URL: https://covid2022.segurosbupa.cl/
Submission: On June 14 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 6 HTTP transactions. The main IP is 20.226.106.253, located in Campinas, Brazil and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is covid2022.segurosbupa.cl.
TLS certificate: Issued by R3 on June 14th 2022. Valid for: 3 months.
This is the only time covid2022.segurosbupa.cl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 20.226.106.253 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 5
Apex Domain
Subdomains
Transfer
2 segurosbupa.cl
covid2022.segurosbupa.cl
11 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
39 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 444
24 KB
0 Failed
function sub() { [native code] }. Failed
6 5
Domain Requested by
2 covid2022.segurosbupa.cl covid2022.segurosbupa.cl
1 www.googletagmanager.com covid2022.segurosbupa.cl
1 fonts.googleapis.com covid2022.segurosbupa.cl
1 cdn.jsdelivr.net covid2022.segurosbupa.cl
0 20.226.106.253 Failed covid2022.segurosbupa.cl
6 5

This site contains no links.

Subject Issuer Validity Valid
covid2022.segurosbupa.cl
R3
2022-06-14 -
2022-09-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh

This page contains 1 frames:

Frame: http://20.226.106.253:8080/router.php
Frame ID: 341C970437C0F31EB0ECA15F7AECA971
Requests: 6 HTTP requests in this frame

Screenshot


Page Statistics

6
Requests

83 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

76 kB
Transfer

269 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
covid2022.segurosbupa.cl/
1 KB
1 KB
Document
General
Full URL
https://covid2022.segurosbupa.cl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.226.106.253 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
285b292619135e83fbeaa298756223c6be00be46acf430821d6b0c948330afd2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
1141
content-type
text/html
date
Tue, 14 Jun 2022 19:02:17 GMT
etag
"3c1588d8780d81:0"
last-modified
Tue, 14 Jun 2022 16:00:19 GMT
server
Microsoft-IIS/10.0
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/css/bootstrap.min.css
Requested by
Host: covid2022.segurosbupa.cl
URL: https://covid2022.segurosbupa.cl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
847280dddfc7b6d0bc396dd2974f775bc0e866e7611c90e3fbe919628e8c2f30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://covid2022.segurosbupa.cl/
Origin
https://covid2022.segurosbupa.cl
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 19:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7378825
x-jsd-version
5.0.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19126-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"25fef-PDndyutgvrSms9Gt5O+JOaWK1Zo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52PjbfsjlxUq1QgZ8oBEVXWR4rutw0N29qabuoW4ppV9bKIIJvLWJAKoqhcZopnYVrgrhBq1gHV%2FF5Em3ht%2FjxpAwKVAmN9pr7pCHD9Qlseuqgdy0%2FAMDVO8NXm6J4hkD%2FLiDue8OI%2FS3DPznBw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
71b551ca9d060215-ZRH
css2
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;500;700&display=swap
Requested by
Host: covid2022.segurosbupa.cl
URL: https://covid2022.segurosbupa.cl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
920d66d8f296d0b867535ae2a5e8a481ab9a0ab00ac1e58baa9347b3d78d6a5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid2022.segurosbupa.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 19:00:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Jun 2022 19:02:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Jun 2022 19:02:18 GMT
landing.css
covid2022.segurosbupa.cl/assets/css/
10 KB
10 KB
Stylesheet
General
Full URL
https://covid2022.segurosbupa.cl/assets/css/landing.css
Requested by
Host: covid2022.segurosbupa.cl
URL: https://covid2022.segurosbupa.cl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.226.106.253 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid2022.segurosbupa.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 19:02:17 GMT
last-modified
Tue, 14 Jun 2022 16:00:22 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"a0ad4ada780d81:0"
content-length
10120
content-type
text/css
js
www.googletagmanager.com/gtag/
101 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-120390787-1
Requested by
Host: covid2022.segurosbupa.cl
URL: https://covid2022.segurosbupa.cl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30673bfa3ecf24c5f0c52e4db9e2995f692613d072d5700ff465beebbfe43f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid2022.segurosbupa.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 19:02:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39772
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Jun 2022 19:02:18 GMT
router.php
20.226.106.253/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
20.226.106.253
URL
http://20.226.106.253:8080/router.php

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies