application-demande.ceba-cuec.ca Open in urlscan Pro
192.124.249.11  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response application-demande.ceba-cuec.ca/	3 KB 4 KB	101ms 34ms	Document text/html	192.124.249.11 SUCURI-SEC
General Check archive.org Show headers Download Go to Full URL https://application-demande.ceba-cuec.ca/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US), Reverse DNS cloudproxy10011.sucuri.net Software nginx / Resource Hash 10403d91be22d902a3fb8d66a463870f4c4e9b1bfd6e4c0a1e3c708643cad76d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff nosniff X-Frame-Options SAMEORIGIN DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers server nginx date Tue, 08 Mar 2022 16:21:13 GMT content-type text/html; charset=UTF-8 content-length 3555 x-sucuri-id 14011 x-xss-protection 1; mode=block x-frame-options SAMEORIGIN DENY x-content-type-options nosniff nosniff content-security-policy upgrade-insecure-requests; referrer-policy strict-origin strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes cache-control public, max-age=0 last-modified Thu, 20 Jan 2022 13:51:09 GMT etag W/"de3-17e77c160c8" via 1.1 vegur x-sucuri-cache MISS
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/4.5.0/css/	157 KB 25 KB	51ms 24ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css Requested by Host: application-demande.ceba-cuec.ca URL: https://application-demande.ceba-cuec.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://application-demande.ceba-cuec.ca/ Origin https://application-demande.ceba-cuec.ca Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 16:21:13 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 845 age 74937 cdn-cachedat 01/20/2022 08:59:23 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.02 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:10 GMT server cloudflare cdn-requestpullcode 200 etag W/"3afe15e976734d9daac26310110c4594" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 5a2a89e66822c745dea693d7161266b8 cdn-requestcountrycode US cf-ray 6e8ce719fe164bbf-YUL cdn-cache HIT cdn-status 200 cdn-requestpullsuccess True
GET H2	200	5.4261ba9a.chunk.css application-demande.ceba-cuec.ca/static/css/	21 KB 21 KB	30ms 29ms	Stylesheet text/css	192.124.249.11 SUCURI-SEC
General Check archive.org Show headers Download Go to Full URL https://application-demande.ceba-cuec.ca/static/css/5.4261ba9a.chunk.css Requested by Host: application-demande.ceba-cuec.ca URL: https://application-demande.ceba-cuec.ca/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US), Reverse DNS cloudproxy10011.sucuri.net Software nginx / Resource Hash a80c90917f685a6c1b2e658a8e9379ace1b52fa90910558c7632d48c291c0eac Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, DENY X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://application-demande.ceba-cuec.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 16:21:13 GMT via 1.1 vegur x-content-type-options nosniff, nosniff x-sucuri-cache MISS content-length 21124 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Thu, 20 Jan 2022 13:51:09 GMT server nginx x-frame-options SAMEORIGIN, DENY etag W/"5284-17e77c160c8" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=UTF-8 cache-control max-age=315360000 x-sucuri-id 14011 content-security-policy upgrade-insecure-requests; accept-ranges bytes expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	main.17effb1d.chunk.css application-demande.ceba-cuec.ca/static/css/	215 KB 215 KB	77ms 76ms	Stylesheet text/css	192.124.249.11 SUCURI-SEC
General Check archive.org Show headers Download Go to Full URL https://application-demande.ceba-cuec.ca/static/css/main.17effb1d.chunk.css Requested by Host: application-demande.ceba-cuec.ca URL: https://application-demande.ceba-cuec.ca/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US), Reverse DNS cloudproxy10011.sucuri.net Software nginx / Resource Hash f2c0ed8ab23dc322ccc22dc7152ae9dc87791d62357fc6d01eb1e7e960465519 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, DENY X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://application-demande.ceba-cuec.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 16:21:13 GMT via 1.1 vegur x-content-type-options nosniff, nosniff x-sucuri-cache MISS content-length 219840 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Thu, 20 Jan 2022 13:51:09 GMT server nginx x-frame-options SAMEORIGIN, DENY etag W/"35ac0-17e77c160c8" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=UTF-8 cache-control max-age=315360000 x-sucuri-id 14011 content-security-policy upgrade-insecure-requests; accept-ranges bytes expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	5.60c53a63.chunk.js Show response application-demande.ceba-cuec.ca/static/js/	1 MB 1 MB	54ms 53ms	Script application/javascript	192.124.249.11 SUCURI-SEC
General Check archive.org Show headers Download Go to Full URL https://application-demande.ceba-cuec.ca/static/js/5.60c53a63.chunk.js Requested by Host: application-demande.ceba-cuec.ca URL: https://application-demande.ceba-cuec.ca/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US), Reverse DNS cloudproxy10011.sucuri.net Software nginx / Resource Hash 4f736aad88d1d1df8a7dfe9445bcce9b6e80d9414148b6eacdf0ee19d84d256b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, DENY X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://application-demande.ceba-cuec.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 16:21:13 GMT via 1.1 vegur x-content-type-options nosniff, nosniff x-sucuri-cache MISS content-length 1223729 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Thu, 20 Jan 2022 13:51:09 GMT server nginx x-frame-options SAMEORIGIN, DENY etag W/"12ac31-17e77c160c8" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=UTF-8 cache-control max-age=315360000 x-sucuri-id 14011 content-security-policy upgrade-insecure-requests; accept-ranges bytes expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	main.d42a238b.chunk.js Show response application-demande.ceba-cuec.ca/static/js/	196 KB 197 KB	53ms 53ms	Script application/javascript	192.124.249.11 SUCURI-SEC
General Check archive.org Show headers Download Go to Full URL https://application-demande.ceba-cuec.ca/static/js/main.d42a238b.chunk.js Requested by Host: application-demande.ceba-cuec.ca URL: https://application-demande.ceba-cuec.ca/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US), Reverse DNS cloudproxy10011.sucuri.net Software nginx / Resource Hash 46aecbfa7558964e764e64a3b0765f03aa45e9e1feeb97bdb80526eba3e47e22 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, DENY X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://application-demande.ceba-cuec.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 16:21:13 GMT via 1.1 vegur x-content-type-options nosniff, nosniff x-sucuri-cache MISS content-length 200678 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Thu, 20 Jan 2022 13:51:09 GMT server nginx x-frame-options SAMEORIGIN, DENY etag W/"30fe6-17e77c160c8" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=UTF-8 cache-control max-age=315360000 x-sucuri-id 14011 content-security-policy upgrade-insecure-requests; accept-ranges bytes expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	75ms 19ms	Script text/javascript	2607:f8b0:4006:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: application-demande.ceba-cuec.ca URL: https://application-demande.ceba-cuec.ca/static/js/5.60c53a63.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://application-demande.ceba-cuec.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 5838 date Tue, 08 Mar 2022 14:43:56 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 08 Mar 2022 16:43:56 GMT
GET H2	200	0.aeb004ca.chunk.js Show response application-demande.ceba-cuec.ca/static/js/	413 KB 414 KB	30ms 30ms	Script application/javascript	192.124.249.11 SUCURI-SEC
General Check archive.org Show headers Download Go to Full URL https://application-demande.ceba-cuec.ca/static/js/0.aeb004ca.chunk.js Requested by Host: application-demande.ceba-cuec.ca URL: https://application-demande.ceba-cuec.ca/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US), Reverse DNS cloudproxy10011.sucuri.net Software nginx / Resource Hash 6d2596c3614aa94cc57b66e213c56cf7f5cdd1bef3ff1f552f263f0b06204658 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, DENY X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://application-demande.ceba-cuec.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 16:21:14 GMT via 1.1 vegur x-content-type-options nosniff, nosniff x-sucuri-cache MISS content-length 423284 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Thu, 20 Jan 2022 13:51:09 GMT server nginx x-frame-options SAMEORIGIN, DENY etag W/"67574-17e77c160c8" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=UTF-8 cache-control max-age=315360000 x-sucuri-id 14011 content-security-policy upgrade-insecure-requests; accept-ranges bytes expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	ucare-widget-chunk.8547c6cf.chunk.js Show response application-demande.ceba-cuec.ca/static/js/	3 KB 4 KB	31ms 30ms	Script application/javascript	192.124.249.11 SUCURI-SEC
General Check archive.org Show headers Download Go to Full URL https://application-demande.ceba-cuec.ca/static/js/ucare-widget-chunk.8547c6cf.chunk.js Requested by Host: application-demande.ceba-cuec.ca URL: https://application-demande.ceba-cuec.ca/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US), Reverse DNS cloudproxy10011.sucuri.net Software nginx / Resource Hash 4acae27048df47ba68328eccdcc074b9be1b820ce818ee18c104e75538362166 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, DENY X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://application-demande.ceba-cuec.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 16:21:14 GMT via 1.1 vegur x-content-type-options nosniff, nosniff x-sucuri-cache MISS content-length 3440 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Thu, 20 Jan 2022 13:51:09 GMT server nginx x-frame-options SAMEORIGIN, DENY etag W/"d70-17e77c160c8" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=UTF-8 cache-control max-age=315360000 x-sucuri-id 14011 content-security-policy upgrade-insecure-requests; accept-ranges bytes expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	sig-blk-en.svg www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_32c/assets/	10 KB 3 KB	122ms 48ms	Image image/svg+xml	2600:1400:d:596::fe9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_32c/assets/sig-blk-en.svg Requested by Host: application-demande.ceba-cuec.ca URL: https://application-demande.ceba-cuec.ca/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:596::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash b2e36d892559ddef5691afa5bfba0996945fade837eb649bf6761f583ed95007 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://application-demande.ceba-cuec.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-dispatcher dispatcher2cacentral1 date Tue, 08 Mar 2022 16:21:14 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 30 Apr 2020 17:53:38 GMT server Apache etag "2749-5a485be8bec80-gzip" x-vhost publish vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * server-timing cdn-cache; desc=REVALIDATE, edge; dur=1, origin; dur=17 strict-transport-security max-age=31536000 accept-ranges bytes content-length 2847
GET H2	200	denied.svg application-demande.ceba-cuec.ca/images/	2 KB 3 KB	34ms 33ms	Image image/svg+xml	192.124.249.11 SUCURI-SEC
General Check archive.org Show headers Download Go to Show image Full URL https://application-demande.ceba-cuec.ca/images/denied.svg Requested by Host: application-demande.ceba-cuec.ca URL: https://application-demande.ceba-cuec.ca/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US), Reverse DNS cloudproxy10011.sucuri.net Software nginx / Resource Hash c3befc78b8abbb995641a828400926db890875b4a96fe96ce80c519d515cefc9 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, DENY X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://application-demande.ceba-cuec.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 16:21:14 GMT via 1.1 vegur x-content-type-options nosniff, nosniff x-sucuri-cache MISS content-length 2296 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Thu, 20 Jan 2022 13:50:17 GMT server nginx x-frame-options SAMEORIGIN, DENY etag W/"8f8-17e77c095a8" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/svg+xml cache-control max-age=315360000 x-sucuri-id 14011 content-security-policy upgrade-insecure-requests; accept-ranges bytes expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	wmms-blk.svg www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_32c/assets/	5 KB 2 KB	136ms 62ms	Image image/svg+xml	2600:1400:d:596::fe9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_32c/assets/wmms-blk.svg Requested by Host: application-demande.ceba-cuec.ca URL: https://application-demande.ceba-cuec.ca/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:596::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://application-demande.ceba-cuec.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-dispatcher dispatcher2cacentral1 date Tue, 08 Mar 2022 16:21:14 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 30 Apr 2020 17:53:38 GMT server Apache etag "129d-5a485be8bec80-gzip" x-vhost publish vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * server-timing cdn-cache; desc=REVALIDATE, edge; dur=1, origin; dur=46 strict-transport-security max-age=31536000 accept-ranges bytes content-length 1765
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 158 B	34ms 33ms	XHR text/plain	2607:f8b0:4006:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=43864723&t=pageview&_s=1&dl=https%3A%2F%2Fapplication-demande.ceba-cuec.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=CEBA%20Document%20Upload%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1710490228&gjid=1754749215&cid=347877793.1646756474&tid=UA-163305597-2&_gid=1603568341.1646756474&_r=1&_slc=1&z=816915324 Requested by Host: application-demande.ceba-cuec.ca URL: https://application-demande.ceba-cuec.ca/static/js/5.60c53a63.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://application-demande.ceba-cuec.ca/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 08 Mar 2022 16:21:14 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://application-demande.ceba-cuec.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	19ms 19ms	Image image/gif	2607:f8b0:4006:820::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=43864723&t=event&_s=2&dl=https%3A%2F%2Fapplication-demande.ceba-cuec.ca%2F&ul=en-us&de=UTF-8&dt=CEBA%20Document%20Upload%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Form&ea=User%20has%20loaded%20the%20application&el=Landing&ev=3920316466294643&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=347877793.1646756474&tid=UA-163305597-2&_gid=1603568341.1646756474&z=1997634731 Requested by Host: application-demande.ceba-cuec.ca URL: https://application-demande.ceba-cuec.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://application-demande.ceba-cuec.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 08 Mar 2022 02:25:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 50144 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 450 B	124ms 51ms	XHR text/plain	2607:f8b0:4023:1407::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-163305597-2&cid=347877793.1646756474&jid=1710490228&gjid=1754749215&_gid=1603568341.1646756474&_u=IEBAAEAAAAAAAC~&z=863457404 Requested by Host: application-demande.ceba-cuec.ca URL: https://application-demande.ceba-cuec.ca/static/js/5.60c53a63.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1407::9b Columbus, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://application-demande.ceba-cuec.ca/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 08 Mar 2022 16:21:14 GMT content-type text/plain access-control-allow-origin https://application-demande.ceba-cuec.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canadian Government (Government)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| webpackJsonpceba-form object| regeneratorRuntime object| __SENTRY__ string| GoogleAnalyticsObject function| ga string| UPLOADCARE_INTEGRATION boolean| UPLOADCARE_LIVE boolean| UPLOADCARE_MANUAL_START object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| UPLOADCARE_LOCALE object| UPLOADCARE_LOCALE_TRANSLATIONS

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			application-demande.ceba-cuec.ca/	1969-12-31 23:59:59	Name: _csrf Value: thXXlkNSInotZBBpAMA-3XBd
			application-demande.ceba-cuec.ca/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: BxbQ1ark-EqSXRgyo4O33fNi42KJygwtUPao
			.ceba-cuec.ca/	1970-01-20 18:57:08	Name: _ga Value: GA1.2.347877793.1646756474
			.ceba-cuec.ca/	1970-01-20 01:27:22	Name: _gid Value: GA1.2.1603568341.1646756474
			.ceba-cuec.ca/	1970-01-20 01:25:56	Name: _gat Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

application-demande.ceba-cuec.ca
maxcdn.bootstrapcdn.com
stats.g.doubleclick.net
www.canada.ca
www.google-analytics.com
192.124.249.11
2600:1400:d:596::fe9
2606:4700::6812:bcf
2607:f8b0:4006:820::200e
2607:f8b0:4023:1407::9b
10403d91be22d902a3fb8d66a463870f4c4e9b1bfd6e4c0a1e3c708643cad76d
46aecbfa7558964e764e64a3b0765f03aa45e9e1feeb97bdb80526eba3e47e22
4acae27048df47ba68328eccdcc074b9be1b820ce818ee18c104e75538362166
4f736aad88d1d1df8a7dfe9445bcce9b6e80d9414148b6eacdf0ee19d84d256b
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d2596c3614aa94cc57b66e213c56cf7f5cdd1bef3ff1f552f263f0b06204658
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a80c90917f685a6c1b2e658a8e9379ace1b52fa90910558c7632d48c291c0eac
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2e36d892559ddef5691afa5bfba0996945fade837eb649bf6761f583ed95007
c3befc78b8abbb995641a828400926db890875b4a96fe96ce80c519d515cefc9
dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487
f2c0ed8ab23dc322ccc22dc7152ae9dc87791d62357fc6d01eb1e7e960465519