URL: https://ca-authid.xyz/refund/select.html
Submission: On September 19 via manual from CA

Summary

This website contacted 14 IPs in 6 countries across 12 domains to perform 54 HTTP transactions. The main IP is 198.54.126.19, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is ca-authid.xyz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 18th 2020. Valid for: a year.
This is the only time ca-authid.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Interac (Banking) Tangerine Bank (Banking) Motusbank (Banking) Canadian Government (Government)

Domain & IP information

IP Address AS Autonomous System
31 198.54.126.19 22612 (NAMECHEAP...)
2 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
1 192.81.171.200 53479 (AS-UPTIME)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
1 2 151.101.194.159 54113 (FASTLY)
1 45.60.64.112 19551 (INCAPSULA)
3 52.49.59.93 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 15.236.9.100 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
54 14
Domain Requested by
31 ca-authid.xyz ca-authid.xyz
4 fonts.gstatic.com fonts.googleapis.com
3 dpm.demdex.net ca-authid.xyz
2 fonts.googleapis.com ca-authid.xyz
2 www.swirlingovercoffee.com 1 redirects ca-authid.xyz
2 www.canada.ca ca-authid.xyz
1 c.go-mpulse.net s.go-mpulse.net
1 canada.sc.omtrdc.net ca-authid.xyz
1 assets.adobedtm.com ca-authid.xyz
1 s.go-mpulse.net ca-authid.xyz
1 images.glaciermedia.ca ca-authid.xyz
1 upload.wikimedia.org ca-authid.xyz
1 smarter.loans ca-authid.xyz
54 13

This site contains no links.

Subject Issuer Validity Valid
ca-authid.xyz
Sectigo RSA Domain Validation Secure Server CA
2020-09-18 -
2021-09-18
a year crt.sh
*.canada.ca
GeoTrust RSA CA 2018
2020-03-30 -
2021-04-29
a year crt.sh
www.smarter.loans
RapidSSL RSA CA 2018
2019-09-24 -
2020-12-23
a year crt.sh
*.wikipedia.org
DigiCert SHA2 High Assurance Server CA
2019-11-12 -
2020-10-06
a year crt.sh
swirlingovercoffee.com
Let's Encrypt Authority X3
2020-08-31 -
2020-11-29
3 months crt.sh
incapsula.com
GlobalSign CloudSSL CA - SHA256 - G3
2020-08-18 -
2021-06-04
10 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
akstat.io
DigiCert Secure Site ECC CA-1
2020-05-06 -
2021-08-05
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA
2019-10-22 -
2021-10-01
2 years crt.sh

This page contains 2 frames:

Primary Page: https://ca-authid.xyz/refund/select.html
Frame ID: F3BB93F20E29EE6E92FE2F4C03A7224F
Requests: 48 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/KBFUZ-C9D7G-RB8SX-GRGEN-HGMC9
Frame ID: AE53C5D714728710518E633F37608AD6
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/etc\/designs\//i

Overall confidence: 100%
Detected patterns
  • script /\/etc\/designs\//i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /\/\/assets.adobedtm.com\//i

Overall confidence: 100%
Detected patterns
  • script /\/s[_-]code.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

54
Requests

93 %
HTTPS

54 %
IPv6

12
Domains

13
Subdomains

14
IPs

6
Countries

614 kB
Transfer

1640 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • http://www.swirlingovercoffee.com/wp-content/uploads/2015/09/Manulife-Logo-720x320.jpg HTTP 301
  • https://www.swirlingovercoffee.com/wp-content/uploads/2015/09/Manulife-Logo-720x320.jpg

54 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request select.html
ca-authid.xyz/refund/
22 KB
7 KB
Document
General
Full URL
https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
ccf8f8134ac047527c63f04e39ffd09c7ac2198e253fdb34b54f99fadb294a1e

Request headers

:method
GET
:authority
ca-authid.xyz
:scheme
https
:path
/refund/select.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 19 Sep 2020 20:37:49 GMT
server
Apache
last-modified
Mon, 14 Sep 2020 21:04:42 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-length
6744
content-type
text/html
satelliteLib-78cf42deb149c9766cbaaa6151e252b9b67c0200.js
ca-authid.xyz/refund/assets.adobedtm.com/caacec67651710193d2331efef325107c23a0145/
246 KB
66 KB
Script
General
Full URL
https://ca-authid.xyz/refund/assets.adobedtm.com/caacec67651710193d2331efef325107c23a0145/satelliteLib-78cf42deb149c9766cbaaa6151e252b9b67c0200.js
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
c7e1d3189ab428d09914c9ae17759ac971b304f351879cad75ad705c7c5ea63e

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:49 GMT
content-encoding
gzip
last-modified
Fri, 04 Sep 2020 16:22:30 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
wet-boew.min.css
ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/
256 B
361 B
Stylesheet
General
Full URL
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/wet-boew.min.css
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
799282e2a8a1f3eaf7c7544087cb784f3b191dc1c64d98268675badf68640c77

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:49 GMT
content-encoding
gzip
last-modified
Thu, 06 Aug 2020 16:40:20 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
205
theme.min.css
ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/
366 KB
76 KB
Stylesheet
General
Full URL
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/theme.min.css
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
23d06f54862b376a5d1a844d44961290c175ab2b71fb09e934b36aa82dbcbab7

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:49 GMT
content-encoding
gzip
last-modified
Thu, 06 Aug 2020 16:40:20 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
all.css
ca-authid.xyz/refund/use.fontawesome.com/releases/v5.8.1/css/
55 KB
12 KB
Stylesheet
General
Full URL
https://ca-authid.xyz/refund/use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
c936be6752cad802b900430f7645abfc674bdec4bbeb88c812f4c5578140afe5

Request headers

Origin
https://ca-authid.xyz
Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:49 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 21:31:34 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
12095
sig-blk-en.svg
www.canada.ca/etc/designs/canada/wet-boew/assets/
10 KB
3 KB
Image
General
Full URL
https://www.canada.ca/etc/designs/canada/wet-boew/assets/sig-blk-en.svg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:3aa::fe9 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.2.1 /
Resource Hash
b2e36d892559ddef5691afa5bfba0996945fade837eb649bf6761f583ed95007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 06 Aug 2020 16:40:20 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.2.1
status
200
etag
"2749-5ac3824df9bed-gzip"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
2847
retrieveLogo_012.svg
ca-authid.xyz/refund/logo/
5 KB
2 KB
Image
General
Full URL
https://ca-authid.xyz/refund/logo/retrieveLogo_012.svg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
db09fc1f3c7b0968d63c6a084b54917225fc17f172eee60a3086ce9ea51fa9b7

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 21:01:42 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
1621
retrieveLogo_003.svg
ca-authid.xyz/refund/logo/
3 KB
1 KB
Image
General
Full URL
https://ca-authid.xyz/refund/logo/retrieveLogo_003.svg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
37da78b49454e16bc1a3d1336b20439d8cf69efd1f0854b3f4a67e59921c9ed1

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 21:01:42 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
1185
retrieveLogo_007.svg
ca-authid.xyz/refund/logo/
6 KB
2 KB
Image
General
Full URL
https://ca-authid.xyz/refund/logo/retrieveLogo_007.svg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
6b7dae29116a35dd6eb4041f84d0d8acf634c6ad8e1e4ab8724f0ca678c8816e

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 21:01:42 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
2363
Simplii-Financial.jpg
ca-authid.xyz/refund/logo/
4 KB
4 KB
Image
General
Full URL
https://ca-authid.xyz/refund/logo/Simplii-Financial.jpg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
da5012a3612fbe031cdfbb7c445a2cae686822442c16e44eed1655f204ba7586

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 19 Sep 2020 20:37:50 GMT
last-modified
Sat, 26 Jan 2019 20:20:02 GMT
server
Apache
accept-ranges
bytes
content-length
4019
content-type
image/jpeg
retrieveLogo_005.svg
ca-authid.xyz/refund/logo/
5 KB
3 KB
Image
General
Full URL
https://ca-authid.xyz/refund/logo/retrieveLogo_005.svg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
9e787eb9727523cc7aa0efa3c0c3debdd36ed2e59503b9b59881d7e5e0b8fc7d

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 21:01:42 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
2509
retrieveLogo_004.svg
ca-authid.xyz/refund/logo/
5 KB
2 KB
Image
General
Full URL
https://ca-authid.xyz/refund/logo/retrieveLogo_004.svg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
0bd4b1d9e850b3ab2cae714fdb098f63a56bb1f55975351735caf04e4e2a2552

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 21:01:42 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
1787
retrieveLogo_008.svg
ca-authid.xyz/refund/logo/
7 KB
3 KB
Image
General
Full URL
https://ca-authid.xyz/refund/logo/retrieveLogo_008.svg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
da103dbb9c83919e677d0c4de46025b4c4153daadb6e27942a65d5723f3a338f

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 21:01:42 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
2458
bnc.png
ca-authid.xyz/refund/logo/
5 KB
5 KB
Image
General
Full URL
https://ca-authid.xyz/refund/logo/bnc.png
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
a8c6fd98b9331d4070dc0491d85eceac4466bc54c5bdfba8892d5d39a356b0a0

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 19 Sep 2020 20:37:50 GMT
last-modified
Fri, 19 Apr 2019 19:46:32 GMT
server
Apache
accept-ranges
bytes
content-length
4773
content-type
image/png
retrieveLogo_009.svg
ca-authid.xyz/refund/logo/
964 B
746 B
Image
General
Full URL
https://ca-authid.xyz/refund/logo/retrieveLogo_009.svg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
2d70de35d8125369775a01fb1f1e58ab5f937843dc024eaeb5c2ff42dd5b9ac3

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 21:01:42 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
585
retrieveLogo_002.svg
ca-authid.xyz/refund/logo/
3 KB
2 KB
Image
General
Full URL
https://ca-authid.xyz/refund/logo/retrieveLogo_002.svg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
f20957245ccf4ae9c38287fad8f482c27a44d0ea75033d9527c759956d3c824f

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 21:01:42 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
1436
MeridianLogo_New_CMYK.jpg
ca-authid.xyz/refund/logo/
60 KB
60 KB
Image
General
Full URL
https://ca-authid.xyz/refund/logo/MeridianLogo_New_CMYK.jpg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
03303f81b6568cbbd1e2ba36b4e2440a8e79334f0ff23885c03543cfff3d483c

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 19 Sep 2020 20:37:50 GMT
last-modified
Sun, 03 Jun 2018 15:32:48 GMT
server
Apache
accept-ranges
bytes
content-length
61222
content-type
image/jpeg
motusbank-1.png
smarter.loans/wp-content/uploads/
5 KB
6 KB
Image
General
Full URL
https://smarter.loans/wp-content/uploads/motusbank-1.png
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.81.171.200 , Canada, ASN53479 (AS-UPTIME, CA),
Reverse DNS
server.smarter.loans
Software
Apache /
Resource Hash
6972efb3853cc1b41d408c2a870ff510f7bdf16a68eec75f435cef1af0d8c311

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 19 Sep 2020 20:37:51 GMT
Last-Modified
Wed, 01 May 2019 11:36:25 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
image/png
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5416
Expires
Sun, 19 Sep 2021 20:37:51 GMT
retrieveLogo_013.svg
ca-authid.xyz/refund/logo/
4 KB
2 KB
Image
General
Full URL
https://ca-authid.xyz/refund/logo/retrieveLogo_013.svg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
8b8274fc17587fdf0bcd987f90058e19ad3904c397121683a509056b16ca856f

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 21:01:42 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
1522
1200px-Laurentian_Bank_of_Canada_logo.svg.png
upload.wikimedia.org/wikipedia/en/thumb/7/77/Laurentian_Bank_of_Canada_logo.svg/
24 KB
24 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/7/77/Laurentian_Bank_of_Canada_logo.svg/1200px-Laurentian_Bank_of_Canada_logo.svg.png
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
c85bd673696df783cd1cf6f65b78792ca322b4aa638dfb5529855fbb5830b4b1
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 11:49:14 GMT
age
31716
x-cache-status
hit-front
x-cache
cp3055 hit, cp3061 hit/1
status
200
server-timing
cache;desc="hit-front"
content-length
24368
x-client-ip
2a01:4f8:192:5414::2
last-modified
Thu, 15 Feb 2018 11:53:30 GMT
server
ATS/8.0.8
etag
b2ba0a626f3d1c3a79eacaa7857d489d
strict-transport-security
max-age=106384710; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-timestamp
1518695609.42050
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
Manulife-Logo-720x320.jpg
www.swirlingovercoffee.com/wp-content/uploads/2015/09/
Redirect Chain
  • http://www.swirlingovercoffee.com/wp-content/uploads/2015/09/Manulife-Logo-720x320.jpg
  • https://www.swirlingovercoffee.com/wp-content/uploads/2015/09/Manulife-Logo-720x320.jpg
22 KB
19 KB
Image
General
Full URL
https://www.swirlingovercoffee.com/wp-content/uploads/2015/09/Manulife-Logo-720x320.jpg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
b604113fed2958e3a7c1187c42f85ca28f3d3af8e696bc0fffc356995a960d2c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fw-static
YES
date
Sat, 19 Sep 2020 20:37:51 GMT
content-encoding
gzip
x-cacheable
YES
x-fw-server
Flywheel/5.0.0
x-cache
MISS, MISS
status
200
fastly-restarts
1
x-served-by
cache-ams21079-AMS
magicmarker
1
last-modified
Fri, 31 May 2019 11:29:26 GMT
server
Flywheel/5.1.0
x-timer
S1600547871.871065,VS0,VE287
etag
W/"5cf11016-57ea"
x-fw-hash
0ud1604yno
vary
Accept-Encoding
x-fw-version
5.0.0
content-type
image/jpeg
x-fw-serve
TRUE
x-fw-type
VISIT
cache-control
max-age=604800
accept-ranges
bytes, bytes
x-cache-hits
0

Redirect headers

X-FW-Static
NO
Date
Sat, 19 Sep 2020 20:37:50 GMT
magicmarker
1
X-FW-Server
Flywheel/5.0.0
X-Cache
MISS, MISS
Connection
keep-alive
Content-Length
162
X-Served-By
cache-ams21073-AMS
X-FW-Type
VISIT
Server
Flywheel/5.1.0
X-Timer
S1600547871.526263,VS0,VE283
X-FW-Hash
0ud1604yno
X-FW-Version
5.0.0
Content-Type
text/html
Location
https://www.swirlingovercoffee.com/wp-content/uploads/2015/09/Manulife-Logo-720x320.jpg
X-FW-Serve
TRUE
Cache-Control
max-age=604800
Accept-Ranges
bytes
X-Cache-Hits
0
vancity-logo.jpg
images.glaciermedia.ca/polopoly_fs/1.698667.1384561949!/fileImage/httpImage/image.jpg_gen/derivatives/landscape_804/
40 KB
38 KB
Image
General
Full URL
https://images.glaciermedia.ca/polopoly_fs/1.698667.1384561949!/fileImage/httpImage/image.jpg_gen/derivatives/landscape_804/vancity-logo.jpg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.64.112 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9477885bc2e88d0ced26b0f6568847128315bb874e4a5d492af996a3df8444c0

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Sat, 16 Nov 2013 00:34:55 GMT
x-cdn
Incapsula
etag
"97a5f84a"
content-type
image/jpeg
status
200
x-iinfo
8-41105201-41103324 2VNN RT(1600547870076 0) q(0 0 0 0) r(4 4) U18
cache-control
max-age=900, public
content-length
38353
expires
Sat, 19 Sep 2020 20:52:50 GMT
wmms-blk.svg
www.canada.ca/etc/designs/canada/wet-boew/assets/
5 KB
2 KB
Image
General
Full URL
https://www.canada.ca/etc/designs/canada/wet-boew/assets/wmms-blk.svg
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:3aa::fe9 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.2.1 /
Resource Hash
dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 06 Aug 2020 16:40:21 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) Communique/4.2.1
status
200
etag
"129d-5ac3824f31ff9-gzip"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-cache
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1765
jquery.min.js
ca-authid.xyz/refund/etc/clientlibs/granite/
111 KB
38 KB
Script
General
Full URL
https://ca-authid.xyz/refund/etc/clientlibs/granite/jquery.min.js
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
9f0173ed05fe8618c76272aaae6711ae0fa7ece07de8522cb6b0159d22b691f5

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Thu, 06 Aug 2020 16:40:24 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
38289
utils.min.js
ca-authid.xyz/refund/etc/clientlibs/granite/
9 KB
4 KB
Script
General
Full URL
https://ca-authid.xyz/refund/etc/clientlibs/granite/utils.min.js
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
fcea66becd77485eb760a9a65e38d47319f69b724ae046f9b246842a1daa6c18

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Thu, 06 Aug 2020 16:40:20 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
3644
clientlib-publish.min.js
ca-authid.xyz/refund/etc/designs/canada/
5 KB
2 KB
Script
General
Full URL
https://ca-authid.xyz/refund/etc/designs/canada/clientlib-publish.min.js
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
75ab62a6a9ecd6f00508431a1139ec4289c4206b769882272cfacd126f1b762f

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Thu, 06 Aug 2020 16:40:22 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
2226
jquery.min.js
ca-authid.xyz/refund/ajax.googleapis.com/ajax/libs/jquery/2.1.1/
82 KB
29 KB
Script
General
Full URL
https://ca-authid.xyz/refund/ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Tue, 03 Mar 2020 18:15:00 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
29497
wet-boew.min.js
ca-authid.xyz/refund/etc/designs/canada/wet-boew/js/
144 KB
51 KB
Script
General
Full URL
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/js/wet-boew.min.js
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
fd2275309dcb2d2b4dc22f8e5b93639684fdc10b065829ec890a3ef3ed137505

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Thu, 06 Aug 2020 16:40:22 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
51583
theme.min.js
ca-authid.xyz/refund/etc/designs/canada/wet-boew/js/
80 KB
27 KB
Script
General
Full URL
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/js/theme.min.js
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
df61a6200b795fc1c1a5e87d4f0277b662cd143e4261b2778ac282f3ab289821

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Thu, 06 Aug 2020 16:35:54 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
27634
id
dpm.demdex.net/ Frame
0
0
Other
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A90F2A0D55423F537F000101%40AdobeOrg&d_nsid=0&ts=1600547870430
Protocol
HTTP/1.1
Server
52.49.59.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-59-93.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
get.html
Origin
https://ca-authid.xyz
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
https://ca-authid.xyz
Access-Control-Max-Age
7200
DCS
dcs-prod-irl1-v081-01fbe066d.edge-irl1.demdex.com 5.78.0.20200908113611 0ms (+0ms)
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin
X-TID
K3MH5vdvQgw=
Content-Length
0
Connection
keep-alive
id
dpm.demdex.net/
0
0

css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,latin-ext
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf3255a503eb01fbe2c3dc444babf02b46f7b77468ba9c6e524180fffa41c1ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/theme.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Sep 2020 20:12:32 GMT
server
ESF
date
Sat, 19 Sep 2020 20:37:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Sep 2020 20:37:50 GMT
css
fonts.googleapis.com/
3 KB
604 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin,latin-ext
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c14a94a28817f61a07c64ad2431d29662763ae0237fb0317d4aeede78e5d24b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/theme.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Sep 2020 20:37:50 GMT
server
ESF
date
Sat, 19 Sep 2020 20:37:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Sep 2020 20:37:50 GMT
KBFUZ-C9D7G-RB8SX-GRGEN-HGMC9
s.go-mpulse.net/boomerang/ Frame AE53
202 KB
51 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/KBFUZ-C9D7G-RB8SX-GRGEN-HGMC9
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2a3::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
br
last-modified
Tue, 11 Aug 2020 13:58:27 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
landscape.png
ca-authid.xyz/refund/etc/designs/canada/wet-boew/assets/
3 KB
3 KB
Image
General
Full URL
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/assets/landscape.png
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
fc5cb3feca4965947c4fffb255dfefe9e04048a9682bec28d1f181642e108b89

Request headers

Referer
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/theme.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Sat, 19 Sep 2020 20:37:50 GMT
server
Apache
content-type
text/html; charset=UTF-8
o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v10/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosans/v10/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&amp;subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ca-authid.xyz
Referer
https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&amp;subset=latin,latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 18:25:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:03 GMT
server
sffe
age
353570
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10116
x-xss-protection
0
expires
Wed, 15 Sep 2021 18:25:00 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ca-authid.xyz
Referer
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin,latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 18:22:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:25 GMT
server
sffe
age
353723
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14176
x-xss-protection
0
expires
Wed, 15 Sep 2021 18:22:27 GMT
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v10/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosans/v10/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&amp;subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ca-authid.xyz
Referer
https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&amp;subset=latin,latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 18:28:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:56 GMT
server
sffe
age
353378
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10292
x-xss-protection
0
expires
Wed, 15 Sep 2021 18:28:12 GMT
glyphicons-halflings-regular.woff2
ca-authid.xyz/refund/etc/designs/canada/wet-boew/fonts/
0
0
Font
General
Full URL
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash

Request headers

Origin
https://ca-authid.xyz
Referer
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/theme.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Sat, 19 Sep 2020 20:37:50 GMT
server
Apache
content-type
text/html; charset=UTF-8
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ca-authid.xyz
Referer
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin,latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 18:22:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:59 GMT
server
sffe
age
353724
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Wed, 15 Sep 2021 18:22:26 GMT
s-code-contents-69cce4f42ae039e7c3974e2fa4292c5e7ad592ab.js
assets.adobedtm.com/caacec67651710193d2331efef325107c23a0145/
36 KB
14 KB
Script
General
Full URL
https://assets.adobedtm.com/caacec67651710193d2331efef325107c23a0145/s-code-contents-69cce4f42ae039e7c3974e2fa4292c5e7ad592ab.js
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/assets.adobedtm.com/caacec67651710193d2331efef325107c23a0145/satelliteLib-78cf42deb149c9766cbaaa6151e252b9b67c0200.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5b08c060c413f5219c516439c29612b1d1ad6578876f39b5a5ee7bdfdfe870a9

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 20:37:50 GMT
content-encoding
gzip
last-modified
Fri, 04 Sep 2020 16:22:30 GMT
server
AkamaiNetStorage
status
200
etag
"46c0d6af72cda7f44ed128d55abfcb0d:1599236550.819184"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://ca-authid.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
13957
expires
Sat, 19 Sep 2020 21:37:50 GMT
id
canada.sc.omtrdc.net/ Frame
0
0
Other
General
Full URL
https://canada.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=A90F2A0D55423F537F000101%40AdobeOrg&mid=91436408592934905308970239971135786349&ts=1600547870580
Protocol
H2
Server
15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-9-100.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
get.html
Origin
https://ca-authid.xyz
Sec-Fetch-Mode
cors

Response headers

status
204
xserver
anedge-6485bbc5d6-7pls6
access-control-allow-origin
https://ca-authid.xyz
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
GET, POST, HEAD, OPTIONS
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-xss-protection
1; mode=block
x-content-type-options
nosniff
date
Sat, 19 Sep 2020 20:37:50 GMT
server
jag
id
canada.sc.omtrdc.net/
0
0

config.json
c.go-mpulse.net/api/ Frame AE53
51 B
323 B
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=KBFUZ-C9D7G-RB8SX-GRGEN-HGMC9&d=ca-authid.xyz&t=5335160&v=1.632.0&if=&sl=0&si=3hck6evmlpn-qgxan2&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=231651
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/KBFUZ-C9D7G-RB8SX-GRGEN-HGMC9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
9119f3c0c68a2a7c317b50eea56140902303c5a834696524856c45de7daf0cbd

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 19 Sep 2020 20:37:59 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
id
dpm.demdex.net/ Frame
0
0
Other
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A90F2A0D55423F537F000101%40AdobeOrg&d_nsid=0&d_mid=91436408592934905308970239971135786349&ts=1600547870621
Protocol
HTTP/1.1
Server
52.49.59.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-59-93.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
get.html
Origin
https://ca-authid.xyz
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
https://ca-authid.xyz
Access-Control-Max-Age
7200
DCS
dcs-prod-irl1-v081-05ae8eb25.edge-irl1.demdex.com 5.78.0.20200908113611 0ms (+0ms)
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin
X-TID
ERtcwn5sQPQ=
Content-Length
0
Connection
keep-alive
id
dpm.demdex.net/
0
0

token.json
ca-authid.xyz/refund/libs/granite/csrf/
3 KB
3 KB
XHR
General
Full URL
https://ca-authid.xyz/refund/libs/granite/csrf/token.json
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/etc/designs/canada/clientlib-publish.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
fc5cb3feca4965947c4fffb255dfefe9e04048a9682bec28d1f181642e108b89

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Sat, 19 Sep 2020 20:37:50 GMT
server
Apache
content-type
text/html; charset=UTF-8
id
dpm.demdex.net/ Frame
0
0
Other
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=A90F2A0D55423F537F000101%40AdobeOrg&d_nsid=0&d_mid=91436408592934905308970239971135786349&ts=1600547870689
Protocol
HTTP/1.1
Server
52.49.59.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-59-93.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
get.html
Origin
https://ca-authid.xyz
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
https://ca-authid.xyz
Access-Control-Max-Age
7200
DCS
dcs-prod-irl1-v081-0c450857a.edge-irl1.demdex.com 5.78.0.20200908113611 0ms (+1ms)
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin
X-TID
rs8YuETVQUs=
Content-Length
0
Connection
keep-alive
id
dpm.demdex.net/
0
0

glyphicons-halflings-regular.woff
ca-authid.xyz/refund/etc/designs/canada/wet-boew/fonts/
0
0
Font
General
Full URL
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/fonts/glyphicons-halflings-regular.woff
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash

Request headers

Origin
https://ca-authid.xyz
Referer
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/theme.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Sat, 19 Sep 2020 20:37:51 GMT
server
Apache
content-type
text/html; charset=UTF-8
en.min.js
ca-authid.xyz/refund/etc/designs/canada/wet-boew/js/i18n/
3 KB
3 KB
Image
General
Full URL
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/js/i18n/en.min.js
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/select.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
fc5cb3feca4965947c4fffb255dfefe9e04048a9682bec28d1f181642e108b89

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Sat, 19 Sep 2020 20:37:51 GMT
server
Apache
content-type
text/html; charset=UTF-8
glyphicons-halflings-regular.ttf
ca-authid.xyz/refund/etc/designs/canada/wet-boew/fonts/
0
0
Font
General
Full URL
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/fonts/glyphicons-halflings-regular.ttf
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash

Request headers

Origin
https://ca-authid.xyz
Referer
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/css/theme.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Sat, 19 Sep 2020 20:37:51 GMT
server
Apache
content-type
text/html; charset=UTF-8
en.min.js
ca-authid.xyz/refund/etc/designs/canada/wet-boew/js/i18n/
0
0
Script
General
Full URL
https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/js/i18n/en.min.js
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/etc/designs/canada/wet-boew/js/wet-boew.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Sat, 19 Sep 2020 20:37:51 GMT
server
Apache
content-type
text/html; charset=UTF-8
im.xml
ca-authid.xyz/content/dam/canada/json/
328 B
455 B
XHR
General
Full URL
https://ca-authid.xyz/content/dam/canada/json/im.xml
Requested by
Host: ca-authid.xyz
URL: https://ca-authid.xyz/refund/etc/designs/canada/clientlib-publish.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.19 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server260-5.web-hosting.com
Software
Apache /
Resource Hash
0b4486dc52fe3f0bec551384233321427eab792146ce73d9c075db6464b0d583

Request headers

Referer
https://ca-authid.xyz/refund/select.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
501
date
Sat, 19 Sep 2020 20:37:51 GMT
server
Apache
content-length
328
allow
POST,OPTIONS,HEAD,GET
content-type
text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dpm.demdex.net
URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A90F2A0D55423F537F000101%40AdobeOrg&d_nsid=0&ts=1600547870430
Domain
canada.sc.omtrdc.net
URL
https://canada.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=A90F2A0D55423F537F000101%40AdobeOrg&mid=91436408592934905308970239971135786349&ts=1600547870580
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A90F2A0D55423F537F000101%40AdobeOrg&d_nsid=0&d_mid=91436408592934905308970239971135786349&ts=1600547870621
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=A90F2A0D55423F537F000101%40AdobeOrg&d_nsid=0&d_mid=91436408592934905308970239971135786349&ts=1600547870689

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Interac (Banking) Tangerine Bank (Banking) Motusbank (Banking) Canadian Government (Government)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| e object| adobe function| Visitor object| _satellite object| s_c_il number| s_c_in object| dataLayer object| dataLayer1 string| BOOMR_API_key object| BOOMR number| BOOMR_lstart number| days object| BOOMR_mq function| $ function| jQuery object| matched object| browser object| Granite function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| _g object| excl object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt object| Modernizr function| yepnope object| wb function| onYouTubeIframeAPIReady object| youTube object| wb-data-ajax number| BOOMR_onload number| BOOMR_configt

10 Cookies

Domain/Path Name / Value
.ca-authid.xyz/ Name: dtm_gpv_pqs
Value: blank%20query%20string
.ca-authid.xyz/ Name: dtm_gpv_pu
Value: ca-authid.xyz%2Frefund%2Fselect.html
.ca-authid.xyz/ Name: dtm_gpv_pc
Value: Canada%20Revenue%20Agency
.ca-authid.xyz/ Name: dtm_gpv_pthl
Value: blank%20theme
.ca-authid.xyz/ Name: AMCVS_A90F2A0D55423F537F000101%40AdobeOrg
Value: 1
.ca-authid.xyz/ Name: s_ppv
Value: Tax%2520refunds%253A%2520Check%2520the%2520status%2520of%2520your%2520refund%2C76%2C76%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.ca-authid.xyz/ Name: dtm_gpv_pt
Value: Tax%20refunds%3A%20Check%20the%20status%20of%20your%20refund
.ca-authid.xyz/ Name: AMCV_A90F2A0D55423F537F000101%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C18525%7CMCMID%7C91436408592934905308970239971135786349%7CMCAID%7CNONE%7CMCOPTOUT-1600555070s%7CNONE%7CvVersion%7C4.4.0
.ca-authid.xyz/ Name: s_ppvl
Value: Tax%2520refunds%253A%2520Check%2520the%2520status%2520of%2520your%2520refund%2C76%2C76%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.ca-authid.xyz/ Name: RT
Value: "z=1&dm=ca-authid.xyz&si=3hck6evmlpn&ss=kfa4vkt1&sl=0&tt=0"

1 Console Messages

Source Level URL
Text
console-api warning URL: https://ca-authid.xyz/refund/etc/designs/canada/clientlib-publish.min.js(Line 42)
Message:
CSRF data not available;The data may be unavailable by design, such as during non-authenticated requests: SyntaxError: Unexpected token < in JSON at position 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
c.go-mpulse.net
ca-authid.xyz
canada.sc.omtrdc.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
images.glaciermedia.ca
s.go-mpulse.net
smarter.loans
upload.wikimedia.org
www.canada.ca
www.swirlingovercoffee.com
canada.sc.omtrdc.net
dpm.demdex.net
15.236.9.100
151.101.194.159
192.81.171.200
198.54.126.19
2620:0:862:ed1a::2:b
2a00:1450:4001:800::2003
2a00:1450:4001:802::200a
2a02:26f0:10c:59b::1e80
2a02:26f0:6c00:19a::11a6
2a02:26f0:6c00:2a3::11a6
2a02:26f0:eb:3aa::fe9
45.60.64.112
52.49.59.93
03303f81b6568cbbd1e2ba36b4e2440a8e79334f0ff23885c03543cfff3d483c
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0b4486dc52fe3f0bec551384233321427eab792146ce73d9c075db6464b0d583
0bd4b1d9e850b3ab2cae714fdb098f63a56bb1f55975351735caf04e4e2a2552
23d06f54862b376a5d1a844d44961290c175ab2b71fb09e934b36aa82dbcbab7
2d70de35d8125369775a01fb1f1e58ab5f937843dc024eaeb5c2ff42dd5b9ac3
37da78b49454e16bc1a3d1336b20439d8cf69efd1f0854b3f4a67e59921c9ed1
5b08c060c413f5219c516439c29612b1d1ad6578876f39b5a5ee7bdfdfe870a9
5c14a94a28817f61a07c64ad2431d29662763ae0237fb0317d4aeede78e5d24b
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
6972efb3853cc1b41d408c2a870ff510f7bdf16a68eec75f435cef1af0d8c311
6b7dae29116a35dd6eb4041f84d0d8acf634c6ad8e1e4ab8724f0ca678c8816e
75ab62a6a9ecd6f00508431a1139ec4289c4206b769882272cfacd126f1b762f
799282e2a8a1f3eaf7c7544087cb784f3b191dc1c64d98268675badf68640c77
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8b8274fc17587fdf0bcd987f90058e19ad3904c397121683a509056b16ca856f
9119f3c0c68a2a7c317b50eea56140902303c5a834696524856c45de7daf0cbd
9477885bc2e88d0ced26b0f6568847128315bb874e4a5d492af996a3df8444c0
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9e787eb9727523cc7aa0efa3c0c3debdd36ed2e59503b9b59881d7e5e0b8fc7d
9f0173ed05fe8618c76272aaae6711ae0fa7ece07de8522cb6b0159d22b691f5
a8c6fd98b9331d4070dc0491d85eceac4466bc54c5bdfba8892d5d39a356b0a0
b2e36d892559ddef5691afa5bfba0996945fade837eb649bf6761f583ed95007
b604113fed2958e3a7c1187c42f85ca28f3d3af8e696bc0fffc356995a960d2c
c7e1d3189ab428d09914c9ae17759ac971b304f351879cad75ad705c7c5ea63e
c85bd673696df783cd1cf6f65b78792ca322b4aa638dfb5529855fbb5830b4b1
c936be6752cad802b900430f7645abfc674bdec4bbeb88c812f4c5578140afe5
ccf8f8134ac047527c63f04e39ffd09c7ac2198e253fdb34b54f99fadb294a1e
cf3255a503eb01fbe2c3dc444babf02b46f7b77468ba9c6e524180fffa41c1ec
da103dbb9c83919e677d0c4de46025b4c4153daadb6e27942a65d5723f3a338f
da5012a3612fbe031cdfbb7c445a2cae686822442c16e44eed1655f204ba7586
db09fc1f3c7b0968d63c6a084b54917225fc17f172eee60a3086ce9ea51fa9b7
dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487
df61a6200b795fc1c1a5e87d4f0277b662cd143e4261b2778ac282f3ab289821
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
f20957245ccf4ae9c38287fad8f482c27a44d0ea75033d9527c759956d3c824f
fc5cb3feca4965947c4fffb255dfefe9e04048a9682bec28d1f181642e108b89
fcea66becd77485eb760a9a65e38d47319f69b724ae046f9b246842a1daa6c18
fd2275309dcb2d2b4dc22f8e5b93639684fdc10b065829ec890a3ef3ed137505