urlscan.io logo urlscan.io
SecurityTrails logo

suramexicob2cqadev.b2clogin.com Open in urlscan Pro
20.190.190.132  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://portalagentes-qa.segurossura.com.mx/
Effective URL: https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/oauth2/v2.0/authorize?client_id=8fe19446-32a3-41...
Submission: On July 24 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 24 HTTP transactions. The main IP is 20.190.190.132, located in Phoenix, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is suramexicob2cqadev.b2clogin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 24th 2024. Valid for: a year.
This is the only time suramexicob2cqadev.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

IP Address AS Autonomous System
8 13.107.253.40 8075 (MICROSOFT...)
4 104.18.40.68 13335 (CLOUDFLAR...)
1 44.237.153.248 16509 (AMAZON-02)
1 172.253.63.95 15169 (GOOGLE)
1 142.250.31.97 15169 (GOOGLE)
1 20.190.190.196 8075 (MICROSOFT...)
5 20.190.190.132 8075 (MICROSOFT...)
1 152.199.4.33 15133 (EDGECAST)
24 9
8    13.107.253.40 (Redmond, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
portalagentes-qa.segurossura.com.mx
aadcdn.msftauthimages.net
4    104.18.40.68 (None, )

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
1    44.237.153.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-153-248.us-west-2.compute.amazonaws.com
10ax.online.tableau.com
1    172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net
fonts.googleapis.com
1    142.250.31.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f97.1e100.net
www.googletagmanager.com
1    20.190.190.196 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
suramexicob2cqadev.b2clogin.com
5    20.190.190.132 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
suramexicob2cqadev.b2clogin.com
1    152.199.4.33 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
Apex Domain
Subdomains		 Transfer
6 b2clogin.com
suramexicob2cqadev.b2clogin.com
989 KB
6 segurossura.com.mx
portalagentes-qa.segurossura.com.mx
3 MB
4 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3618
ka-p.fontawesome.com — Cisco Umbrella Rank: 6252
192 KB
2 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 6330
12 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 5661
27 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
72 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
960 B
1 tableau.com
10ax.online.tableau.com
68 KB
24 8
Domain Requested by
6 suramexicob2cqadev.b2clogin.com portalagentes-qa.segurossura.com.mx
suramexicob2cqadev.b2clogin.com
6 portalagentes-qa.segurossura.com.mx portalagentes-qa.segurossura.com.mx
2 aadcdn.msftauthimages.net
2 ka-p.fontawesome.com kit.fontawesome.com
2 kit.fontawesome.com portalagentes-qa.segurossura.com.mx
kit.fontawesome.com
1 ajax.aspnetcdn.com suramexicob2cqadev.b2clogin.com
1 www.googletagmanager.com portalagentes-qa.segurossura.com.mx
1 fonts.googleapis.com portalagentes-qa.segurossura.com.mx
1 10ax.online.tableau.com portalagentes-qa.segurossura.com.mx
24 9

This site contains no links.

Subject Issuer Validity Valid
portalagentes-qa.segurossura.com.mx
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-03-08 -
2024-09-06		 6 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
10ax.online.tableau.com
Amazon RSA 2048 M02		 2023-10-24 -
2024-11-22		 a year crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2024-06-24 -
2025-06-24		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-05-12 -
2025-05-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/oauth2/v2.0/authorize?client_id=8fe19446-32a3-41ae-b14d-3700883ab2a8&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportalagentes-qa.segurossura.com.mx%2F&client-request-id=ed04f7e0-c6a6-46c3-9ad9-6ca3503c50c3&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.2&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=kfVettI1CJL1xZmil0gzNw1CbvomnE3-L575-dnCpqY&code_challenge_method=S256&nonce=7b318687-46c4-4aa9-b3eb-5ebd3c576a52&state=eyJpZCI6IjljNzgyY2M5LWFkYTAtNGNhYy04NTQ2LTc4MDRiMDdkNjI4MyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Frame ID: EA7B2E93FC5EBFBAC76C7E0E77BB5082
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Elegir la cuenta

Page URL History Show full URLs

  1. https://portalagentes-qa.segurossura.com.mx/ Page URL
  2. https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/oauth2/v2.0/authorize?client... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

24
Requests

92 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

4860 kB
Transfer

6535 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://portalagentes-qa.segurossura.com.mx/ Page URL
  2. https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/oauth2/v2.0/authorize?client_id=8fe19446-32a3-41ae-b14d-3700883ab2a8&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportalagentes-qa.segurossura.com.mx%2F&client-request-id=ed04f7e0-c6a6-46c3-9ad9-6ca3503c50c3&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.2&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=kfVettI1CJL1xZmil0gzNw1CbvomnE3-L575-dnCpqY&code_challenge_method=S256&nonce=7b318687-46c4-4aa9-b3eb-5ebd3c576a52&state=eyJpZCI6IjljNzgyY2M5LWFkYTAtNGNhYy04NTQ2LTc4MDRiMDdkNjI4MyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
portalagentes-qa.segurossura.com.mx/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portalagentes-qa.segurossura.com.mx/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6363757618ff42b4676c22c3cc81948f1d6e1b0359ed22cfb30ed5d9b71d1e39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
private
content-length
2439
content-type
text/html
date
Wed, 24 Jul 2024 11:27:14 GMT
etag
"6669c7fc-987"
last-modified
Wed, 12 Jun 2024 16:08:28 GMT
x-azure-ref
20240724T112714Z-16d8bb45d56vhwbzva8rdvbffs0000000p40000000003fu5
x-cache
CONFIG_NOCACHE
43f6fd71af.js
kit.fontawesome.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/43f6fd71af.js
Requested by
Host: portalagentes-qa.segurossura.com.mx
URL: https://portalagentes-qa.segurossura.com.mx/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98629245c78ca06413ec0b760e8b5db301c8aeaab610911a61e45d0c82d863cf

Request headers

Referer
https://portalagentes-qa.segurossura.com.mx/
Origin
https://portalagentes-qa.segurossura.com.mx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 11:27:14 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8a838f565ef7ac7c-YYZ
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F-UikCBpYq0SDzx2jQDC
2.7b079626.chunk.css
portalagentes-qa.segurossura.com.mx/static/css/ 		524 KB
525 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portalagentes-qa.segurossura.com.mx/static/css/2.7b079626.chunk.css
Requested by
Host: portalagentes-qa.segurossura.com.mx
URL: https://portalagentes-qa.segurossura.com.mx/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
23f0a4ba86f697bd3834844cb3185ff6fb3b3d212119473215c500b958e798d1

Request headers

Referer
https://portalagentes-qa.segurossura.com.mx/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 11:27:14 GMT
last-modified
Wed, 12 Jun 2024 16:08:28 GMT
etag
"6669c7fc-8300a"
x-azure-ref
20240724T112714Z-16d8bb45d56vhwbzva8rdvbffs0000000p40000000003fu6
x-cache
CONFIG_NOCACHE
content-type
text/css
accept-ranges
bytes
content-length
536586
main.d70292ac.chunk.css
portalagentes-qa.segurossura.com.mx/static/css/ 		90 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portalagentes-qa.segurossura.com.mx/static/css/main.d70292ac.chunk.css
Requested by
Host: portalagentes-qa.segurossura.com.mx
URL: https://portalagentes-qa.segurossura.com.mx/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3aef9364cc7f89100644065309b33bdea2e074c04772033f88b6dbf84286ef0b

Request headers

Referer
https://portalagentes-qa.segurossura.com.mx/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 11:27:14 GMT
last-modified
Wed, 12 Jun 2024 16:08:27 GMT
etag
"6669c7fb-16735"
x-azure-ref
20240724T112714Z-16d8bb45d56vhwbzva8rdvbffs0000000p40000000003fu7
x-cache
CONFIG_NOCACHE
content-type
text/css
accept-ranges
bytes
content-length
91957
tableau.embedding.3.latest.min.js
10ax.online.tableau.com/javascripts/api/ 		314 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://10ax.online.tableau.com/javascripts/api/tableau.embedding.3.latest.min.js
Requested by
Host: portalagentes-qa.segurossura.com.mx
URL: https://portalagentes-qa.segurossura.com.mx/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.153.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-153-248.us-west-2.compute.amazonaws.com
Software
Tableau /
Resource Hash
2bda7df60c232626b52491e9cb7a5ed6e66bf2d6e25ef915fdcd920367853da3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portalagentes-qa.segurossura.com.mx/
Origin
https://portalagentes-qa.segurossura.com.mx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 11:27:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
transfer-encoding
chunked
p3p
CP="NON"
x-tableau
Tableau Server
Connection
keep-alive
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Jul 2024 04:48:14 GMT
server
Tableau
etag
"4e9a8-61d6a2b82df80-gzip"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
origin-trial
Ag0ApCHWobm3PHDobqyTC+kYlgmiKA+064sxQriou0XkiuQPG+RjyJtQlItI9qHPqeejeReK9Op27DG1IIFNbwkAAABceyJvcmlnaW4iOiJodHRwczovL3RhYmxlYXUuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
accept-ranges
bytes
2.2c0b3391.chunk.js
portalagentes-qa.segurossura.com.mx/static/js/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://portalagentes-qa.segurossura.com.mx/static/js/2.2c0b3391.chunk.js
Requested by
Host: portalagentes-qa.segurossura.com.mx
URL: https://portalagentes-qa.segurossura.com.mx/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
42d42c7f228806750ac8724e3d624258ff15a7252be880a7b3d7d624af638eeb

Request headers

Referer
https://portalagentes-qa.segurossura.com.mx/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 11:27:14 GMT
last-modified
Wed, 12 Jun 2024 16:08:28 GMT
etag
"6669c7fc-2af56b"
x-azure-ref
20240724T112714Z-16d8bb45d56vhwbzva8rdvbffs0000000p40000000003fu8
x-cache
CONFIG_NOCACHE
content-type
application/javascript
accept-ranges
bytes
content-length
2815339
main.8dc6d1ba.chunk.js
portalagentes-qa.segurossura.com.mx/static/js/ 		126 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portalagentes-qa.segurossura.com.mx/static/js/main.8dc6d1ba.chunk.js
Requested by
Host: portalagentes-qa.segurossura.com.mx
URL: https://portalagentes-qa.segurossura.com.mx/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2629eeed2ed9e9fa0413de3b2d41c5a1c260fe3d2eeee532f057d690c0547b97

Request headers

Referer
https://portalagentes-qa.segurossura.com.mx/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 11:27:14 GMT
last-modified
Wed, 12 Jun 2024 16:08:27 GMT
etag
"6669c7fb-1f804"
x-azure-ref
20240724T112714Z-16d8bb45d56vhwbzva8rdvbffs0000000p40000000003fu9
x-cache
CONFIG_NOCACHE
content-type
application/javascript
accept-ranges
bytes
content-length
129028
css2
fonts.googleapis.com/ 		5 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@300;400;500;700&display=swap
Requested by
Host: portalagentes-qa.segurossura.com.mx
URL: https://portalagentes-qa.segurossura.com.mx/static/css/main.d70292ac.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
ESF /
Resource Hash
2fd278c218caa2128d6f90cb70e4e00331e23449adf904746436704b55de0f5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://portalagentes-qa.segurossura.com.mx/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jul 2024 11:27:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jul 2024 11:27:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jul 2024 11:27:15 GMT
gtm.js
www.googletagmanager.com/ 		209 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N8RP3C8&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: portalagentes-qa.segurossura.com.mx
URL: https://portalagentes-qa.segurossura.com.mx/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
2af5b56bb610f70edb1afdeb9203b2fc523ca8a5efa9945f9454eb9800bad396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://portalagentes-qa.segurossura.com.mx/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 11:27:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73696
x-xss-protection
0
last-modified
Wed, 24 Jul 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 Jul 2024 11:27:17 GMT
pro.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ 		1 MB
180 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=43f6fd71af
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/43f6fd71af.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582

Request headers

Referer
https://portalagentes-qa.segurossura.com.mx/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 11:27:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
server
cloudflare
etag
"6695a0b7-2cce4"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8a838f65b90bac7c-YYZ
content-length
183524
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ 		50 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v5-font-face.min.css?token=43f6fd71af
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/43f6fd71af.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8

Request headers

Referer
https://portalagentes-qa.segurossura.com.mx/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 11:27:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 15 Jul 2024 22:20:40 GMT
server
cloudflare
etag
"6695a0b8-1c1c"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8a838f65b90dac7c-YYZ
content-length
7196
kit-upload.css
kit.fontawesome.com/43f6fd71af/33608924/ 		0
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/43f6fd71af/33608924/kit-upload.css
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/43f6fd71af.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portalagentes-qa.segurossura.com.mx/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 11:27:17 GMT
cf-cache-status
MISS
server
cloudflare
etag
54af53b207eef226d6511e0a88e3038e
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges
bytes
cf-ray
8a838f65a8ffac7c-YYZ
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
content-length
0
x-request-id
F-UikLZi86dxoJaHs42C
openid-configuration
suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/v2.0/.well-known/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/v2.0/.well-known/openid-configuration
Requested by
Host: portalagentes-qa.segurossura.com.mx
URL: https://portalagentes-qa.segurossura.com.mx/static/js/2.2c0b3391.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.190.196 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9d738dee87da85d3f828a67fe0c19d32df93b9ede99fc7c1e63f929342932c61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portalagentes-qa.segurossura.com.mx/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 24 Jul 2024 11:27:17 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://portalagentes-qa.segurossura.com.mx
Public
OPTIONS,TRACE,GET,HEAD,POST
Cache-Control
no-store, must-revalidate, no-cache
Allow
OPTIONS, TRACE, GET, HEAD, POST
x-ms-gateway-requestid
56b39d77-062c-487b-bf70-fdab344b0709
Content-Length
1638
X-XSS-Protection
1; mode=block
favicon.png
portalagentes-qa.segurossura.com.mx/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portalagentes-qa.segurossura.com.mx/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
80c438930b53318480ee5b0dceb22d2be5b98d62817f13a015e8c76f1c4211e7

Request headers

Referer
https://portalagentes-qa.segurossura.com.mx/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 11:27:17 GMT
last-modified
Wed, 12 Jun 2024 16:06:59 GMT
etag
"6669c7a3-4ed"
x-azure-ref
20240724T112717Z-16d8bb45d56vhwbzva8rdvbffs0000000p40000000003fun
x-cache
CONFIG_NOCACHE
content-type
image/png
accept-ranges
bytes
content-length
1261
Primary Request authorize
suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/oauth2/v2.0/ 		431 KB
159 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/oauth2/v2.0/authorize?client_id=8fe19446-32a3-41ae-b14d-3700883ab2a8&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportalagentes-qa.segurossura.com.mx%2F&client-request-id=ed04f7e0-c6a6-46c3-9ad9-6ca3503c50c3&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.2&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=kfVettI1CJL1xZmil0gzNw1CbvomnE3-L575-dnCpqY&code_challenge_method=S256&nonce=7b318687-46c4-4aa9-b3eb-5ebd3c576a52&state=eyJpZCI6IjljNzgyY2M5LWFkYTAtNGNhYy04NTQ2LTc4MDRiMDdkNjI4MyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Requested by
Host: portalagentes-qa.segurossura.com.mx
URL: https://portalagentes-qa.segurossura.com.mx/static/js/2.2c0b3391.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.190.132 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ebff2b71d3c7e33e46a9cbbc26c005b3628350323c97e40ffac7c535ddb0987a
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'self' 'nonce-6Fb4bslZEcc8SpHey0kyQg==' 'report-sample'; report-uri /suramexicob2cqadev.onmicrosoft.com/B2C_1_Singin/client/cspreport?p=B2C_1_Singin
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portalagentes-qa.segurossura.com.mx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Allow
OPTIONS TRACE GET HEAD POST
Cache-Control
no-store, must-revalidate, no-cache
Content-Encoding
gzip
Content-Length
158533
Content-Security-Policy
script-src 'strict-dynamic' 'self' 'nonce-6Fb4bslZEcc8SpHey0kyQg==' 'report-sample'; report-uri /suramexicob2cqadev.onmicrosoft.com/B2C_1_Singin/client/cspreport?p=B2C_1_Singin
Content-Type
text/html; charset=utf-8
Date
Wed, 24 Jul 2024 11:27:19 GMT
Expires
-1
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Build
1.1.208.0
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Request-ID
9b09e620-1a72-4c70-a769-6d2eece72f6b
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
x-ms-gateway-requestid
71b1de97-629f-4c70-a318-6bd4a5197bbf
idpSelector.cshtml
suramexicob2cqadev.b2clogin.com/static/tenant/templates/AzureBlue/ 		61 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://suramexicob2cqadev.b2clogin.com/static/tenant/templates/AzureBlue/idpSelector.cshtml?ui_locales=es&slice=001-000&dc=BY1
Requested by
Host: suramexicob2cqadev.b2clogin.com
URL: https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/oauth2/v2.0/authorize?client_id=8fe19446-32a3-41ae-b14d-3700883ab2a8&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportalagentes-qa.segurossura.com.mx%2F&client-request-id=ed04f7e0-c6a6-46c3-9ad9-6ca3503c50c3&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.2&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=kfVettI1CJL1xZmil0gzNw1CbvomnE3-L575-dnCpqY&code_challenge_method=S256&nonce=7b318687-46c4-4aa9-b3eb-5ebd3c576a52&state=eyJpZCI6IjljNzgyY2M5LWFkYTAtNGNhYy04NTQ2LTc4MDRiMDdkNjI4MyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.190.132 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63d3afed3588bf3d02cfd9936495050476ec2702143defcce99bdd2ee8957b59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/oauth2/v2.0/authorize?client_id=8fe19446-32a3-41ae-b14d-3700883ab2a8&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportalagentes-qa.segurossura.com.mx%2F&client-request-id=ed04f7e0-c6a6-46c3-9ad9-6ca3503c50c3&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.2&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=kfVettI1CJL1xZmil0gzNw1CbvomnE3-L575-dnCpqY&code_challenge_method=S256&nonce=7b318687-46c4-4aa9-b3eb-5ebd3c576a52&state=eyJpZCI6IjljNzgyY2M5LWFkYTAtNGNhYy04NTQ2LTc4MDRiMDdkNjI4MyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 24 Jul 2024 11:27:19 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Max-Age
3600
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
Content-Length
38849
1-1.png
suramexicob2cqadev.b2clogin.com/static/tenant/templates/backgrounds/ 		0
0
logo.svg
suramexicob2cqadev.b2clogin.com/static/tenant/templates/images/ 		0
0
bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/ 		120 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/bootstrap.min.css
Requested by
Host: suramexicob2cqadev.b2clogin.com
URL: https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/oauth2/v2.0/authorize?client_id=8fe19446-32a3-41ae-b14d-3700883ab2a8&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportalagentes-qa.segurossura.com.mx%2F&client-request-id=ed04f7e0-c6a6-46c3-9ad9-6ca3503c50c3&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.2&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=kfVettI1CJL1xZmil0gzNw1CbvomnE3-L575-dnCpqY&code_challenge_method=S256&nonce=7b318687-46c4-4aa9-b3eb-5ebd3c576a52&state=eyJpZCI6IjljNzgyY2M5LWFkYTAtNGNhYy04NTQ2LTc4MDRiMDdkNjI4MyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.33 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (cha/8183) /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://suramexicob2cqadev.b2clogin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 11:27:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10466522
x-cache
HIT
content-length
27825
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:15 GMT
server
ECAcc (cha/8183)
etag
"cab57ff0cb33d21:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
illustration
aadcdn.msftauthimages.net/dbd5a2dd-e7-jghabstk24ae9y0c1sw9biq35ap-a0bwc7ic-7gu/logintenantbranding/3082/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-e7-jghabstk24ae9y0c1sw9biq35ap-a0bwc7ic-7gu/logintenantbranding/3082/illustration?ts=637593952325153428
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
65cdcf77c87ef28f7f179bbb92168f2d947509e1f156cfe8915df01499214d06
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://suramexicob2cqadev.b2clogin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 24 Jul 2024 11:27:20 GMT
x-content-type-options
nosniff
x-cache
TCP_MISS
x-fd-int-roxy-purgeid
50755578
content-length
8595
x-ms-lease-status
unlocked
last-modified
Tue, 15 Jun 2021 23:07:12 GMT
etag
0x8D930524F76B30C
x-azure-ref
20240724T112719Z-r1b958ccc85gl6f5cfb5dq9b3w000000009g000000000tp7
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
cd157fcc-301e-0001-50bc-dd588f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-e7-jghabstk24ae9y0c1sw9biq35ap-a0bwc7ic-7gu/logintenantbranding/3082/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-e7-jghabstk24ae9y0c1sw9biq35ap-a0bwc7ic-7gu/logintenantbranding/3082/bannerlogo?ts=637593952332632744
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
39fc3b54e9246f670575e4e31cdb37840b822a552e93f23ec00a75ad2c9c5a20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://suramexicob2cqadev.b2clogin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 24 Jul 2024 11:27:20 GMT
x-content-type-options
nosniff
x-cache
TCP_MISS
x-fd-int-roxy-purgeid
50755578
content-length
2806
x-ms-lease-status
unlocked
last-modified
Tue, 15 Jun 2021 23:07:13 GMT
etag
0x8D930524FE371FF
x-azure-ref
20240724T112719Z-r1b958ccc85gl6f5cfb5dq9b3w000000009g000000000tp8
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
1ec12997-b01e-0030-7ebc-ddb99c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
segoeui.WOFF
suramexicob2cqadev.b2clogin.com/static/tenant/templates/fonts/ 		399 KB
400 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://suramexicob2cqadev.b2clogin.com/static/tenant/templates/fonts/segoeui.WOFF
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.190.132 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6042231476473cd446768f85add8d8d63162d88cd5113a7d6c2398a0406320c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/oauth2/v2.0/authorize?client_id=8fe19446-32a3-41ae-b14d-3700883ab2a8&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportalagentes-qa.segurossura.com.mx%2F&client-request-id=ed04f7e0-c6a6-46c3-9ad9-6ca3503c50c3&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.2&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=kfVettI1CJL1xZmil0gzNw1CbvomnE3-L575-dnCpqY&code_challenge_method=S256&nonce=7b318687-46c4-4aa9-b3eb-5ebd3c576a52&state=eyJpZCI6IjljNzgyY2M5LWFkYTAtNGNhYy04NTQ2LTc4MDRiMDdkNjI4MyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Origin
https://suramexicob2cqadev.b2clogin.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 24 Jul 2024 11:27:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 16 Jul 2024 10:11:32 GMT
ETag
"062d8868d7da1:0"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
font/x-woff
Access-Control-Allow-Origin
*
X-Frame-Options
DENY
Accept-Ranges
bytes
Content-Length
408688
X-XSS-Protection
1; mode=block
segoeui_bold.WOFF
suramexicob2cqadev.b2clogin.com/static/tenant/templates/fonts/ 		389 KB
389 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://suramexicob2cqadev.b2clogin.com/static/tenant/templates/fonts/segoeui_bold.WOFF
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.190.132 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
01fd91e1d22f75cf9af8f478b0edb0f78d52c9069e9d7e6b566b4d44d76f86ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/oauth2/v2.0/authorize?client_id=8fe19446-32a3-41ae-b14d-3700883ab2a8&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportalagentes-qa.segurossura.com.mx%2F&client-request-id=ed04f7e0-c6a6-46c3-9ad9-6ca3503c50c3&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.2&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=kfVettI1CJL1xZmil0gzNw1CbvomnE3-L575-dnCpqY&code_challenge_method=S256&nonce=7b318687-46c4-4aa9-b3eb-5ebd3c576a52&state=eyJpZCI6IjljNzgyY2M5LWFkYTAtNGNhYy04NTQ2LTc4MDRiMDdkNjI4MyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Origin
https://suramexicob2cqadev.b2clogin.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 24 Jul 2024 11:27:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 16 Jul 2024 10:11:32 GMT
ETag
"062d8868d7da1:0"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
font/x-woff
Access-Control-Allow-Origin
*
X-Frame-Options
DENY
Accept-Ranges
bytes
Content-Length
398176
X-XSS-Protection
1; mode=block
perftrace
suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/B2C_1_Singin/client/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/B2C_1_Singin/client/perftrace?tx=StateProperties=eyJUSUQiOiI5YjA5ZTYyMC0xYTcyLTRjNzAtYTc2OS02ZDJlZWNlNzJmNmIifQ&p=B2C_1_Singin
Requested by
Host: suramexicob2cqadev.b2clogin.com
URL: https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/oauth2/v2.0/authorize?client_id=8fe19446-32a3-41ae-b14d-3700883ab2a8&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportalagentes-qa.segurossura.com.mx%2F&client-request-id=ed04f7e0-c6a6-46c3-9ad9-6ca3503c50c3&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.2&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=kfVettI1CJL1xZmil0gzNw1CbvomnE3-L575-dnCpqY&code_challenge_method=S256&nonce=7b318687-46c4-4aa9-b3eb-5ebd3c576a52&state=eyJpZCI6IjljNzgyY2M5LWFkYTAtNGNhYy04NTQ2LTc4MDRiMDdkNjI4MyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.190.132 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/oauth2/v2.0/authorize?client_id=8fe19446-32a3-41ae-b14d-3700883ab2a8&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportalagentes-qa.segurossura.com.mx%2F&client-request-id=ed04f7e0-c6a6-46c3-9ad9-6ca3503c50c3&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.2&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=kfVettI1CJL1xZmil0gzNw1CbvomnE3-L575-dnCpqY&code_challenge_method=S256&nonce=7b318687-46c4-4aa9-b3eb-5ebd3c576a52&state=eyJpZCI6IjljNzgyY2M5LWFkYTAtNGNhYy04NTQ2LTc4MDRiMDdkNjI4MyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
RW51RmNPemF0elo4MGxNT1BXaTM5MXlhTTRYVXB3dndUT1R0RU1uZDQrOWFoRG9nVVY3K21RTkpPUHVBa1laUFpXTXFXTlRrcDdkY093bUJUSHg5ZkE9PTsyMDI0LTA3LTI0VDExOjI3OjE5LjAyODg3NDFaO25jS0tWV2xWL1JJTjI5dmdCTTQxa1E9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 24 Jul 2024 11:27:20 GMT
X-Content-Type-Options
nosniff
Allow
OPTIONS, TRACE, GET, HEAD, POST
X-Frame-Options
DENY
Public
OPTIONS,TRACE,GET,HEAD,POST
Cache-Control
no-store, must-revalidate, no-cache
x-ms-gateway-requestid
fd0fd2e0-4bcf-496a-a4a4-72c92758c3cd
Content-Length
0
X-XSS-Protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
suramexicob2cqadev.b2clogin.com
URL
https://suramexicob2cqadev.b2clogin.com/static/tenant/templates/backgrounds/1-1.png
Domain
suramexicob2cqadev.b2clogin.com
URL
https://suramexicob2cqadev.b2clogin.com/static/tenant/templates/images/logo.svg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| sanitizeHtml function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink object| $i2e object| $predicateValidation object| $element function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady

5 Cookies

Domain/Path Name / Value
portalagentes-qa.segurossura.com.mx/ Name: 01883d0d6869b7e8c0b0c50b7adf434a
Value: ec445d5edbb840a3e1a545fd005447a1
.suramexicob2cqadev.b2clogin.com/ Name: x-ms-cpim-sso:suramexicob2cqadev.onmicrosoft.com_0
Value: m1.RJReFfpjQ5N44JrL.rT4dTxsW1g2XnzVJclN9dg==.0.a6ICPz0LsecWOFIbROKS4ipL5j15KRiW4RC6jQnRt+shifapN7CzELN2ZpK8j/2agUflv1ig3sq8fLLi80/lNgld5xOh0w55VIKeMiI+DD6rrdaEldaPljYXh/7rA22CgNx+58W14KamhzOI1exuOm9HfYDmE4J96uIkr7sHzSe9uG1wkymQOIsvVm2HuGYvxscX2K0+SjRWbW47bj7QpJxeYmB5OlIGBj4yT0S+M7I1EBbuJU1EiTgiwNtXzEewy40b5ZeqGxSj8nVppNUM67uro/AI+zLjScgSCYoiPEeFp/Nm5Xi4tJXq4fIlwyl8DvrtT18w2b16iL1+6J2trP3R7Npke0xZzaY4+6jNLjzr
.suramexicob2cqadev.b2clogin.com/ Name: x-ms-cpim-csrf
Value: RW51RmNPemF0elo4MGxNT1BXaTM5MXlhTTRYVXB3dndUT1R0RU1uZDQrOWFoRG9nVVY3K21RTkpPUHVBa1laUFpXTXFXTlRrcDdkY093bUJUSHg5ZkE9PTsyMDI0LTA3LTI0VDExOjI3OjE5LjAyODg3NDFaO25jS0tWV2xWL1JJTjI5dmdCTTQxa1E9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
.suramexicob2cqadev.b2clogin.com/ Name: x-ms-cpim-cache|ioyjm3iaceynaw0u7ocvaw_0
Value: m1.lOV5Co0xyFCq+CIv.KqU7kDTZn/vSEk2STYYUkw==.0.glRu5iqKII1tRg/JULSLQQALpot2Kyp8vT4ITxl+yuwEmMmy0xcqESTLgROec6PJBL/HHUq0QGsBP3YE29l8geB2+IscyoTiwjd4wSQUsKYXsV4bDEQzu1zJf+O9litmWP8ongUb0oeDJwwtZjGnBVALQdVw0irfSUtAn+/nJPdOTZciSKNhtax9B6yIRAHnHD2kFn02bnMwhHoa2XhK5dki0PLf3x8M6FaDuseE3TS5MLlK5e70FK+eeOou3KDCG1pNhL00Io71S5YUAX5diAalNhXdY8LzsYj6I+lzA8CvzlHM812HqCD5v8FmuFeRdUeaXPwd/D6KTSn3ZJPW6X6up4GZy8cLu5QFp17JEioqK2DkYzYIenoNWysbN7g5T0Ozawacp/u50CJsFLbGtbFsAKIZ+Evd5U4cA5lyBlrYBchbuUrBqWYW6p7XSaARg+knED86s2djKmpPG4khY+BbFIdebqFu+dzQLFdeA8vbYrMjbnmsl2pJbCNZBFXShZ5hEV1GldLEMryH72rNFraJAsplqEmAkebC8eSi+LmBoArRNW3VRZ7iF358+DkfPZc3sfqPjEONzjgRGTGPE91m/kHfS9mpklTLNo8N2caatI3bBBPs6xnV+0OS5WCbKVrtD/gR4tNGDEk5mKMZP7aEDNZBBSkLWPTgr8sxfCGSZ+jf7uLGW6ohocX8kd5Di52W5/g4K36V1Bjc9OUoNniMni/EN4uXIjwxMcB0xbleDneF3M/CPS2QyhP8y4vJfb2upW3xElveLMpPRxCSzhqeH4D+KfSpbTXidx6nuEjGZeMqOUeNmtlXjTQo+Rqt/bsDrPqaFHB7pBxpOwLyES+86A0jmDz1xebzztyeJ6T5yk+pNik49RzJAve75+0ACh172szSeOGluaLXP4Y2ygpCqyztWRCBCt1th5ZsfBshaRpo/7sOpxAy0PUzMJejoFFOcdtVI1VMgrE2IiH6ghN+wIbl+Uh/adIkmtR7PXrcMcdHI37YPBT6OgFW5IVMNVrfO/EziOmo1aVIRZXbQetzbKVNcPsiNFJChQuhx3NVpL/+ItmFSfhB55CvjucKGXnbAFnZ7eYBNZ9Pw+2Cy81BsueJhaKc/S6qALAcId+1NIq/AC5Hf5aKjaquh7zdjCtkRM+nHFL8MBm8JEab5Te+Zkk8xoqf17DiKTiZ76OHRS/ePj2lEfJBBpLhPXP75TitqLh4SAXZnFBlsaLVSvRmapustklWazEkhYvRpQsMcEx1qhh9Q3tnJ1nz8lYdFbb/qafGZ0B488RHgEZaDEZTfjCgCNGbKg7hB6RHNCK/4PqeJLc/Rud6GbnfPhdCXx2X0IUlGNjIM2bUa/96b8b4MbSRhSeo4IG48qrxjArjXLAc06k1NnvMX//TAQOqM23F9TGcu3/Q90Ehlkp/j8TN8q8z0FyuoewPI5ZXyTJT+gh1zA+Vsno=
.suramexicob2cqadev.b2clogin.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6IjliMDllNjIwLTFhNzItNGM3MC1hNzY5LTZkMmVlY2U3MmY2YiIsIlQiOiJzdXJhbWV4aWNvYjJjcWFkZXYub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xX3NpbmdpbiIsIkMiOiI4ZmUxOTQ0Ni0zMmEzLTQxYWUtYjE0ZC0zNzAwODgzYWIyYTgiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjliMDllNjIwLTFhNzItNGM3MC1hNzY5LTZkMmVlY2U3MmY2YiJ9

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://suramexicob2cqadev.b2clogin.com/suramexicob2cqadev.onmicrosoft.com/b2c_1_singin/oauth2/v2.0/authorize?client_id=8fe19446-32a3-41ae-b14d-3700883ab2a8&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportalagentes-qa.segurossura.com.mx%2F&client-request-id=ed04f7e0-c6a6-46c3-9ad9-6ca3503c50c3&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.2&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=kfVettI1CJL1xZmil0gzNw1CbvomnE3-L575-dnCpqY&code_challenge_method=S256&nonce=7b318687-46c4-4aa9-b3eb-5ebd3c576a52&state=eyJpZCI6IjljNzgyY2M5LWFkYTAtNGNhYy04NTQ2LTc4MDRiMDdkNjI4MyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10ax.online.tableau.com
aadcdn.msftauthimages.net
ajax.aspnetcdn.com
fonts.googleapis.com
ka-p.fontawesome.com
kit.fontawesome.com
portalagentes-qa.segurossura.com.mx
suramexicob2cqadev.b2clogin.com
www.googletagmanager.com
suramexicob2cqadev.b2clogin.com
104.18.40.68
13.107.253.40
142.250.31.97
152.199.4.33
172.253.63.95
20.190.190.132
20.190.190.196
44.237.153.248
01fd91e1d22f75cf9af8f478b0edb0f78d52c9069e9d7e6b566b4d44d76f86ba
23f0a4ba86f697bd3834844cb3185ff6fb3b3d212119473215c500b958e798d1
2629eeed2ed9e9fa0413de3b2d41c5a1c260fe3d2eeee532f057d690c0547b97
2af5b56bb610f70edb1afdeb9203b2fc523ca8a5efa9945f9454eb9800bad396
2bda7df60c232626b52491e9cb7a5ed6e66bf2d6e25ef915fdcd920367853da3
2fd278c218caa2128d6f90cb70e4e00331e23449adf904746436704b55de0f5c
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
39fc3b54e9246f670575e4e31cdb37840b822a552e93f23ec00a75ad2c9c5a20
3aef9364cc7f89100644065309b33bdea2e074c04772033f88b6dbf84286ef0b
42d42c7f228806750ac8724e3d624258ff15a7252be880a7b3d7d624af638eeb
5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8
6363757618ff42b4676c22c3cc81948f1d6e1b0359ed22cfb30ed5d9b71d1e39
63d3afed3588bf3d02cfd9936495050476ec2702143defcce99bdd2ee8957b59
65cdcf77c87ef28f7f179bbb92168f2d947509e1f156cfe8915df01499214d06
80c438930b53318480ee5b0dceb22d2be5b98d62817f13a015e8c76f1c4211e7
98629245c78ca06413ec0b760e8b5db301c8aeaab610911a61e45d0c82d863cf
9d738dee87da85d3f828a67fe0c19d32df93b9ede99fc7c1e63f929342932c61
ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582
b6042231476473cd446768f85add8d8d63162d88cd5113a7d6c2398a0406320c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebff2b71d3c7e33e46a9cbbc26c005b3628350323c97e40ffac7c535ddb0987a