portald22.csr24.com Open in urlscan Pro
192.26.130.90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://portald22.csr24.com/mvc/1258611071
Submission: On September 02 via manual (September 2nd 2022, 4:17:23 pm UTC) from IN — Scanned from DE

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 192.26.130.90, located in United States and belongs to CO-DATACENTER, US. The main domain is portald22.csr24.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on July 3rd 2022. Valid for: a year.

This is the only time portald22.csr24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	192.26.130.90 192.26.130.90	30620 (CO-DATACE...) (CO-DATACENTER)
4	44.239.199.212 44.239.199.212	16509 (AMAZON-02) (AMAZON-02)
15	2

11 192.26.130.90 (United States)

ASN30620 (CO-DATACENTER, US)
PTR: xdc.csr24.com

portald22.csr24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.239.199.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-199-212.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	csr24.com portald22.csr24.com	253 KB
4	amplitude.com api.amplitude.com — Cisco Umbrella Rank: 1316	409 B
15	2

	Domain	Requested by
11	portald22.csr24.com	portald22.csr24.com
4	api.amplitude.com	portald22.csr24.com
15	2

This site contains links to these domains. Also see Links.

Domain
www.aaa.com

Subject Issuer	Validity	Valid
*.csr24.com GlobalSign RSA OV SSL CA 2018	`2022-07-03` - `2023-08-04`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://portald22.csr24.com/mvc/1258611071
Frame ID: A3940E09F771F000FFABBF3A512C2B42
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AAA Members Insurance Agency of Western and Centra

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

254 kB
Transfer

239 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.aaa.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 1258611071 Show response
portald22.csr24.com/mvc/ 7 KB
8 KB 899ms
371ms Document
text/html 192.26.130.90
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portald22.csr24.com/mvc/1258611071

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.26.130.90 , United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

xdc.csr24.com

Software

Resource Hash

0e87cc7bfd26b7364741ad7a37adb4ea48972db262aa2a56db07d3f79ff64e61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private,no-cache, no-store
Content-Length: 6790
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://wd22.csr24.com https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Sep 2022 16:17:18 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK superfish.css
portald22.csr24.com/mvc/Content/ 3 KB
4 KB 144ms
143ms Stylesheet
text/css 192.26.130.90
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portald22.csr24.com/mvc/Content/superfish.css

Requested by

Host: portald22.csr24.com
URL: https://portald22.csr24.com/mvc/1258611071

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.26.130.90 , United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

xdc.csr24.com

Software

Resource Hash

fbc6eb75cca4a9f2726ecfd958d744ec0fcaedf6887abfb0ce625ffe35c87921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portald22.csr24.com/mvc/1258611071
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Jan 2022 02:43:48 GMT
ETag: "0caa5e4cb5d81:0"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://wd22.csr24.com https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: text/css
Cache-Control: public, max-age=86400
Date: Fri, 02 Sep 2022 16:17:18 GMT
Accept-Ranges: bytes
Content-Length: 3029
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK Login_2020.css
portald22.csr24.com/mvc/Content/ 6 KB
7 KB 290ms
288ms Stylesheet
text/css 192.26.130.90
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portald22.csr24.com/mvc/Content/Login_2020.css

Requested by

Host: portald22.csr24.com
URL: https://portald22.csr24.com/mvc/1258611071

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.26.130.90 , United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

xdc.csr24.com

Software

Resource Hash

ea6e769030700c70f77ee6792671dd93d9fc4e40f7389c788918e737c819c4d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portald22.csr24.com/mvc/1258611071
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Tue, 25 Jan 2022 16:22:04 GMT
ETag: "01e57b0712d81:0"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://wd22.csr24.com https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: text/css
Cache-Control: public, max-age=86400
Date: Fri, 02 Sep 2022 16:17:18 GMT
Accept-Ranges: bytes
Content-Length: 5972
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK Login_2021.css
portald22.csr24.com/mvc/Content/ 4 KB
5 KB 289ms
145ms Stylesheet
text/css 192.26.130.90
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portald22.csr24.com/mvc/Content/Login_2021.css

Requested by

Host: portald22.csr24.com
URL: https://portald22.csr24.com/mvc/1258611071

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.26.130.90 , United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

xdc.csr24.com

Software

Resource Hash

7c45d90ee98a9db6782cc2140c1cbc8e465e8114479575c09499bb188368f1f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portald22.csr24.com/mvc/1258611071
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 06 May 2022 15:30:38 GMT
ETag: "0a3a93c5e61d81:0"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://wd22.csr24.com https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: text/css
Cache-Control: public, max-age=86400
Date: Fri, 02 Sep 2022 16:17:18 GMT
Accept-Ranges: bytes
Content-Length: 3689
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK StyleSheet_2021.css
portald22.csr24.com/mvc/Content/Insured/ 24 KB
25 KB 708ms
434ms Stylesheet
text/css 192.26.130.90
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portald22.csr24.com/mvc/Content/Insured/StyleSheet_2021.css?1

Requested by

Host: portald22.csr24.com
URL: https://portald22.csr24.com/mvc/1258611071

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.26.130.90 , United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

xdc.csr24.com

Software

Resource Hash

01126749fff4706c6a6242605ef144fa703818c3b718c3f901509fa24db1b879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portald22.csr24.com/mvc/1258611071
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Aug 2022 14:35:50 GMT
ETag: "0e71a52fdabd81:0"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://wd22.csr24.com https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: text/css
Cache-Control: public, max-age=86400
Date: Fri, 02 Sep 2022 16:17:18 GMT
Accept-Ranges: bytes
Content-Length: 24632
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
portald22.csr24.com/mvc/Scripts/ 87 KB
89 KB 709ms
435ms Script
application/javascript 192.26.130.90
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portald22.csr24.com/mvc/Scripts/jquery-3.6.0.min.js

Requested by

Host: portald22.csr24.com
URL: https://portald22.csr24.com/mvc/1258611071

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.26.130.90 , United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

xdc.csr24.com

Software

Resource Hash

ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portald22.csr24.com/mvc/1258611071
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Jul 2022 15:08:00 GMT
ETag: "0485257ca96d81:0"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://wd22.csr24.com https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Date: Fri, 02 Sep 2022 16:17:18 GMT
Accept-Ranges: bytes
Content-Length: 89503
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK jquery.placeholder.js Show response
portald22.csr24.com/mvc/Scripts/ 651 B
2 KB 436ms
162ms Script
application/javascript 192.26.130.90
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portald22.csr24.com/mvc/Scripts/jquery.placeholder.js

Requested by

Host: portald22.csr24.com
URL: https://portald22.csr24.com/mvc/1258611071

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.26.130.90 , United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

xdc.csr24.com

Software

Resource Hash

accc9562ef4013f338211e9dd3c5089956470e0c2997978a96783cb08e942291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portald22.csr24.com/mvc/1258611071
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Jan 2022 02:43:50 GMT
ETag: "0f7d6e5cb5d81:0"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://wd22.csr24.com https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Date: Fri, 02 Sep 2022 16:17:18 GMT
Accept-Ranges: bytes
Content-Length: 651
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK superfish.js Show response
portald22.csr24.com/mvc/Scripts/Shared/ 8 KB
9 KB 571ms
298ms Script
application/javascript 192.26.130.90
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portald22.csr24.com/mvc/Scripts/Shared/superfish.js

Requested by

Host: portald22.csr24.com
URL: https://portald22.csr24.com/mvc/1258611071

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.26.130.90 , United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

xdc.csr24.com

Software

Resource Hash

0426802f1386818022cdd44053713ac6cb1f772f133c2d4c0108ce81b1f094b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portald22.csr24.com/mvc/1258611071
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Jan 2022 02:43:52 GMT
ETag: "0248e7cb5d81:0"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://wd22.csr24.com https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Date: Fri, 02 Sep 2022 16:17:18 GMT
Accept-Ranges: bytes
Content-Length: 8329
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK svg4everybody.js Show response
portald22.csr24.com/mvc/Scripts/ 6 KB
7 KB 437ms
149ms Script
application/javascript 192.26.130.90
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portald22.csr24.com/mvc/Scripts/svg4everybody.js

Requested by

Host: portald22.csr24.com
URL: https://portald22.csr24.com/mvc/1258611071

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.26.130.90 , United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

xdc.csr24.com

Software

Resource Hash

4eb0ee251cdee2eac80de870f7f40058d66694f273c567d5809561c44b21ea9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portald22.csr24.com/mvc/1258611071
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Jan 2022 02:43:50 GMT
ETag: "0f7d6e5cb5d81:0"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://wd22.csr24.com https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Date: Fri, 02 Sep 2022 16:17:18 GMT
Accept-Ranges: bytes
Content-Length: 6279
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK appliedProdInt.js Show response
portald22.csr24.com/mvc/Scripts/webpack/dist/ 83 KB
84 KB 574ms
284ms Script
application/javascript 192.26.130.90
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portald22.csr24.com/mvc/Scripts/webpack/dist/appliedProdInt.js

Requested by

Host: portald22.csr24.com
URL: https://portald22.csr24.com/mvc/1258611071

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.26.130.90 , United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

xdc.csr24.com

Software

Resource Hash

b1c886a49633634463d04e78638401a99666cfbccf2175d51b6bb0a09e6e1756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portald22.csr24.com/mvc/1258611071
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Aug 2022 15:48:46 GMT
ETag: "083b5d550b2d81:0"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://wd22.csr24.com https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Date: Fri, 02 Sep 2022 16:17:18 GMT
Accept-Ranges: bytes
Content-Length: 84726
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK logo.png
portald22.csr24.com/users/1258611071/images/ 11 KB
12 KB 142ms
141ms Image
image/png 192.26.130.90
CO-DATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portald22.csr24.com/users/1258611071/images/logo.png
Requested by: Host: portald22.csr24.com
URL: https://portald22.csr24.com/mvc/1258611071
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 192.26.130.90 , United States, ASN30620 (CO-DATACENTER, US),
Reverse DNS: xdc.csr24.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 78f67f2510a811064f6072a378a7f3092281e9528dcd7ef2737630f765b3bd6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portald22.csr24.com/mvc/1258611071
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Sep 2022 16:17:19 GMT
Last-Modified: Fri, 10 Jul 2020 14:53:30 GMT
Server: Microsoft-IIS/8.5
ETag: "554248e0c956d61:0"
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 11560
Expires: 0

OPTIONS
H2 200 /
api.amplitude.com/ 0
0 522ms
172ms Preflight 44.239.199.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.199.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-199-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://portald22.csr24.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Fri, 02 Sep 2022 16:17:20 GMT
strict-transport-security: max-age=15768000

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 176ms
176ms XHR
text/html 44.239.199.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: portald22.csr24.com
URL: https://portald22.csr24.com/mvc/Scripts/webpack/dist/appliedProdInt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.199.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-199-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://portald22.csr24.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Sep 2022 16:17:20 GMT
trace-id: Root=1-63122c90-394686890b42483e14e67a41
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 / Show response
api.amplitude.com/ 7 B
204 B 178ms
178ms XHR
text/html 44.239.199.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: portald22.csr24.com
URL: https://portald22.csr24.com/mvc/Scripts/webpack/dist/appliedProdInt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.199.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-199-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://portald22.csr24.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Sep 2022 16:17:21 GMT
trace-id: Root=1-63122c90-34019ce06d25df205e7e5edc
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

OPTIONS
H2 200 /
api.amplitude.com/ 0
0 172ms
172ms Preflight 44.239.199.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.199.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-199-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://portald22.csr24.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Fri, 02 Sep 2022 16:17:20 GMT
strict-transport-security: max-age=15768000

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			portald22.csr24.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken_L212Yw2 Value: s-zp_wyYQ-op-Cmkwd2BLS_Y8neWbvVUO4WabHHsXbdf83B_QKW3YtdOmPxxIeUcyZBVMQxrBKK-OivhFex4hwA6oSU-tFBrtwaU6RWypIA1
			.csr24.com/	1970-01-20 14:27:51	Name: amp_faf5a1 Value: j5A13p0dsf3q0c9vmcPEHJ...1gbvfs4l1.1gbvfs4l4.1.1.2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://portald22.csr24.com/mvc/1258611071 Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: '*platform.twitter.com'. It will be ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
portald22.csr24.com
192.26.130.90
44.239.199.212
01126749fff4706c6a6242605ef144fa703818c3b718c3f901509fa24db1b879
0426802f1386818022cdd44053713ac6cb1f772f133c2d4c0108ce81b1f094b8
0e87cc7bfd26b7364741ad7a37adb4ea48972db262aa2a56db07d3f79ff64e61
4eb0ee251cdee2eac80de870f7f40058d66694f273c567d5809561c44b21ea9c
78f67f2510a811064f6072a378a7f3092281e9528dcd7ef2737630f765b3bd6d
7c45d90ee98a9db6782cc2140c1cbc8e465e8114479575c09499bb188368f1f2
accc9562ef4013f338211e9dd3c5089956470e0c2997978a96783cb08e942291
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1c886a49633634463d04e78638401a99666cfbccf2175d51b6bb0a09e6e1756
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
ea6e769030700c70f77ee6792671dd93d9fc4e40f7389c788918e737c819c4d5
fbc6eb75cca4a9f2726ecfd958d744ec0fcaedf6887abfb0ce625ffe35c87921

portald22.csr24.com Open in urlscan Pro 192.26.130.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

254 kBTransfer

239 kBSize

2 Cookies

1 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

portald22.csr24.com Open in urlscan Pro
192.26.130.90 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

254 kB
Transfer

239 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions