.xpd.se Open in urlscan Pro
2001:16d8:beef:0:8cc5:97ff:fec7:db7f Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

258 kB
Transfer

256 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions