urlscan.io logo urlscan.io
SecurityTrails logo

portal.cag.se Open in urlscan Pro
52.174.148.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://login.portal.cag.se/
Effective URL: https://portal.cag.se/
Submission: On November 24 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 9 HTTP transactions. The main IP is 52.174.148.158, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is portal.cag.se.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 20th 2020. Valid for: 3 months.
This is the only time portal.cag.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
5 52.174.148.158 8075 (MICROSOFT...)
2 137.135.201.73 8075 (MICROSOFT...)
2 13.69.65.23 8075 (MICROSOFT...)
9 3
Apex Domain
Subdomains		 Transfer
8 cag.se
login.portal.cag.se
portal.cag.se
www.cag.se
791 KB
2 visualstudio.com
dc.services.visualstudio.com
213 B
9 2
Domain Requested by
5 portal.cag.se portal.cag.se
2 dc.services.visualstudio.com portal.cag.se
2 www.cag.se portal.cag.se
1 login.portal.cag.se 1 redirects
9 4

This site contains links to these domains. Also see Links.

Domain
www.cag.se
careers.cag.se
cag.se
Subject Issuer Validity Valid
portal.cag.se
Let's Encrypt Authority X3		 2020-11-20 -
2021-02-18		 3 months crt.sh
www.cag.se
Let's Encrypt Authority X3		 2020-10-01 -
2020-12-30		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft IT TLS CA 4		 2020-04-30 -
2022-04-30		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://portal.cag.se/
Frame ID: A04D32A09F9A89E38A83C444249CC3B4
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://login.portal.cag.se/ HTTP 302
    https://portal.cag.se/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)/i

Page Statistics

9
Requests

100 %
HTTPS

25 %
IPv6

2
Domains

4
Subdomains

3
IPs

3
Countries

790 kB
Transfer

2794 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login.portal.cag.se/ HTTP 302
    https://portal.cag.se/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
portal.cag.se/
Redirect Chain
  • https://login.portal.cag.se/
  • https://portal.cag.se/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.cag.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.174.148.158 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aa8d8f71abeccc4a9825aeded48c031a9fcf5af345b433a1de649355b5cf53bc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
portal.cag.se
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 24 Nov 2020 12:21:17 GMT
content-type
text/html; charset=utf-8
content-disposition
inline; filename="index.html"
accept-ranges
bytes
etag
"b072f859ded9977f2376186cb4fc48e51b6e0bcc"
vary
Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

date
Tue, 24 Nov 2020 12:21:17 GMT
content-type
text/html; charset=utf-8
content-length
88
set-cookie
__cfduid=d4b3cbc64080f93a378aadc36c6e010951606220477; expires=Thu, 24-Dec-20 12:21:17 GMT; path=/; domain=.login.portal.cag.se; HttpOnly; SameSite=Lax; Secure __cf_bm=f23cab9fc01aad1260d16abfffd413f81187dcde-1606220477-1800-AZO/eMjZ7rV73K/yRCneD2fZ/UBlMOHbUd7uPHcrCSk20xXGRg3VpqUNI1B5re2dLZnSZg+etWn3Qs5XJXSd75I=; path=/; expires=Tue, 24-Nov-20 12:51:17 GMT; domain=.login.portal.cag.se; HttpOnly; Secure; SameSite=None
location
https://portal.cag.se/
cf-ray
5f7316bfc9fbd6dd-FRA
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
strict-transport-security
max-age=31536000
vary
Accept, Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
069bcc8bd90000d6dd440fe000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
5f7316bfc9fbd6dd
ot-tracer-sampled
true
ot-tracer-spanid
5182f9683b9f261e
ot-tracer-traceid
27c25b9d1929622d
x-auth0-requestid
8ecfe12ecafe52e2db7c
x-content-type-options
nosniff
server
cloudflare
2.5785f92a.chunk.css
portal.cag.se/static/css/ 		368 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.cag.se/static/css/2.5785f92a.chunk.css
Requested by
Host: portal.cag.se
URL: https://portal.cag.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.174.148.158 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a9caacdeebd2fde9b84e53d08208294b3141c5d49a01536fe21d9a0c5d94a209
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://portal.cag.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 24 Nov 2020 12:21:17 GMT
content-encoding
gzip
etag
"f8e1ab4ee7decc433fee87a42319ed863430092e"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
content-disposition
inline; filename="2.5785f92a.chunk.css"
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
main.eea561a1.chunk.css
portal.cag.se/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.cag.se/static/css/main.eea561a1.chunk.css
Requested by
Host: portal.cag.se
URL: https://portal.cag.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.174.148.158 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3bb28eef97a12c3908b72fda7ca90fcfdd76e0ceb5a2608bac1414e6174eab05
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://portal.cag.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 24 Nov 2020 12:21:17 GMT
content-encoding
gzip
etag
"62bb22a07e756bb3b5fbbd89709342d4740a3435"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
content-disposition
inline; filename="main.eea561a1.chunk.css"
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
2.3b2305a7.chunk.js
portal.cag.se/static/js/ 		2 MB
633 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cag.se/static/js/2.3b2305a7.chunk.js
Requested by
Host: portal.cag.se
URL: https://portal.cag.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.174.148.158 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d07dc1b4f092e0e3ca5c170eb67e5092289c1b35b2f3b29cd11e9b2bbd4f529f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://portal.cag.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 24 Nov 2020 12:21:17 GMT
content-encoding
gzip
etag
"368c682120474da86ce94ce643f6c9502cd5b761"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
content-disposition
inline; filename="2.3b2305a7.chunk.js"
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
main.108b03f9.chunk.js
portal.cag.se/static/js/ 		76 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cag.se/static/js/main.108b03f9.chunk.js
Requested by
Host: portal.cag.se
URL: https://portal.cag.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.174.148.158 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3b4e138038b2cee597e6d02f61cb8a7aa8eead6606c18604d4186c9964047f79
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://portal.cag.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 24 Nov 2020 12:21:17 GMT
content-encoding
gzip
etag
"b9e71928977f805df201bcb27121ed457da5dcf1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
content-disposition
inline; filename="main.108b03f9.chunk.js"
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
home-start-systemutveckling-2.jpg
www.cag.se/wp-content/uploads/2020/01/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cag.se/wp-content/uploads/2020/01/home-start-systemutveckling-2.jpg
Requested by
Host: portal.cag.se
URL: https://portal.cag.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
137.135.201.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
7fa4e7b90ad98321c414d552a43474cb33220c7b0b9772bd88311dad0dbc95f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: 'unsafe-inline'; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; font-src https: 'self' data:;img-src * data:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.cag.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 28 Jan 2020 10:51:30 GMT
Server
Microsoft-IIS/8.5
ETag
"4ea8e1e5c8d5d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
Content-Security-Policy
default-src 'self' https: 'unsafe-inline'; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; font-src https: 'self' data:;img-src * data:
Date
Tue, 24 Nov 2020 12:21:19 GMT
Accept-Ranges
bytes
Content-Length
94905
X-Content-Type-Options
nosniff
logo.svg
www.cag.se/wp-content/uploads/2017/05/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cag.se/wp-content/uploads/2017/05/logo.svg
Requested by
Host: portal.cag.se
URL: https://portal.cag.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
137.135.201.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
6265ea6dd9aeeb508558572188696043d80038b2b7ed9f52d1e6bdea56b8df79
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: 'unsafe-inline'; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; font-src https: 'self' data:;img-src * data:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.cag.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 21 Oct 2019 09:07:17 GMT
Server
Microsoft-IIS/8.5
ETag
"916bdefee87d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
X-XSS-Protection
1; mode=block
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
Content-Security-Policy
default-src 'self' https: 'unsafe-inline'; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; font-src https: 'self' data:;img-src * data:
Date
Tue, 24 Nov 2020 12:21:19 GMT
Accept-Ranges
bytes
Content-Length
1900
X-Content-Type-Options
nosniff
track
dc.services.visualstudio.com/v2/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://portal.cag.se
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Tue, 24 Nov 2020 12:21:20 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		96 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: portal.cag.se
URL: https://portal.cag.se/static/js/2.3b2305a7.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
99d9f3a3cd0724a6aebfc8b7392fd1dfe0c3293c24df27010d7ba6b23bd9e83b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.cag.se/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
F56AD563-0D17-468F-9531-82AF6ED57D66
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Tue, 24 Nov 2020 12:21:20 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
96

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| webpackJsonpservice-portal object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime function| __assign function| __extends

1 Cookies

Domain/Path Name / Value
portal.cag.se/ Name: ai_user
Value: HuVIN|2020-11-24T12:21:19.725Z

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains