benefit.cerbssl.com Open in urlscan Pro
173.254.204.121  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set apply-38CAesC Show response benefit.cerbssl.com/	9 KB 4 KB	1434ms 828ms	Document text/html	173.254.204.121 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://benefit.cerbssl.com/apply-38CAesC Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.254.204.121 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS owcc.net Software nginx/1.14.2 / Resource Hash e6666006da568927a46cdf91cfde685c0280e259f5d36cc2d02949097564ed01 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Host benefit.cerbssl.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx/1.14.2 Date Sun, 26 Apr 2020 04:23:41 GMT Content-Type text/html; charset=UTF-8 Content-Length 3480 Connection keep-alive Set-Cookie PHPSESSID=v08k6pd0otasrhh76ohkkltvc6; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Vary Accept-Encoding Content-Encoding gzip Strict-Transport-Security max-age=63072000; includeSubdomains X-Frame-Options DENY X-Content-Type-Options nosniff
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/	156 KB 23 KB	352ms 238ms	Stylesheet text/css	2001:4de0:ac19::1:b:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer Origin https://benefit.cerbssl.com Response headers date Sun, 26 Apr 2020 04:23:41 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 28 Nov 2019 17:52:46 GMT status 200 etag "1574963566" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 23681
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 7 KB	97ms 74ms	Stylesheet text/css	2606:4700::6810:84e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 26 Apr 2020 04:23:41 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 6814632 status 200 alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 cf-request-id 0256531aa500001f1551ac4200000001 served-in-seconds 0.001 timing-allow-origin * last-modified Thu, 17 May 2018 09:19:12 GMT server cloudflare etag W/"5afd4910-7918" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains content-type text/css access-control-allow-origin * cache-control public, max-age=30672000 cf-ray 589d87a43ce41f15-FRA expires Fri, 16 Apr 2021 04:23:41 GMT
GET H2	200	css fonts.googleapis.com/	11 KB 1001 B	44ms 22ms	Stylesheet text/css	2a00:1450:4001:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,latin-ext Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b33cca0a69bdecdff3d5edc4373913f795b2ca88909e646507f22f6f8a32e2de Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 26 Apr 2020 04:23:41 GMT server ESF date Sun, 26 Apr 2020 04:23:41 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 26 Apr 2020 04:23:41 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 642 B	36ms 13ms	Stylesheet text/css	2a00:1450:4001:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin,latin-ext Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 26 Apr 2020 04:23:41 GMT server ESF date Sun, 26 Apr 2020 04:23:41 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 26 Apr 2020 04:23:41 GMT
GET H2	200	wmms-blk.svg www.canada.ca/etc/designs/canada/wet-boew/assets/	5 KB 2 KB	108ms 0ms	Image image/svg+xml	2a02:26f0:6c00:189::fe9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.canada.ca/etc/designs/canada/wet-boew/assets/wmms-blk.svg Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:189::fe9 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.2.1 / Resource Hash dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 26 Apr 2020 04:23:41 GMT content-encoding gzip last-modified Wed, 22 Apr 2020 16:28:35 GMT server Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.2.1 status 200 etag "129d-5a3e39fb004c2-gzip" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * strict-transport-security max-age=15768000 accept-ranges bytes content-length 1765
GET H/1.1	200 OK	atb.svg benefit.cerbssl.com/img/	3 KB 4 KB	500ms 482ms	Image image/svg+xml	173.254.204.121 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://benefit.cerbssl.com/img/atb.svg Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.254.204.121 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS owcc.net Software nginx/1.14.2 / Resource Hash f20957245ccf4ae9c38287fad8f482c27a44d0ea75033d9527c759956d3c824f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 26 Apr 2020 04:23:41 GMT X-Content-Type-Options nosniff Last-Modified Fri, 27 Mar 2020 16:17:24 GMT Server nginx/1.14.2 ETag "cd9-5a1d86fc8ed00" X-Frame-Options DENY Content-Type image/svg+xml Connection keep-alive Strict-Transport-Security max-age=63072000; includeSubdomains Accept-Ranges bytes Content-Length 3289
GET H/1.1	200 OK	bmo.svg benefit.cerbssl.com/img/	5 KB 5 KB	834ms 470ms	Image image/svg+xml	173.254.204.121 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://benefit.cerbssl.com/img/bmo.svg Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.254.204.121 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS owcc.net Software nginx/1.14.2 / Resource Hash db09fc1f3c7b0968d63c6a084b54917225fc17f172eee60a3086ce9ea51fa9b7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 26 Apr 2020 04:23:42 GMT X-Content-Type-Options nosniff Last-Modified Fri, 27 Mar 2020 16:17:28 GMT Server nginx/1.14.2 ETag "143a-5a1d87005f600" X-Frame-Options DENY Content-Type image/svg+xml Connection keep-alive Strict-Transport-Security max-age=63072000; includeSubdomains Accept-Ranges bytes Content-Length 5178
GET H/1.1	200 OK	cibc.svg benefit.cerbssl.com/img/	3 KB 3 KB	817ms 454ms	Image image/svg+xml	173.254.204.121 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://benefit.cerbssl.com/img/cibc.svg Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.254.204.121 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS owcc.net Software nginx/1.14.2 / Resource Hash 37da78b49454e16bc1a3d1336b20439d8cf69efd1f0854b3f4a67e59921c9ed1 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 26 Apr 2020 04:23:42 GMT X-Content-Type-Options nosniff Last-Modified Fri, 27 Mar 2020 16:17:32 GMT Server nginx/1.14.2 ETag "ab2-5a1d87042ff00" X-Frame-Options DENY Content-Type image/svg+xml Connection keep-alive Strict-Transport-Security max-age=63072000; includeSubdomains Accept-Ranges bytes Content-Length 2738
GET H/1.1	200 OK	rbc.svg benefit.cerbssl.com/img/	5 KB 6 KB	813ms 450ms	Image image/svg+xml	173.254.204.121 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://benefit.cerbssl.com/img/rbc.svg Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.254.204.121 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS owcc.net Software nginx/1.14.2 / Resource Hash 9e787eb9727523cc7aa0efa3c0c3debdd36ed2e59503b9b59881d7e5e0b8fc7d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 26 Apr 2020 04:23:42 GMT X-Content-Type-Options nosniff Last-Modified Fri, 27 Mar 2020 16:18:32 GMT Server nginx/1.14.2 ETag "14fa-5a1d873d68600" X-Frame-Options DENY Content-Type image/svg+xml Connection keep-alive Strict-Transport-Security max-age=63072000; includeSubdomains Accept-Ranges bytes Content-Length 5370
GET H/1.1	200 OK	scotia.svg benefit.cerbssl.com/img/	3 KB 4 KB	815ms 452ms	Image image/svg+xml	173.254.204.121 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://benefit.cerbssl.com/img/scotia.svg Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.254.204.121 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS owcc.net Software nginx/1.14.2 / Resource Hash 9f0271897619cb3f7bbc75c82395d89b38d51ea880da075f14d21a58bc20b6cc Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 26 Apr 2020 04:23:42 GMT X-Content-Type-Options nosniff Last-Modified Fri, 27 Mar 2020 16:18:36 GMT Server nginx/1.14.2 ETag "db2-5a1d874138f00" X-Frame-Options DENY Content-Type image/svg+xml Connection keep-alive Strict-Transport-Security max-age=63072000; includeSubdomains Accept-Ranges bytes Content-Length 3506
GET H/1.1	200 OK	td.svg benefit.cerbssl.com/img/	964 B 1 KB	899ms 452ms	Image image/svg+xml	173.254.204.121 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://benefit.cerbssl.com/img/td.svg Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.254.204.121 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS owcc.net Software nginx/1.14.2 / Resource Hash 2d70de35d8125369775a01fb1f1e58ab5f937843dc024eaeb5c2ff42dd5b9ac3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 26 Apr 2020 04:23:42 GMT X-Content-Type-Options nosniff Last-Modified Fri, 27 Mar 2020 16:18:54 GMT Server nginx/1.14.2 ETag "3c4-5a1d875263780" X-Frame-Options DENY Content-Type image/svg+xml Connection keep-alive Strict-Transport-Security max-age=63072000; includeSubdomains Accept-Ranges bytes Content-Length 964
GET H/1.1	200 OK	jquery-3.4.1.slim.min.js Show response code.jquery.com/	69 KB 24 KB	107ms 9ms	Script application/javascript	2001:4de0:ac19::1:b:2b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.slim.min.js Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer Origin https://benefit.cerbssl.com Response headers Date Sun, 26 Apr 2020 04:23:41 GMT Content-Encoding gzip Last-Modified Wed, 01 May 2019 21:14:27 GMT Server nginx ETag W/"5cca0c33-1157d" Vary Accept-Encoding X-HW 1587875021.dop150.fr8.shc,1587875021.dop150.fr8.t,1587875021.cds121.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 24328
GET H2	200	popper.min.js Show response cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/	21 KB 8 KB	115ms 3ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer Origin https://benefit.cerbssl.com Response headers date Sun, 26 Apr 2020 04:23:41 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 15002825 x-cache HIT, HIT status 200 strict-transport-security max-age=31536000; includeSubDomains; preload cf-request-id 0256531afc0000d6d582afd200000001 x-served-by cache-ams21026-AMS, cache-hhn4073-HHN timing-allow-origin * server cloudflare etag W/"5309-YvI45zNIx3656GVCan0bfeI8uy0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 589d87a4c8e4d6d5-FRA
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/	59 KB 16 KB	466ms 356ms	Script text/javascript	2001:4de0:ac19::1:b:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer Origin https://benefit.cerbssl.com Response headers date Sun, 26 Apr 2020 04:23:41 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 28 Nov 2019 17:52:52 GMT status 200 etag "1574963572" vary Accept-Encoding x-cache HIT content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 15919
GET H2	200	loadingoverlay.min.js Show response cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.6/dist/	12 KB 4 KB	30ms 11ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.6/dist/loadingoverlay.min.js Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6c098f1491055376679ccfc0d46cd0a512e1beec85f7e00038404885ba742f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 26 Apr 2020 04:23:41 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 173671 x-cache HIT status 200 strict-transport-security max-age=31536000; includeSubDomains; preload cf-request-id 0256531aac000005c4268c1200000001 x-served-by cache-fra19154-FRA timing-allow-origin * server cloudflare etag W/"2f0c-8/i2QXIbsblKaxOikwT5PT+ipvw" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 589d87a44e3a05c4-FRA
GET H2	200	fontawesome-webfont.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/	75 KB 76 KB	38ms 24ms	Font application/octet-stream	2606:4700::6810:84e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: benefit.cerbssl.com URL: https://benefit.cerbssl.com/apply-38CAesC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Origin https://benefit.cerbssl.com Response headers date Sun, 26 Apr 2020 04:23:42 GMT vary Accept-Encoding cf-cache-status HIT age 7537197 status 200 alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 content-length 77160 cf-request-id 0256531cc900009aaab40df200000001 served-in-seconds 0.001 timing-allow-origin * last-modified Thu, 17 May 2018 09:19:53 GMT server cloudflare etag "5afd4939-12d68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains content-type application/octet-stream access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 589d87a7ac8e9aaa-FRA expires Fri, 16 Apr 2021 04:23:42 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canadian Government (Government) Interac (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| Popper object| bootstrap function| selectBank

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			benefit.cerbssl.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: v08k6pd0otasrhh76ohkkltvc6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

benefit.cerbssl.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
stackpath.bootstrapcdn.com
www.canada.ca
173.254.204.121
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:2b
2606:4700::6810:5714
2606:4700::6810:5914
2606:4700::6810:84e5
2a00:1450:4001:824::200a
2a02:26f0:6c00:189::fe9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d70de35d8125369775a01fb1f1e58ab5f937843dc024eaeb5c2ff42dd5b9ac3
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
37da78b49454e16bc1a3d1336b20439d8cf69efd1f0854b3f4a67e59921c9ed1
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f
9e787eb9727523cc7aa0efa3c0c3debdd36ed2e59503b9b59881d7e5e0b8fc7d
9f0271897619cb3f7bbc75c82395d89b38d51ea880da075f14d21a58bc20b6cc
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
b33cca0a69bdecdff3d5edc4373913f795b2ca88909e646507f22f6f8a32e2de
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
db09fc1f3c7b0968d63c6a084b54917225fc17f172eee60a3086ce9ea51fa9b7
dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487
e6666006da568927a46cdf91cfde685c0280e259f5d36cc2d02949097564ed01
e6c098f1491055376679ccfc0d46cd0a512e1beec85f7e00038404885ba742f9
f20957245ccf4ae9c38287fad8f482c27a44d0ea75033d9527c759956d3c824f