hpss3.swisstph-mis.ch Open in urlscan Pro
89.145.161.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hpss3.swisstph-mis.ch/
Effective URL:
https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action
Submission: On February 25 via automatic, source certstream-suspicious (February 25th 2023, 4:12:14 am UTC) — Scanned from DE

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 89.145.161.188, located in Frankfurt am Main, Germany and belongs to EXOSCALE, CH. The main domain is hpss3.swisstph-mis.ch.
TLS certificate: Issued by R3 on February 25th 2023. Valid for: 3 months.

This is the only time hpss3.swisstph-mis.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3 12	89.145.161.188 89.145.161.188		61098 (EXOSCALE) (EXOSCALE)
9	1

12 89.145.161.188 (Frankfurt am Main, Germany) 3 redirects

ASN61098 (EXOSCALE, CH)

hpss3.swisstph-mis.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	swisstph-mis.ch 3 redirects hpss3.swisstph-mis.ch	75 KB
9	1

	Domain	Requested by
12	hpss3.swisstph-mis.ch	3 redirects hpss3.swisstph-mis.ch
9	1

This site contains links to these domains. Also see Links.

Domain
www.dhis2.org

Subject Issuer	Validity	Valid
hpss3.swisstph-mis.ch R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action
Frame ID: 42276115DE4D1816524038E1F9463B6D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DHIS 2

Page URL History Show full URLs

https://hpss3.swisstph-mis.ch/ HTTP 302
http://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action HTTP 301
https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

74 kB
Transfer

149 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.dhis2.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hpss3.swisstph-mis.ch/ HTTP 302
http://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action HTTP 301
https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://hpss3.swisstph-mis.ch/api/staticContent/logo_front HTTP 302
https://hpss3.swisstph-mis.ch/dhis-web-commons/security/logo_front.png

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request login.action Show response
hpss3.swisstph-mis.ch/dhis-web-commons/security/
Redirect Chain

https://hpss3.swisstph-mis.ch/
http://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action
https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action

6 KB
2 KB

54ms
54ms

Document
text/html

89.145.161.188
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

89.145.161.188 Frankfurt am Main, Germany, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

36e253b122669639de4d930348277a1ebe1f9fe868b72645fb2804c4dd524beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Type: text/html;charset=UTF-8
Date: Sat, 25 Feb 2023 04:12:09 GMT
Login-Page: true
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN DENY
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Sat, 25 Feb 2023 04:12:09 GMT
Location: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200 jquery.min.js Show response
hpss3.swisstph-mis.ch/dhis-web-commons/javascripts/jQuery/ 93 KB
38 KB 93ms
93ms Script
application/javascript 89.145.161.188
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://hpss3.swisstph-mis.ch/dhis-web-commons/javascripts/jQuery/jquery.min.js

Requested by

Host: hpss3.swisstph-mis.ch
URL: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

89.145.161.188 Frankfurt am Main, Germany, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

313204c97a19290bfb9c6fd2122d3c0da6a6197fafa1f83113201369e019bbe0

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 04:12:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 14:05:14 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"95305-1659967514000"
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: application/javascript;charset=UTF-8
Connection: keep-alive

GET
H/1.1 200 login.js Show response
hpss3.swisstph-mis.ch/dhis-web-commons/javascripts/ 3 KB
1 KB 48ms
47ms Script
application/javascript 89.145.161.188
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://hpss3.swisstph-mis.ch/dhis-web-commons/javascripts/login.js

Requested by

Host: hpss3.swisstph-mis.ch
URL: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

89.145.161.188 Frankfurt am Main, Germany, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

aa0d36155b3897b33253a8f13ff8be0df0502fb43c674c1daa86c1ab0f559930

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 04:12:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 14:05:14 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"2830-1659967514000"
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: application/javascript;charset=UTF-8
Connection: keep-alive

GET
H/1.1 200 widgets.css
hpss3.swisstph-mis.ch/dhis-web-commons/css/ 18 KB
4 KB 95ms
45ms Stylesheet
text/css 89.145.161.188
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://hpss3.swisstph-mis.ch/dhis-web-commons/css/widgets.css

Requested by

Host: hpss3.swisstph-mis.ch
URL: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

89.145.161.188 Frankfurt am Main, Germany, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

32727dfc878d62f1462fb03e278a6b5462b6505aab52fb0f05a2ddb6caac88cf

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 04:12:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 14:05:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"18658-1659967512000"
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: text/css;charset=UTF-8
Connection: keep-alive

GET
H/1.1 200 login.css
hpss3.swisstph-mis.ch/dhis-web-commons/css/ 4 KB
2 KB 138ms
47ms Stylesheet
text/css 89.145.161.188
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://hpss3.swisstph-mis.ch/dhis-web-commons/css/login.css

Requested by

Host: hpss3.swisstph-mis.ch
URL: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

89.145.161.188 Frankfurt am Main, Germany, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

11bd20e72aa28bbc3f08c405c4b6fdc89c5eb82ddcfed7492642cd9b019451d6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 04:12:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 14:05:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"4121-1659967512000"
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: text/css;charset=UTF-8
Connection: keep-alive

GET
H/1.1 200 external
hpss3.swisstph-mis.ch/api/files/style/ 0
272 B 139ms
46ms Stylesheet
text/css 89.145.161.188
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://hpss3.swisstph-mis.ch/api/files/style/external

Requested by

Host: hpss3.swisstph-mis.ch
URL: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

89.145.161.188 Frankfurt am Main, Germany, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 04:12:09 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "0d41d8cd98f00b204e9800998ecf8427e"
X-Frame-Options: DENY
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=1209600, public
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200 dhis2.png
hpss3.swisstph-mis.ch/dhis-web-commons/flags/ 2 KB
3 KB 46ms
45ms Image
image/png 89.145.161.188
EXOSCALE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hpss3.swisstph-mis.ch/dhis-web-commons/flags/dhis2.png

Requested by

Host: hpss3.swisstph-mis.ch
URL: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

89.145.161.188 Frankfurt am Main, Germany, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b2dffdeca6131e98a8c9b1a0bb554c938398cbc00ffd3aafb1d14c208149d885

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 04:12:10 GMT
Last-Modified: Mon, 08 Aug 2022 14:05:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"2396-1659967512000"
X-Frame-Options: DENY
Content-Type: image/png;charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2396

GET
H/1.1

200

logo_front.png
hpss3.swisstph-mis.ch/dhis-web-commons/security/
Redirect Chain

https://hpss3.swisstph-mis.ch/api/staticContent/logo_front
https://hpss3.swisstph-mis.ch/dhis-web-commons/security/logo_front.png

3 KB
3 KB

46ms
45ms

Image
image/png

89.145.161.188
EXOSCALE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hpss3.swisstph-mis.ch/dhis-web-commons/security/logo_front.png

Requested by

Host: hpss3.swisstph-mis.ch
URL: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action

Protocol

HTTP/1.1

Server

89.145.161.188 Frankfurt am Main, Germany, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

2683a916da0e876c1cb9e547632f436235c4f474d350d51b3ad4413df9eb00ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 04:12:10 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Aug 2022 14:05:14 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"3082-1659967514000"
X-Frame-Options: SAMEORIGIN, DENY
Content-Type: image/png;charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3082
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://hpss3.swisstph-mis.ch/dhis-web-commons/security/logo_front.png
Date: Sat, 25 Feb 2023 04:12:10 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 0
X-Frame-Options: DENY

GET
H/1.1 200 LiberationSans-Bold-webfont.woff
hpss3.swisstph-mis.ch/dhis-web-commons/fonts/ 20 KB
21 KB 46ms
45ms Font
font/woff 89.145.161.188
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://hpss3.swisstph-mis.ch/dhis-web-commons/fonts/LiberationSans-Bold-webfont.woff

Requested by

Host: hpss3.swisstph-mis.ch
URL: https://hpss3.swisstph-mis.ch/dhis-web-commons/css/login.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

89.145.161.188 Frankfurt am Main, Germany, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3f9737f327d2140e60dd11277254dc2925a3995d5001e1a825c23215d5abcf2f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://hpss3.swisstph-mis.ch/dhis-web-commons/css/login.css
Origin: https://hpss3.swisstph-mis.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 04:12:10 GMT
Last-Modified: Mon, 08 Aug 2022 14:05:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"20808-1659967512000"
X-Frame-Options: DENY
Content-Type: font/woff;charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20808

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery object| login

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hpss3.swisstph-mis.ch/	1969-12-31 23:59:59	Name: JSESSIONID Value: 6C1524BBFDB3A496B957BFC5AC4951C3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hpss3.swisstph-mis.ch
89.145.161.188
11bd20e72aa28bbc3f08c405c4b6fdc89c5eb82ddcfed7492642cd9b019451d6
2683a916da0e876c1cb9e547632f436235c4f474d350d51b3ad4413df9eb00ad
313204c97a19290bfb9c6fd2122d3c0da6a6197fafa1f83113201369e019bbe0
32727dfc878d62f1462fb03e278a6b5462b6505aab52fb0f05a2ddb6caac88cf
36e253b122669639de4d930348277a1ebe1f9fe868b72645fb2804c4dd524beb
3f9737f327d2140e60dd11277254dc2925a3995d5001e1a825c23215d5abcf2f
aa0d36155b3897b33253a8f13ff8be0df0502fb43c674c1daa86c1ab0f559930
b2dffdeca6131e98a8c9b1a0bb554c938398cbc00ffd3aafb1d14c208149d885
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

hpss3.swisstph-mis.ch Open in urlscan Pro 89.145.161.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

89 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

74 kBTransfer

149 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

hpss3.swisstph-mis.ch Open in urlscan Pro
89.145.161.188 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

74 kB
Transfer

149 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions