qa2.claims.wb.sgicloud.ca Open in urlscan Pro
52.139.5.7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://qa2.claims.wb.sgicloud.ca/
Submission Tags: @phishunt_io
Submission: On February 11 via api (February 11th 2023, 7:12:15 am UTC) from DE — Scanned from CA

Summary HTTP 8 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 52.139.5.7, located in Toronto, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is qa2.claims.wb.sgicloud.ca.
TLS certificate: Issued by R3 on February 10th 2023. Valid for: 3 months.

This is the only time qa2.claims.wb.sgicloud.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
8	52.139.5.7 52.139.5.7		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	1

8 52.139.5.7 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

qa2.claims.wb.sgicloud.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
qa2.api.sgicloud.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	sgicloud.ca qa2.claims.wb.sgicloud.ca qa2.api.sgicloud.ca	2 MB
8	1

	Domain	Requested by
7	qa2.claims.wb.sgicloud.ca	qa2.claims.wb.sgicloud.ca
1	qa2.api.sgicloud.ca	qa2.claims.wb.sgicloud.ca
8	2

This site contains links to these domains. Also see Links.

Domain
www.sgi.sk.ca
www.sgicanada.ca

Subject Issuer	Validity	Valid
qa2.claims.wb.sgicloud.ca R3	`2023-02-10` - `2023-05-11`	3 months	crt.sh
qa2.api.sgicloud.ca R3	`2022-12-27` - `2023-03-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://qa2.claims.wb.sgicloud.ca/
Frame ID: 96D3AFA211CC9CEFEC2A83D5AA23EF7E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FeClaimsUi

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

1576 kB
Transfer

1571 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sgi.sk.ca/
Title: sgi.sk.ca

Search URL Search Domain Scan URL

URL: https://www.sgicanada.ca/
Title: sgicanada.ca

Search URL Search Domain Scan URL

URL: https://www.sgi.sk.ca/salvage
Title: sgi salvage

Search URL Search Domain Scan URL

URL: https://www.sgi.sk.ca/terms
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.sgi.sk.ca/privacy
Title: Privacy statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
qa2.claims.wb.sgicloud.ca/ 615 B
1 KB 151ms
32ms Document
text/html 52.139.5.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qa2.claims.wb.sgicloud.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.139.5.7 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

23a32ddf2c70c69cd0e0ac8ff0fbc429b5f3df3166b42efb69fbf3a73d509bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 615
Content-Type: text/html
Date: Sat, 11 Feb 2023 07:12:09 GMT
ETag: "63e53e6e-267"
Last-Modified: Thu, 09 Feb 2023 18:41:50 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK runtime.1216f2d99eee1ab5.js Show response
qa2.claims.wb.sgicloud.ca/ 3 KB
4 KB 25ms
25ms Script
application/javascript 52.139.5.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qa2.claims.wb.sgicloud.ca/runtime.1216f2d99eee1ab5.js

Requested by

Host: qa2.claims.wb.sgicloud.ca
URL: https://qa2.claims.wb.sgicloud.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.139.5.7 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

193755172643b658c5217ae1932659f538ca3dec1440fe407f50c96baea4e6cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://qa2.claims.wb.sgicloud.ca/
Origin: https://qa2.claims.wb.sgicloud.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sat, 11 Feb 2023 07:12:09 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Feb 2023 18:41:50 GMT
ETag: "63e53e6e-dd9"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: https://qa2.claims.wb.sgicloud.ca
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Length: 3545

GET
H/1.1 200
OK polyfills.3fcb312a8dbb5694.js Show response
qa2.claims.wb.sgicloud.ca/ 93 KB
94 KB 73ms
47ms Script
application/javascript 52.139.5.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qa2.claims.wb.sgicloud.ca/polyfills.3fcb312a8dbb5694.js

Requested by

Host: qa2.claims.wb.sgicloud.ca
URL: https://qa2.claims.wb.sgicloud.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.139.5.7 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

81f5e7b729d6c7a0beaca46f2be8d6e92321d741c251c319a1c252352fb01dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://qa2.claims.wb.sgicloud.ca/
Origin: https://qa2.claims.wb.sgicloud.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sat, 11 Feb 2023 07:12:10 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Feb 2023 18:41:50 GMT
ETag: "63e53e6e-17335"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: https://qa2.claims.wb.sgicloud.ca
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Length: 95029

GET
H/1.1 200
OK main.233608a3d609e861.js Show response
qa2.claims.wb.sgicloud.ca/ 1 MB
1 MB 84ms
48ms Script
application/javascript 52.139.5.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qa2.claims.wb.sgicloud.ca/main.233608a3d609e861.js

Requested by

Host: qa2.claims.wb.sgicloud.ca
URL: https://qa2.claims.wb.sgicloud.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.139.5.7 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6f1c9029ba1d59cbcecf8d485d67cdb3e91a14692f843c65356bbb3f54447e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://qa2.claims.wb.sgicloud.ca/
Origin: https://qa2.claims.wb.sgicloud.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sat, 11 Feb 2023 07:12:10 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Feb 2023 18:41:50 GMT
ETag: "63e53e6e-1685a5"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: https://qa2.claims.wb.sgicloud.ca
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Length: 1476005

GET
H/1.1 200
OK config.json Show response
qa2.claims.wb.sgicloud.ca/ 88 B
436 B 26ms
25ms Fetch
application/json 52.139.5.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qa2.claims.wb.sgicloud.ca/config.json

Requested by

Host: qa2.claims.wb.sgicloud.ca
URL: https://qa2.claims.wb.sgicloud.ca/main.233608a3d609e861.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.139.5.7 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7af706d81009037ab533a7e160cd8bcb6cd4ec7c05490c543c21863c5db07e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qa2.claims.wb.sgicloud.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sat, 11 Feb 2023 07:12:10 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Feb 2023 18:41:50 GMT
ETag: "63e53e6e-58"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88

GET
H/1.1 200
OK metadata Show response
qa2.api.sgicloud.ca/wombat/claims/ 383 B
1 KB 181ms
103ms Fetch
application/json 52.139.5.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qa2.api.sgicloud.ca/wombat/claims/metadata

Requested by

Host: qa2.claims.wb.sgicloud.ca
URL: https://qa2.claims.wb.sgicloud.ca/main.233608a3d609e861.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.139.5.7 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8a5bf4e59ebbec6de155dab4344f7cec880a59f2be09f46214d3b0f8b58512f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qa2.claims.wb.sgicloud.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sat, 11 Feb 2023 07:12:10 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Vary: Origin
X-Frame-Options: DENY
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://qa2.claims.wb.sgicloud.ca
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 383
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:49186d90-482c-4041-9a1f-1d75532f1327

GET
H/1.1 200
OK open-sans-latin-400-normal.4d140983c7c8c4a8c722.woff2
qa2.claims.wb.sgicloud.ca/ 16 KB
17 KB 56ms
55ms Font
font/woff2 52.139.5.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qa2.claims.wb.sgicloud.ca/open-sans-latin-400-normal.4d140983c7c8c4a8c722.woff2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.139.5.7 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://qa2.claims.wb.sgicloud.ca/
Origin: https://qa2.claims.wb.sgicloud.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sat, 11 Feb 2023 07:12:10 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Feb 2023 18:41:50 GMT
ETag: "63e53e6e-4150"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: https://qa2.claims.wb.sgicloud.ca
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Length: 16720

GET
H/1.1 200
OK open-sans-latin-700-normal.ff96f264af377f6a5b5c.woff2
qa2.claims.wb.sgicloud.ca/ 16 KB
17 KB 30ms
30ms Font
font/woff2 52.139.5.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qa2.claims.wb.sgicloud.ca/open-sans-latin-700-normal.ff96f264af377f6a5b5c.woff2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.139.5.7 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://qa2.claims.wb.sgicloud.ca/
Origin: https://qa2.claims.wb.sgicloud.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sat, 11 Feb 2023 07:12:10 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Feb 2023 18:41:50 GMT
ETag: "63e53e6e-3fe8"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: https://qa2.claims.wb.sgicloud.ca
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Length: 16360

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			qa2.claims.wb.sgicloud.ca/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 72715b3351c95f0e81062773f2852abf
			qa2.claims.wb.sgicloud.ca/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 72715b3351c95f0e81062773f2852abf

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

qa2.api.sgicloud.ca
qa2.claims.wb.sgicloud.ca
52.139.5.7
193755172643b658c5217ae1932659f538ca3dec1440fe407f50c96baea4e6cd
23a32ddf2c70c69cd0e0ac8ff0fbc429b5f3df3166b42efb69fbf3a73d509bba
6f1c9029ba1d59cbcecf8d485d67cdb3e91a14692f843c65356bbb3f54447e90
7af706d81009037ab533a7e160cd8bcb6cd4ec7c05490c543c21863c5db07e93
81f5e7b729d6c7a0beaca46f2be8d6e92321d741c251c319a1c252352fb01dfb
8a5bf4e59ebbec6de155dab4344f7cec880a59f2be09f46214d3b0f8b58512f2
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3

qa2.claims.wb.sgicloud.ca Open in urlscan Pro 52.139.5.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

1576 kBTransfer

1571 kBSize

2 Cookies

5 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

qa2.claims.wb.sgicloud.ca Open in urlscan Pro
52.139.5.7 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

1576 kB
Transfer

1571 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions