bseg.cardif.com.co Open in urlscan Pro
2a02:26f0:3500:29d::10c4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bseg.co/Tuya2770/
Effective URL:
https://bseg.cardif.com.co/web/Tuya2770/
Submission Tags: @phish_report
Submission: On November 14 via api (November 14th 2024, 8:49:04 pm UTC) from FI — Scanned from FR

Summary HTTP 18 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2a02:26f0:3500:29d::10c4, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is bseg.cardif.com.co.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 12th 2024. Valid for: a year.

This is the only time bseg.cardif.com.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	155.140.94.32 155.140.94.32	25215 (BNP-PARIB...) (BNP-PARIBAS France)
15	2a02:26f0:350... 2a02:26f0:3500:29d::10c4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
18	4

1 155.140.94.32 (France) 1 redirects

ASN25215 (BNP-PARIBAS France, FR)
PTR: segurosalfin.cardif.com.pe

bseg.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:3500:29d::10c4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

bseg.cardif.com.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	cardif.com.co bseg.cardif.com.co	416 KB
1	gstatic.com fonts.gstatic.com	42 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 923	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	2 KB
1	bseg.co 1 redirects bseg.co	144 B
18	5

	Domain	Requested by
15	bseg.cardif.com.co	bseg.cardif.com.co
1	fonts.gstatic.com	fonts.googleapis.com
1	code.jquery.com	bseg.cardif.com.co
1	fonts.googleapis.com	bseg.cardif.com.co
1	bseg.co	1 redirects
18	5

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
instagram.com
pinterest.com
twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
bnp04s.bnpparibas.com DigiCert TLS RSA SHA256 2020 CA1	`2024-11-12` - `2025-11-05`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bseg.cardif.com.co/web/Tuya2770/
Frame ID: EE3F6BF7D7EC86DE6E670568275130E4
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank BNP Paribas | The bank for a changing world

Page URL History Show full URLs

https://bseg.co/Tuya2770/ HTTP 302
https://bseg.cardif.com.co/web/Tuya2770/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

491 kB
Transfer

1004 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/bnpparibas.net
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/bnpparibas/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://pinterest.com/bnpparibas/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/BNPParibas
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bnp-paribas
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BNPParibas
Title: Youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bseg.co/Tuya2770/ HTTP 302
https://bseg.cardif.com.co/web/Tuya2770/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

503
Service Unavailable

Primary Request / Show response
bseg.cardif.com.co/web/Tuya2770/
Redirect Chain

https://bseg.co/Tuya2770/
https://bseg.cardif.com.co/web/Tuya2770/

10 KB
3 KB

295ms
139ms

Document
text/html

2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bseg.cardif.com.co/web/Tuya2770/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

ce169449427b89ec3c3b7f1ecb0b58410940ad9c10d70b6f64e898c5869ab597

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2741
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html
Date: Thu, 14 Nov 2024 20:48:53 GMT
ETag: "17fd7389d769debe4350d2299d6f13a5:1655718214.487026"
Expires: Thu, 14 Nov 2024 20:48:53 GMT
Last-Modified: Mon, 20 Jun 2022 09:43:34 GMT
Pragma: no-cache
Server: AkamaiNetStorage
Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Location: https://bseg.cardif.com.co/web/Tuya2770/
Server: BigIP

GET
H2 200 css
fonts.googleapis.com/ 23 KB
2 KB 105ms
38ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,600,700

Requested by

Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/web/Tuya2770/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc6b5471559144660927f759eed80bc00f0738b0955497b5cea8b26de009ce7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bseg.cardif.com.co/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 20:48:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 20:48:53 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK bootstrap.min.css
bseg.cardif.com.co/failover/bnpparibas/css/ 130 KB
22 KB 53ms
51ms Stylesheet
text/css 2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bseg.cardif.com.co/failover/bnpparibas/css/bootstrap.min.css

Requested by

Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/web/Tuya2770/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

0d2d6f82bd07a7ce64902624eb45967eccc6dd27b072a112dcd92217847c27c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bseg.cardif.com.co/web/Tuya2770/

Response headers

Strict-Transport-Security: max-age=15768000
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
ETag: "1eb277f2971aa43ecf9573880d218214:1655718213.671002"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22237
Date: Thu, 14 Nov 2024 20:48:53 GMT
Content-Type: text/css
Last-Modified: Mon, 20 Jun 2022 09:43:33 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H/1.1 200
OK font-awesome.min.css
bseg.cardif.com.co/failover/bnpparibas/css/ 28 KB
7 KB 103ms
47ms Stylesheet
text/css 2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bseg.cardif.com.co/failover/bnpparibas/css/font-awesome.min.css

Requested by

Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/web/Tuya2770/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

24d2565318e7b397dfb2129bfc57fa424942541d5126a994eed9f433ce964e2f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bseg.cardif.com.co/web/Tuya2770/

Response headers

Strict-Transport-Security: max-age=15768000
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
ETag: "61e018249035e106f488b409702bb6ce:1655718216.49602"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6675
Date: Thu, 14 Nov 2024 20:48:53 GMT
Content-Type: text/css
Last-Modified: Mon, 20 Jun 2022 09:43:36 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H/1.1 200
OK main.css
bseg.cardif.com.co/failover/bnpparibas/css/ 192 KB
30 KB 136ms
71ms Stylesheet
text/css 2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bseg.cardif.com.co/failover/bnpparibas/css/main.css

Requested by

Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/web/Tuya2770/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

4212c197d510dd2c670f9d342a12d6888c39215b48fe928924e6e178c2f1f4e8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bseg.cardif.com.co/web/Tuya2770/

Response headers

Strict-Transport-Security: max-age=15768000
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
ETag: "088c121e70a978cab712915a6e3b3d62:1655718215.789368"
X-Akamai-Pragma-Client-IP: 10.100.135.63, 159.50.252.16
Connection: keep-alive
X-Check-Cacheable: YES
Accept-Ranges: bytes
Content-Length: 30248
X-Serial: 66700
Date: Thu, 14 Nov 2024 20:48:53 GMT
Content-Type: text/css
Last-Modified: Mon, 20 Jun 2022 09:43:35 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H/1.1 200
OK responsive.css
bseg.cardif.com.co/failover/bnpparibas/css/ 101 KB
17 KB 109ms
44ms Stylesheet
text/css 2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bseg.cardif.com.co/failover/bnpparibas/css/responsive.css

Requested by

Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/web/Tuya2770/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

0f6260877b7f270f2bbff1916f0e0afbcae7ce7e3ac97d333626b4df637ccb15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bseg.cardif.com.co/web/Tuya2770/

Response headers

Strict-Transport-Security: max-age=15768000
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
ETag: "9cd0ee381bf950aca91a793bd78150bf:1655718215.900013"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17286
Date: Thu, 14 Nov 2024 20:48:53 GMT
Content-Type: text/css
Last-Modified: Mon, 20 Jun 2022 09:43:35 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
bseg.cardif.com.co/failover/bnpparibas/js/ 87 KB
31 KB 149ms
50ms Script
application/x-javascript 2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bseg.cardif.com.co/failover/bnpparibas/js/jquery-3.5.1.min.js

Requested by

Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/web/Tuya2770/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bseg.cardif.com.co/web/Tuya2770/

Response headers

Strict-Transport-Security: max-age=15768000
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
ETag: "03c6e2aad4c9aed58b607a23756afebe:1655718218.289194"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30891
Date: Thu, 14 Nov 2024 20:48:53 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 20 Jun 2022 09:43:38 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H/1.1 200
OK logo-bnp.png
bseg.cardif.com.co/failover/bnpparibas/img/ 3 KB
3 KB 90ms
44ms Image
image/png 2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bseg.cardif.com.co/failover/bnpparibas/img/logo-bnp.png

Requested by

Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/web/Tuya2770/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

3a33781d05d53ccad12790597e51b4e87814549a000eb32c7c417e55c1ffa59c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bseg.cardif.com.co/web/Tuya2770/

Response headers

Strict-Transport-Security: max-age=15768000
Content-Security-Policy: frame-ancestors 'self'
ETag: "1fc45a6342544fa7a1be213a8b991aa7:1655718219.659046"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2924
Date: Thu, 14 Nov 2024 20:48:53 GMT
Content-Type: image/png
Last-Modified: Mon, 20 Jun 2022 09:43:39 GMT
Server: AkamaiNetStorage

GET
H/1.1 200
OK logo-hd.png
bseg.cardif.com.co/failover/bnpparibas/img/ 4 KB
4 KB 148ms
50ms Image
image/png 2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bseg.cardif.com.co/failover/bnpparibas/img/logo-hd.png

Requested by

Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/web/Tuya2770/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

54afcff49b6d83eaed340aa23cf572304831c2fa018455d9215f26c7cbe2036b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bseg.cardif.com.co/web/Tuya2770/

Response headers

Strict-Transport-Security: max-age=15768000
Content-Security-Policy: frame-ancestors 'self'
ETag: "253be31f358b3a9fce64746280dae18b:1655718219.901701"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3817
Date: Thu, 14 Nov 2024 20:48:53 GMT
Content-Type: image/png
Last-Modified: Mon, 20 Jun 2022 09:43:39 GMT
Server: AkamaiNetStorage

GET
H/1.1 200
OK logo-bnp-small.png
bseg.cardif.com.co/failover/bnpparibas/img/ 4 KB
4 KB 59ms
59ms Image
image/png 2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bseg.cardif.com.co/failover/bnpparibas/img/logo-bnp-small.png

Requested by

Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/web/Tuya2770/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

8630e34c5d8f99b95f029e9dcdd1e3905eaef98be615e10fb6e5281dcb152843

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bseg.cardif.com.co/web/Tuya2770/

Response headers

Strict-Transport-Security: max-age=15768000
Content-Security-Policy: frame-ancestors 'self'
ETag: "a27055740fee56b419370375c5587826:1655718218.810854"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3599
Date: Thu, 14 Nov 2024 20:48:53 GMT
Content-Type: image/png
Last-Modified: Mon, 20 Jun 2022 09:43:38 GMT
Server: AkamaiNetStorage

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 72ms
22ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/web/Tuya2770/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bseg.cardif.com.co/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d84"
age: 2016736
x-cache: HIT, HIT
date: Thu, 14 Nov 2024 20:48:53 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 55, 252706
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga21981-LGA, cache-lcy-eglc8600088-LCY
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1731617334.776233,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30879
server: nginx

GET
H/1.1 200
OK bg-maintenance.jpg
bseg.cardif.com.co/failover/bnpparibas/img/ 68 KB
68 KB 52ms
51ms Image
image/jpeg 2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bseg.cardif.com.co/failover/bnpparibas/img/bg-maintenance.jpg

Requested by

Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/web/Tuya2770/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

793826580015bd030499461c0a70d1aa762e9b5da7cb2a9ad28e6351ccca1c88

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bseg.cardif.com.co/web/Tuya2770/

Response headers

Strict-Transport-Security: max-age=15768000
Content-Security-Policy: frame-ancestors 'self'
ETag: "2e20d927bc71d1e10a54d3e2ce128780:1655718218.813219"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69302
Date: Thu, 14 Nov 2024 20:48:53 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 20 Jun 2022 09:43:38 GMT
Server: AkamaiNetStorage

GET
H/1.1 200
OK bnpp-square-bold-v3.woff
bseg.cardif.com.co/failover/bnpparibas/fonts/bnpp-square/ 50 KB
50 KB 50ms
48ms Font
font/woff 2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bseg.cardif.com.co/failover/bnpparibas/fonts/bnpp-square/bnpp-square-bold-v3.woff

Requested by

Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/failover/bnpparibas/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

883084f0395c890372f0594e3f3022bfc0f6f30ccfcff7dbf433d456db20c49c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://bseg.cardif.com.co
Referer: https://bseg.cardif.com.co/failover/bnpparibas/css/main.css

Response headers

Strict-Transport-Security: max-age=15768000
Content-Security-Policy: frame-ancestors 'self'
ETag: "170609031805d4faa9650cbdfa5c237a:1655718244.588169"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51096
Date: Thu, 14 Nov 2024 20:48:53 GMT
Content-Type: font/woff
Last-Modified: Mon, 20 Jun 2022 09:44:04 GMT
Server: AkamaiNetStorage

GET
H/1.1 200
OK bnpp-sans.woff
bseg.cardif.com.co/failover/bnpparibas/fonts/bnpp-sans/ 54 KB
54 KB 76ms
74ms Font
font/woff 2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bseg.cardif.com.co/failover/bnpparibas/fonts/bnpp-sans/bnpp-sans.woff

Requested by

Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/failover/bnpparibas/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://bseg.cardif.com.co
Referer: https://bseg.cardif.com.co/failover/bnpparibas/css/main.css

Response headers

Strict-Transport-Security: max-age=15768000
Content-Security-Policy: frame-ancestors 'self'
ETag: "3c3d593de202e2a1a50c46c144d7e62f:1655718250.617054"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54856
Date: Thu, 14 Nov 2024 20:48:53 GMT
Content-Type: font/woff
Last-Modified: Mon, 20 Jun 2022 09:44:10 GMT
Server: AkamaiNetStorage

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v40/ 42 KB
42 KB 67ms
28ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://bseg.cardif.com.co
Referer: https://fonts.googleapis.com/

Response headers

age: 105691
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:27:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:27:22 GMT
last-modified: Thu, 14 Dec 2023 02:05:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43068
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK fontawesome-webfont.woff2
bseg.cardif.com.co/failover/bnpparibas/fonts/ 70 KB
71 KB 116ms
114ms Font
font/woff2 2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bseg.cardif.com.co/failover/bnpparibas/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/failover/bnpparibas/css/font-awesome.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://bseg.cardif.com.co
Referer: https://bseg.cardif.com.co/failover/bnpparibas/css/font-awesome.min.css

Response headers

Strict-Transport-Security: max-age=15768000
Content-Security-Policy: frame-ancestors 'self'
ETag: "e6cf7c6ec7c2d6f670ae9d762604cb0b:1655718221.703029"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71896
Date: Thu, 14 Nov 2024 20:48:54 GMT
Content-Type: font/woff2
Last-Modified: Mon, 20 Jun 2022 09:43:41 GMT
Server: AkamaiNetStorage

GET
H/1.1 200
OK bnpp-square-regular-v3.woff
bseg.cardif.com.co/failover/bnpparibas/fonts/bnpp-square/ 51 KB
51 KB 77ms
76ms Font
font/woff 2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bseg.cardif.com.co/failover/bnpparibas/fonts/bnpp-square/bnpp-square-regular-v3.woff

Requested by

Host: bseg.cardif.com.co
URL: https://bseg.cardif.com.co/failover/bnpparibas/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

ea0afc11977298d3fe9851f389afa2b4d9b07736858b8e827809f1154cc3fcf7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://bseg.cardif.com.co
Referer: https://bseg.cardif.com.co/failover/bnpparibas/css/main.css

Response headers

Strict-Transport-Security: max-age=15768000
Content-Security-Policy: frame-ancestors 'self'
ETag: "865ad8fb42c158e5ab542c6d5e7f1f01:1655718245.664914"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52040
Date: Thu, 14 Nov 2024 20:48:54 GMT
Content-Type: font/woff
Last-Modified: Mon, 20 Jun 2022 09:44:05 GMT
Server: AkamaiNetStorage

GET
H/1.1 503
Service Unavailable favicon.ico
bseg.cardif.com.co/ 371 B
690 B 252ms
252ms Other
text/html 2a02:26f0:3500:29d::10c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bseg.cardif.com.co/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:29d::10c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiGHost /

Resource Hash

bccdb9a2d91fc71f3b258b43144d7107280be2b674f650a66fc1fa7466dd0262

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bseg.cardif.com.co/web/Tuya2770/

Response headers

Strict-Transport-Security: max-age=15768000
X-Reference-Error: 11.b891dd58.1731617334.c58cc20
Connection: keep-alive
Mime-Version: 1.0
Expires: Thu, 14 Nov 2024 20:48:54 GMT
Content-Length: 371
Date: Thu, 14 Nov 2024 20:48:54 GMT
Content-Type: text/html
Server: AkamaiGHost

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getCookie function| $ function| jQuery function| HeightMaintenance

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bseg.cardif.com.co/web/Tuya2770	1969-12-31 23:59:59	Name: AK-Ref-Id Value: 11.b891dd58.1731617333.c58ca0f

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bseg.cardif.com.co/web/Tuya2770/ Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: https://bseg.cardif.com.co/favicon.ico Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bseg.cardif.com.co
bseg.co
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
142.250.184.227
155.140.94.32
2a00:1450:4001:81d::200a
2a02:26f0:3500:29d::10c4
2a04:4e42:200::649
0d2d6f82bd07a7ce64902624eb45967eccc6dd27b072a112dcd92217847c27c5
0f6260877b7f270f2bbff1916f0e0afbcae7ce7e3ac97d333626b4df637ccb15
24d2565318e7b397dfb2129bfc57fa424942541d5126a994eed9f433ce964e2f
3a33781d05d53ccad12790597e51b4e87814549a000eb32c7c417e55c1ffa59c
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c
4212c197d510dd2c670f9d342a12d6888c39215b48fe928924e6e178c2f1f4e8
54afcff49b6d83eaed340aa23cf572304831c2fa018455d9215f26c7cbe2036b
62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284
793826580015bd030499461c0a70d1aa762e9b5da7cb2a9ad28e6351ccca1c88
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8630e34c5d8f99b95f029e9dcdd1e3905eaef98be615e10fb6e5281dcb152843
883084f0395c890372f0594e3f3022bfc0f6f30ccfcff7dbf433d456db20c49c
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c
bc6b5471559144660927f759eed80bc00f0738b0955497b5cea8b26de009ce7a
bccdb9a2d91fc71f3b258b43144d7107280be2b674f650a66fc1fa7466dd0262
ce169449427b89ec3c3b7f1ecb0b58410940ad9c10d70b6f64e898c5869ab597
ea0afc11977298d3fe9851f389afa2b4d9b07736858b8e827809f1154cc3fcf7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

bseg.cardif.com.co Open in urlscan Pro 2a02:26f0:3500:29d::10c4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

4 IPs

3 Countries

491 kBTransfer

1004 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

bseg.cardif.com.co Open in urlscan Pro
2a02:26f0:3500:29d::10c4 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

491 kB
Transfer

1004 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions