accounts-sandbox.centristst.ca Open in urlscan Pro
40.70.147.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://accounts-sandbox.centristst.ca/
Effective URL:
https://accounts-sandbox.centristst.ca/account/login
Submission: On October 28 via automatic, source certstream-suspicious (October 28th 2021, 12:49:17 pm UTC) — Scanned from DE

Summary HTTP 11 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 40.70.147.10, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is accounts-sandbox.centristst.ca.
TLS certificate: Issued by Thawte RSA CA 2018 on January 22nd 2020. Valid for: 2 years.

This is the only time accounts-sandbox.centristst.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	40.70.147.10 40.70.147.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	13.225.87.63 13.225.87.63	16509 (AMAZON-02) (AMAZON-02)
11	2

10 40.70.147.10 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

accounts-sandbox.centristst.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.87.63 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-63.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	centristst.ca 1 redirects accounts-sandbox.centristst.ca	34 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
11	2

	Domain	Requested by
10	accounts-sandbox.centristst.ca	1 redirects accounts-sandbox.centristst.ca
3	sb.scorecardresearch.com	1 redirects accounts-sandbox.centristst.ca
11	2

This site contains links to these domains. Also see Links.

Domain
www.google.fr
www.mozilla.org
www.microsoft.com

Subject Issuer	Validity	Valid
*.centristst.ca Thawte RSA CA 2018	`2020-01-22` - `2022-02-16`	2 years	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://accounts-sandbox.centristst.ca/account/login
Frame ID: F1DB248F3BDDCF711448439A7688FEA8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Connexion

Page URL History Show full URLs

https://accounts-sandbox.centristst.ca/ HTTP 302
https://accounts-sandbox.centristst.ca/account/login Page URL

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

34 kB
Transfer

63 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.fr/intl/fr/chrome/
Title: Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/fr/firefox/new/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/fr-ca/edge
Title: Edge

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://accounts-sandbox.centristst.ca/ HTTP 302
https://accounts-sandbox.centristst.ca/account/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://sb.scorecardresearch.com/b?c1=2&c2=6538986&ns__t=1635425353223&ns_c=UTF-8&cv=3.5&c8=Connexion&c7=https%3A%2F%2Faccounts-sandbox.centristst.ca%2Faccount%2Flogin&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6538986&ns__t=1635425353223&ns_c=UTF-8&cv=3.5&c8=Connexion&c7=https%3A%2F%2Faccounts-sandbox.centristst.ca%2Faccount%2Flogin&c9=

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
accounts-sandbox.centristst.ca/account/
Redirect Chain

https://accounts-sandbox.centristst.ca/
https://accounts-sandbox.centristst.ca/account/login

9 KB
5 KB

142ms
141ms

Document
text/html

40.70.147.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-sandbox.centristst.ca/account/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.70.147.10 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ea323a19f6b5f5e54233404b4b5cf444f25be4fed6f453d7e72c460fb1de2df6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.centristst.ca https://.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://.google.com https://.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 3626
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Request-Context: appId=cid-v1:89656a6d-b945-4089-9bf0-40b8d5a2e2f9
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 1; mode=block
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; autoplay 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; fullscreen *;
Content-Security-Policy: default-src 'self' https://*.centristst.ca https://*.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://*.google.com https://*.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 28 Oct 2021 12:49:11 GMT

Redirect headers

Location: /account/login
Request-Context: appId=cid-v1:89656a6d-b945-4089-9bf0-40b8d5a2e2f9
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 1; mode=block
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; autoplay 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; fullscreen *;
Content-Security-Policy: default-src 'self' https://*.centristst.ca https://*.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://*.google.com https://*.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 28 Oct 2021 12:49:11 GMT
Content-Length: 0

GET
H/1.1 200
OK centris-bubbles.png
accounts-sandbox.centristst.ca/img/ 2 KB
3 KB 150ms
149ms Image
image/png 40.70.147.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts-sandbox.centristst.ca/img/centris-bubbles.png?v=1

Requested by

Host: accounts-sandbox.centristst.ca
URL: https://accounts-sandbox.centristst.ca/account/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.70.147.10 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7ef64db1451333cacc47274b7e3095a04d1fb49b9d44e693714d671f5bbf6812

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.centristst.ca https://.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://.google.com https://.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts-sandbox.centristst.ca/account/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 26 Aug 2021 17:08:48 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "1d79a9d08dd9929"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1209600, private
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; autoplay 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; fullscreen *;
Content-Security-Policy: default-src 'self' https://*.centristst.ca https://*.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://*.google.com https://*.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Date: Thu, 28 Oct 2021 12:49:12 GMT
Accept-Ranges: bytes
Content-Length: 2345
X-Content-Type-Options: nosniff
Request-Context: appId=cid-v1:89656a6d-b945-4089-9bf0-40b8d5a2e2f9

GET
H/1.1 200
OK lock-solid.svg
accounts-sandbox.centristst.ca/img/ 435 B
1 KB 464ms
129ms Image
image/svg+xml 40.70.147.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts-sandbox.centristst.ca/img/lock-solid.svg?v=1

Requested by

Host: accounts-sandbox.centristst.ca
URL: https://accounts-sandbox.centristst.ca/account/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.70.147.10 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fde4a8735902e0fb56a03faf1702d76d869e8a15a25dbfd6781d2f9e74c1e635

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.centristst.ca https://.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://.google.com https://.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts-sandbox.centristst.ca/account/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 26 Aug 2021 17:08:48 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "1d79a9d08dd91b3"
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1209600, private
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; autoplay 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; fullscreen *;
Content-Security-Policy: default-src 'self' https://*.centristst.ca https://*.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://*.google.com https://*.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Date: Thu, 28 Oct 2021 12:49:13 GMT
Accept-Ranges: bytes
Content-Length: 435
X-Content-Type-Options: nosniff
Request-Context: appId=cid-v1:89656a6d-b945-4089-9bf0-40b8d5a2e2f9

GET
H/1.1 200
OK lock-solid-blue.svg
accounts-sandbox.centristst.ca/img/ 435 B
1 KB 471ms
135ms Image
image/svg+xml 40.70.147.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts-sandbox.centristst.ca/img/lock-solid-blue.svg?v=1

Requested by

Host: accounts-sandbox.centristst.ca
URL: https://accounts-sandbox.centristst.ca/account/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.70.147.10 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0d814ceeb67fc9ea9ab8beca57edbc70d126768b5fc88bd26b5ffd26e12c7a91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.centristst.ca https://.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://.google.com https://.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts-sandbox.centristst.ca/account/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 26 Aug 2021 17:08:48 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "1d79a9d08dd91b3"
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1209600, private
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; autoplay 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; fullscreen *;
Content-Security-Policy: default-src 'self' https://*.centristst.ca https://*.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://*.google.com https://*.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Date: Thu, 28 Oct 2021 12:49:13 GMT
Accept-Ranges: bytes
Content-Length: 435
X-Content-Type-Options: nosniff
Request-Context: appId=cid-v1:89656a6d-b945-4089-9bf0-40b8d5a2e2f9

GET
H/1.1 200
OK mobile-alt-solid.svg
accounts-sandbox.centristst.ca/img/ 516 B
2 KB 480ms
140ms Image
image/svg+xml 40.70.147.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts-sandbox.centristst.ca/img/mobile-alt-solid.svg?v=1

Requested by

Host: accounts-sandbox.centristst.ca
URL: https://accounts-sandbox.centristst.ca/account/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.70.147.10 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b581bd26e6680d5aae73f10c89e6ce1527cec1f8e3e8511004a3f44fcec52316

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.centristst.ca https://.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://.google.com https://.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts-sandbox.centristst.ca/account/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 26 Aug 2021 17:08:48 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "1d79a9d08dd9204"
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1209600, private
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; autoplay 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; fullscreen *;
Content-Security-Policy: default-src 'self' https://*.centristst.ca https://*.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://*.google.com https://*.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Date: Thu, 28 Oct 2021 12:49:13 GMT
Accept-Ranges: bytes
Content-Length: 516
X-Content-Type-Options: nosniff
Request-Context: appId=cid-v1:89656a6d-b945-4089-9bf0-40b8d5a2e2f9

GET
H/1.1 200
OK question-circle-regular.svg
accounts-sandbox.centristst.ca/img/ 999 B
2 KB 331ms
135ms Image
image/svg+xml 40.70.147.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts-sandbox.centristst.ca/img/question-circle-regular.svg?v=1

Requested by

Host: accounts-sandbox.centristst.ca
URL: https://accounts-sandbox.centristst.ca/account/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.70.147.10 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6a54071d2ae93b00fd203a11650eb8e53db08ed6853649f243d358f7f9da96aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.centristst.ca https://.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://.google.com https://.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts-sandbox.centristst.ca/account/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 26 Aug 2021 17:08:48 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "1d79a9d08dd93e7"
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1209600, private
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; autoplay 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; fullscreen *;
Content-Security-Policy: default-src 'self' https://*.centristst.ca https://*.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://*.google.com https://*.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Date: Thu, 28 Oct 2021 12:49:12 GMT
Accept-Ranges: bytes
Content-Length: 999
X-Content-Type-Options: nosniff
Request-Context: appId=cid-v1:89656a6d-b945-4089-9bf0-40b8d5a2e2f9

GET
H/1.1 200
OK bootstrap.min.css
accounts-sandbox.centristst.ca/css/ 41 KB
12 KB 280ms
130ms Stylesheet
text/css 40.70.147.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-sandbox.centristst.ca/css/bootstrap.min.css?v=YQIxL-HrvSdTO2pRAvbdrlkco3gJ-CqpqrexHj_0nWc

Requested by

Host: accounts-sandbox.centristst.ca
URL: https://accounts-sandbox.centristst.ca/account/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.70.147.10 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6102312fe1ebbd27533b6a5102f6ddae591ca37809f82aa9aab7b11e3ff49d67

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.centristst.ca https://.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://.google.com https://.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts-sandbox.centristst.ca/account/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:89656a6d-b945-4089-9bf0-40b8d5a2e2f9
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 26 Aug 2021 17:08:48 GMT
Date: Thu, 28 Oct 2021 12:49:12 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600, private
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; autoplay 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; fullscreen *;
ETag: "1d79a9d08dd32c0"
Content-Security-Policy: default-src 'self' https://*.centristst.ca https://*.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://*.google.com https://*.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges: bytes

GET
H/1.1 200
OK styles.css
accounts-sandbox.centristst.ca/css/ 5 KB
3 KB 405ms
115ms Stylesheet
text/css 40.70.147.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-sandbox.centristst.ca/css/styles.css?v=95vaz2uPOVj6mQBlEUb-CgqNFOVbUMkg6y6xuLOTPEI

Requested by

Host: accounts-sandbox.centristst.ca
URL: https://accounts-sandbox.centristst.ca/account/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.70.147.10 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8ba5612497551ed2c1de14d90a9e69e19e8c2be2912f56ee3a2216d30600ca53

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.centristst.ca https://.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://.google.com https://.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts-sandbox.centristst.ca/account/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Content-Length: 1785
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:89656a6d-b945-4089-9bf0-40b8d5a2e2f9
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 26 Aug 2021 17:08:48 GMT
Date: Thu, 28 Oct 2021 12:49:12 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600, private
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; autoplay 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; fullscreen *;
ETag: "1d79a9d08dd83d5"
Content-Security-Policy: default-src 'self' https://*.centristst.ca https://*.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://*.google.com https://*.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges: bytes

GET
H/1.1 200
OK centris-bubbles.png
accounts-sandbox.centristst.ca/img/ 2 KB
3 KB 192ms
135ms Image
image/png 40.70.147.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts-sandbox.centristst.ca/img/centris-bubbles.png?v=fvZNsUUTM8rMRydLfjCVoE0ftJudROaTcU1nH1u_aBI

Requested by

Host: accounts-sandbox.centristst.ca
URL: https://accounts-sandbox.centristst.ca/account/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.70.147.10 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7ef64db1451333cacc47274b7e3095a04d1fb49b9d44e693714d671f5bbf6812

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.centristst.ca https://.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://.google.com https://.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts-sandbox.centristst.ca/account/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 26 Aug 2021 17:08:48 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "1d79a9d08dd9929"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1209600, private
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; autoplay 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; fullscreen *;
Content-Security-Policy: default-src 'self' https://*.centristst.ca https://*.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://*.google.com https://*.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Date: Thu, 28 Oct 2021 12:49:12 GMT
Accept-Ranges: bytes
Content-Length: 2345
X-Content-Type-Options: nosniff
Request-Context: appId=cid-v1:89656a6d-b945-4089-9bf0-40b8d5a2e2f9

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 27ms
9ms Script
application/javascript 13.225.87.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: accounts-sandbox.centristst.ca
URL: https://accounts-sandbox.centristst.ca/account/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.63 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-63.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts-sandbox.centristst.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 02:29:28 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 37186
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: V9LIE-uJXzCmjQ6AIsJhXmUftoAKVVxkN1fyoAscw8NS3DAjh2GTvQ==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6538986&ns__t=1635425353223&ns_c=UTF-8&cv=3.5&c8=Connexion&c7=https%3A%2F%2Faccounts-sandbox.centristst.ca%2Faccount%2Flogin&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=6538986&ns__t=1635425353223&ns_c=UTF-8&cv=3.5&c8=Connexion&c7=https%3A%2F%2Faccounts-sandbox.centristst.ca%2Faccount%2Flogin&c9=

64 B
329 B

9ms
9ms

Image
image/gif

13.225.87.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6538986&ns__t=1635425353223&ns_c=UTF-8&cv=3.5&c8=Connexion&c7=https%3A%2F%2Faccounts-sandbox.centristst.ca%2Faccount%2Flogin&c9=
Requested by: Host: accounts-sandbox.centristst.ca
URL: https://accounts-sandbox.centristst.ca/account/login
Protocol: H2
Server: 13.225.87.63 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-63.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts-sandbox.centristst.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 12:49:13 GMT
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: xtoaLvePsPlkbbBxksTRkC4sALn0KTXqdXYYhSMfh_QLL0KQUg6YqA==

Redirect headers

date: Thu, 28 Oct 2021 12:49:13 GMT
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6538986&ns__t=1635425353223&ns_c=UTF-8&cv=3.5&c8=Connexion&c7=https%3A%2F%2Faccounts-sandbox.centristst.ca%2Faccount%2Flogin&c9=
content-length: 194
x-amz-cf-id: C4xChUUam1qr44hCUt9mBmBi8f80TxXK_DLpSMgDzspGnISwNLY2qA==

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts-sandbox.centristst.ca/	1969-12-31 23:59:59	Name: ARRAffinity Value: 3587fdd53890819a1531698a370eabd3ae90b2d087be9578b1d5650f06c99416
.accounts-sandbox.centristst.ca/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 3587fdd53890819a1531698a370eabd3ae90b2d087be9578b1d5650f06c99416
accounts-sandbox.centristst.ca/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.6jqH8GOZg5I Value: CfDJ8JWX0B-bfBFOsrlcKnCYrNL6stLYHXw_U-0YgsQVAAaZAV9rZ5YsP_bKqSHzVlR45SZZ25T5EQvNC47UoZVHTbq2kn0vZJWGQ9aVCqseiWU9aT8U8mF0F7j1r9zbvTWfhakBtv4pO6E6QXTnf7bFEmM
.scorecardresearch.com/	1970-01-20 15:33:53	Name: UID Value: 1C4XCHUUAM1QR44HCUT9MBg1635425353

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://accounts-sandbox.centristst.ca/account/login Message: The resource https://accounts-sandbox.centristst.ca/img/centris-bubbles.png?v=1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.centristst.ca https://.centris.ca http://b.scorecardresearch.com https://sb.scorecardresearch.com https://.google.com https://.google-analytics.com https://*.googletagmanager.com blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts-sandbox.centristst.ca
sb.scorecardresearch.com
13.225.87.63
40.70.147.10
0d814ceeb67fc9ea9ab8beca57edbc70d126768b5fc88bd26b5ffd26e12c7a91
6102312fe1ebbd27533b6a5102f6ddae591ca37809f82aa9aab7b11e3ff49d67
6a54071d2ae93b00fd203a11650eb8e53db08ed6853649f243d358f7f9da96aa
7ef64db1451333cacc47274b7e3095a04d1fb49b9d44e693714d671f5bbf6812
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8ba5612497551ed2c1de14d90a9e69e19e8c2be2912f56ee3a2216d30600ca53
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
b581bd26e6680d5aae73f10c89e6ce1527cec1f8e3e8511004a3f44fcec52316
ea323a19f6b5f5e54233404b4b5cf444f25be4fed6f453d7e72c460fb1de2df6
fde4a8735902e0fb56a03faf1702d76d869e8a15a25dbfd6781d2f9e74c1e635

accounts-sandbox.centristst.ca Open in urlscan Pro 40.70.147.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

91 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

34 kBTransfer

63 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

4 Cookies

1 Console Messages

Security Headers

Indicators

accounts-sandbox.centristst.ca Open in urlscan Pro
40.70.147.10 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

34 kB
Transfer

63 kB
Size

4
Cookies

11 HTTP transactions
0 data transactions