www.getcybersafe.gc.ca Open in urlscan Pro
198.103.108.171 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ow.ly/5ZL850AHgrB
Effective URL:
https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=dai...
Submission: On August 03 via automatic, source phishtank (August 3rd 2020, 6:23:47 am UTC)

Summary HTTP 16 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 16 HTTP transactions. The main IP is 198.103.108.171, located in Ottawa, Canada and belongs to CDAGOVN, CA. The main domain is www.getcybersafe.gc.ca.
TLS certificate: Issued by Entrust Certification Authority - L1M on January 24th 2020. Valid for: 2 years.

This is the only time www.getcybersafe.gc.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.67.62.204 54.67.62.204	16509 (AMAZON-02) (AMAZON-02)
15	198.103.108.171 198.103.108.171	2665 (CDAGOVN) (CDAGOVN)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
16	2

1 54.67.62.204 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ow.ly

ow.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 198.103.108.171 (Ottawa, Canada)

ASN2665 (CDAGOVN, CA)

www.getcybersafe.gc.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	getcybersafe.gc.ca www.getcybersafe.gc.ca	5 MB
1	googleapis.com ajax.googleapis.com	29 KB
1	ow.ly 1 redirects ow.ly	265 B
16	3

	Domain	Requested by
15	www.getcybersafe.gc.ca	www.getcybersafe.gc.ca
1	ajax.googleapis.com	www.getcybersafe.gc.ca
1	ow.ly	1 redirects
16	3

This site contains links to these domains. Also see Links.

Domain
www.canada.ca
pensezcybersecurite.gc.ca
www.publicsafety.gc.ca
www.cyber.gc.ca
healthycanadians.gc.ca
travel.gc.ca
www.servicecanada.gc.ca
www.jobbank.gc.ca
www.budget.gc.ca

Subject Issuer	Validity	Valid
getcybersafe.gc.ca Entrust Certification Authority - L1M	`2020-01-24` - `2022-04-23`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822
Frame ID: F08377D13474EF8D9D1386A41997FFCD
Requests: 14 HTTP requests in this frame

Frame: https://www.getcybersafe.gc.ca/dist/assets/sig-en.svg
Frame ID: C8EF22E790F6A5DECF548C5CA38F8490
Requests: 1 HTTP requests in this frame

Frame: https://www.getcybersafe.gc.ca/dist/assets/wmms.svg
Frame ID: AF17F206847820E0E0F6E93A02115B51
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ow.ly/5ZL850AHgrB HTTP 301
https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twit... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

5579 kB
Transfer

5844 kB
Size

0
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://www.canada.ca/en/index.html
Title: Canada.ca

Search URL Search Domain Scan URL

URL: http://www.canada.ca/en/services/index.html
Title: Services

Search URL Search Domain Scan URL

URL: http://www.canada.ca/en/gov/dept/index.html
Title: Departments

Search URL Search Domain Scan URL

URL: http://pensezcybersecurite.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-fr.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily+&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822
Title: Français

Search URL Search Domain Scan URL

URL: http://www.publicsafety.gc.ca/cnt/trnsprnc/index-eng.aspx
Title: Transparency

Search URL Search Domain Scan URL

URL: http://www.cyber.gc.ca/
Title: Canadian Centre for Cyber Security

Search URL Search Domain Scan URL

URL: http://healthycanadians.gc.ca/
Title: Health

Search URL Search Domain Scan URL

URL: http://travel.gc.ca/
Title: Travel

Search URL Search Domain Scan URL

URL: http://www.servicecanada.gc.ca/eng/home.shtml
Title: Service Canada

Search URL Search Domain Scan URL

URL: http://www.jobbank.gc.ca/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.budget.gc.ca/
Title: Economy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ow.ly/5ZL850AHgrB HTTP 301
https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set ph2-en.aspx Show response
www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/
Redirect Chain

http://ow.ly/5ZL850AHgrB
https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822

23 KB
8 KB

655ms
137ms

Document
text/html

198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ab96a721f880edefbba216e38e3ab37a572d3dae87b92b5762dc4c59040a9770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: www.getcybersafe.gc.ca
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-UA-Compatible: IE=edge
Date: Mon, 03 Aug 2020 06:23:19 GMT
Content-Length: 7974
Set-Cookie: BIGipServer~GetCyberSafe~GetCyberSafe.app~GetCyberSafe_pool=2718566922.20480.0000; path=/; Httponly; Secure
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: Keep-Alive

Redirect headers

Location: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822
Connection: close
Content-Length: 0

GET
H/1.1 200
OK wet-boew.min.css
www.getcybersafe.gc.ca/dist/css/ 240 B
599 B 127ms
125ms Stylesheet
text/css 198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getcybersafe.gc.ca/dist/css/wet-boew.min.css

Requested by

Host: www.getcybersafe.gc.ca
URL: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2f5eb8f90aa838f0160d6804c9eeaddbf517e615493f2a5982e8141ad250213c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 06:23:19 GMT
Vary: Accept-Encoding
Last-Modified: Tue, 12 Apr 2016 11:17:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "04694deac94d11:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 240
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK custom.css
www.getcybersafe.gc.ca/css/ 143 B
503 B 253ms
125ms Stylesheet
text/css 198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getcybersafe.gc.ca/css/custom.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7d2bf54fdae6848db082a6066e9a4542973a238acc0b7eda7401aea29b76dfe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 06:23:19 GMT
Vary: Accept-Encoding
Last-Modified: Mon, 19 Jan 2015 19:30:41 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "c3a925691e34d01:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 143
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK theme.min.css
www.getcybersafe.gc.ca/dist/css/ 195 KB
57 KB 634ms
386ms Stylesheet
text/css 198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getcybersafe.gc.ca/dist/css/theme.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

df267aabc5c47c198dbfb436129bfb8428a4e6c57eb9332e3b2e5e434ee7b0e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 06:23:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 12 Apr 2016 11:17:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "04694deac94d11:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 58280
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK 5398_SecondPhising_Infographic_CSE_EN.jpg
www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ 5 MB
5 MB 388ms
135ms Image
image/jpeg 198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/5398_SecondPhising_Infographic_CSE_EN.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7a19c712df1eb450d9071f831e0c360d22d9929dd92f88627d32001848672a85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 06:23:20 GMT
Last-Modified: Fri, 13 Mar 2020 15:35:50 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "4b31e134df9d51:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 5471092
X-UA-Compatible: IE=edge

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
29 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 20:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2193949
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jul 2021 20:57:31 GMT

GET
H/1.1 200
OK wet-boew.min.js Show response
www.getcybersafe.gc.ca/dist/js/ 126 KB
65 KB 639ms
386ms Script
application/javascript 198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getcybersafe.gc.ca/dist/js/wet-boew.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

bb03299c3ddd62f50721187a21f62f7c4ff1818909f9e0a1508833f9e43eb349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 06:23:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 12 Apr 2016 11:17:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "04694deac94d11:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 66483
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK header-leaf.jpg
www.getcybersafe.gc.ca/dist/assets/ 7 KB
7 KB 131ms
130ms Image
image/jpeg 198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getcybersafe.gc.ca/dist/assets/header-leaf.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

585defecffe2aae3c3daf15f7ce9c8b6482dab389bcbeb030d399f24232e6f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.getcybersafe.gc.ca/dist/css/theme.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 06:23:20 GMT
Last-Modified: Tue, 12 Apr 2016 11:17:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "04694deac94d11:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 6962
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK header-bg.jpg
www.getcybersafe.gc.ca/dist/assets/ 15 KB
15 KB 133ms
133ms Image
image/jpeg 198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getcybersafe.gc.ca/dist/assets/header-bg.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

52e75f289c865f1608d23ef199d4ddcf6c35a9b1c6596d0b515df7b2ffd5dcb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.getcybersafe.gc.ca/dist/css/theme.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 06:23:20 GMT
Last-Modified: Tue, 12 Apr 2016 11:17:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "04694deac94d11:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 15436
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK sft-deco.gif
www.getcybersafe.gc.ca/dist/assets/ 80 B
439 B 128ms
128ms Image
image/gif 198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getcybersafe.gc.ca/dist/assets/sft-deco.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

372dbc2821a06ee701e74972f6783b83951fe88459a28913ba425613ff15b909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.getcybersafe.gc.ca/dist/css/theme.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 06:23:20 GMT
Vary: Accept-Encoding
Last-Modified: Tue, 12 Apr 2016 11:17:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "04694deac94d11:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 80
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK sft-deco-leaf.gif
www.getcybersafe.gc.ca/dist/assets/ 3 KB
3 KB 319ms
129ms Image
image/gif 198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getcybersafe.gc.ca/dist/assets/sft-deco-leaf.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

352e74be133b2633ede15ab1d9f60703978fe5c748571d79df4eb5b78cc11bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.getcybersafe.gc.ca/dist/css/theme.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 06:23:20 GMT
Last-Modified: Tue, 12 Apr 2016 11:17:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "04694deac94d11:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 3225
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK glyphicons-halflings-regular.woff
www.getcybersafe.gc.ca/dist/fonts/ 23 KB
23 KB 179ms
128ms Font
font/x-woff 198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getcybersafe.gc.ca/dist/fonts/glyphicons-halflings-regular.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getcybersafe.gc.ca/dist/css/theme.min.css
Origin: https://www.getcybersafe.gc.ca

Response headers

Date: Mon, 03 Aug 2020 06:23:20 GMT
Last-Modified: Tue, 12 Apr 2016 11:17:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "04694deac94d11:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 23320
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK sig-en.svg Show response
www.getcybersafe.gc.ca/dist/assets/ Frame C8EF 11 KB
11 KB 198ms
129ms Document
image/svg+xml 198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getcybersafe.gc.ca/dist/assets/sig-en.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ddc04f3de34dce28968926fb8d174ad39a07b875392fa406b07fc4c729a47438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: www.getcybersafe.gc.ca
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: object
Referer: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: BIGipServer~GetCyberSafe~GetCyberSafe.app~GetCyberSafe_pool=2718566922.20480.0000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822

Response headers

Content-Type: image/svg+xml
Last-Modified: Tue, 12 Apr 2016 11:17:16 GMT
Accept-Ranges: bytes
ETag: "04694deac94d11:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-UA-Compatible: IE=edge
Date: Mon, 03 Aug 2020 06:23:20 GMT
Content-Length: 10764
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK wmms.svg Show response
www.getcybersafe.gc.ca/dist/assets/ Frame AF17 5 KB
5 KB 204ms
125ms Document
image/svg+xml 198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getcybersafe.gc.ca/dist/assets/wmms.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4dd1b275548819246b29ff689c8f617314c6e7b5a18c30341c001321519f9913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: www.getcybersafe.gc.ca
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: object
Referer: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: BIGipServer~GetCyberSafe~GetCyberSafe.app~GetCyberSafe_pool=2718566922.20480.0000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822

Response headers

Content-Type: image/svg+xml
Last-Modified: Tue, 12 Apr 2016 11:17:16 GMT
Accept-Ranges: bytes
ETag: "04694deac94d11:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-UA-Compatible: IE=edge
Date: Mon, 03 Aug 2020 06:23:20 GMT
Content-Length: 4819
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK en.min.js
www.getcybersafe.gc.ca/dist/js/i18n/ 6 KB
6 KB 230ms
126ms Image
application/javascript 198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getcybersafe.gc.ca/dist/js/i18n/en.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 06:23:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 12 Apr 2016 11:17:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "04694deac94d11:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3486
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK en.min.js Show response
www.getcybersafe.gc.ca/dist/js/i18n/ 6 KB
4 KB 129ms
128ms Script
application/javascript 198.103.108.171
CDAGOVN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getcybersafe.gc.ca/dist/js/i18n/en.min.js

Requested by

Host: www.getcybersafe.gc.ca
URL: https://www.getcybersafe.gc.ca/dist/js/wet-boew.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.103.108.171 Ottawa, Canada, ASN2665 (CDAGOVN, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

001055ddfbce57cc18d8cddc1bc0266c8e572e624b815481b6201ed4ec9ed8c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.getcybersafe.gc.ca/cnt/rsrcs/nfgrphcs/phishing/ph2-en.aspx?utm_source=hootsuite&utm_medium=twitter&utm_campaign=daily%20&utm_content=4e36c616-bf18-4ed3-aedd-b745b68ce822
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 06:23:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 12 Apr 2016 11:17:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "04694deac94d11:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3486
X-UA-Compatible: IE=edge

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ow.ly
www.getcybersafe.gc.ca
198.103.108.171
2a00:1450:4001:81a::200a
54.67.62.204
001055ddfbce57cc18d8cddc1bc0266c8e572e624b815481b6201ed4ec9ed8c6
2f5eb8f90aa838f0160d6804c9eeaddbf517e615493f2a5982e8141ad250213c
352e74be133b2633ede15ab1d9f60703978fe5c748571d79df4eb5b78cc11bdd
372dbc2821a06ee701e74972f6783b83951fe88459a28913ba425613ff15b909
4dd1b275548819246b29ff689c8f617314c6e7b5a18c30341c001321519f9913
52e75f289c865f1608d23ef199d4ddcf6c35a9b1c6596d0b515df7b2ffd5dcb4
585defecffe2aae3c3daf15f7ce9c8b6482dab389bcbeb030d399f24232e6f64
7a19c712df1eb450d9071f831e0c360d22d9929dd92f88627d32001848672a85
7d2bf54fdae6848db082a6066e9a4542973a238acc0b7eda7401aea29b76dfe7
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
ab96a721f880edefbba216e38e3ab37a572d3dae87b92b5762dc4c59040a9770
bb03299c3ddd62f50721187a21f62f7c4ff1818909f9e0a1508833f9e43eb349
ddc04f3de34dce28968926fb8d174ad39a07b875392fa406b07fc4c729a47438
df267aabc5c47c198dbfb436129bfb8428a4e6c57eb9332e3b2e5e434ee7b0e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

www.getcybersafe.gc.ca Open in urlscan Pro 198.103.108.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

5579 kBTransfer

5844 kBSize

0 Cookies

11 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.getcybersafe.gc.ca Open in urlscan Pro
198.103.108.171 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

5579 kB
Transfer

5844 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions