cextec.com Open in urlscan Pro
185.73.178.19 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cextec.com/craa/cra.html
Submission: On August 07 via manual (August 7th 2020, 7:39:12 pm UTC) from CA

Summary HTTP 27 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 5 countries across 5 domains to perform 27 HTTP transactions. The main IP is 185.73.178.19, located in Spain and belongs to HOSTISOFT, ES. The main domain is cextec.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 24th 2020. Valid for: 3 months.

This is the only time cextec.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canadian Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
5 27	185.73.178.19 185.73.178.19	203292 (HOSTISOFT) (HOSTISOFT)
2	3.248.37.251 3.248.37.251	16509 (AMAZON-02) (AMAZON-02)
1	15.236.9.100 15.236.9.100	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
1	52.49.61.185 52.49.61.185	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:10c... 2a02:26f0:10c:382::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
27	5

27 185.73.178.19 (Spain) 5 redirects

ASN203292 (HOSTISOFT, ES)
PTR: server.axencialocaldecolocacion.com

cextec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cextec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.37.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-37-251.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.9.100 (Paris, France)

ASN16509 (AMAZON-02, US)

canada.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.61.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-61-185.eu-west-1.compute.amazonaws.com

canada.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:382::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	cextec.com 5 redirects cextec.com www.cextec.com	914 KB
3	demdex.net dpm.demdex.net canada.demdex.net	2 KB
1	adobedtm.com assets.adobedtm.com	12 KB
1	everesttech.net 1 redirects cm.everesttech.net	554 B
1	omtrdc.net canada.sc.omtrdc.net	314 B
27	5

	Domain	Requested by
22	cextec.com	5 redirects cextec.com
5	www.cextec.com	cextec.com
2	dpm.demdex.net	cextec.com
1	assets.adobedtm.com	cextec.com
1	canada.demdex.net	cextec.com
1	cm.everesttech.net	1 redirects
1	canada.sc.omtrdc.net	cextec.com
27	7

This site contains links to these domains. Also see Links.

Domain
www.canada.ca
apps5.ams-sga.cra-arc.gc.ca

Subject Issuer	Validity	Valid
cextec.com cPanel, Inc. Certification Authority	`2020-07-24` - `2020-10-22`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-02-28` - `2022-03-04`	2 years	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://cextec.com/craa/cra.html
Frame ID: 3D3A39EBB43854541AC71D462D4BF172
Requests: 24 HTTP requests in this frame

Frame: https://cextec.com/craa/cra_files/sig-blk-en.svg
Frame ID: 11F21AB4EC3867D51699399C45AA58F1
Requests: 1 HTTP requests in this frame

Frame: https://canada.demdex.net/dest5.html?d_nsid=0
Frame ID: B33B5906BA53A0D45EFB5F9E63611E26
Requests: 1 HTTP requests in this frame

Frame: https://cextec.com/craa/cra_files/wmms-blk.svg
Frame ID: D975389FBD5626E1D4763B330BF5EC20
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

27
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

7
Subdomains

5
IPs

5
Countries

926 kB
Transfer

940 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.canada.ca/en/transparency/terms.html
Title: Terms and conditions

Search URL Search Domain Scan URL

URL: https://www.canada.ca/en/transparency/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://apps5.ams-sga.cra-arc.gc.ca/gol-ged/awsc/amss/enrol/start?prog=mima#wb-cont
Title: Top of Page

Search URL Search Domain Scan URL

URL: https://apps5.ams-sga.cra-arc.gc.ca/gol-ged/awsc/amss/enrol/start?prog=mima#wb-sessto-modal

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://cextec.com/craa/cra_files/font-awesome-4.7.0/css/font-awesome.css HTTP 301
https://www.cextec.com/craa/cra_files/font-awesome-4.7.0/css/font-awesome.css

Request Chain 16

https://cextec.com/gol-ged/awsc/amss/pub/css/timeout.css HTTP 301
https://www.cextec.com/gol-ged/awsc/amss/pub/css/timeout.css

Request Chain 18

https://cm.everesttech.net/cm/dd?d_uuid=13680756551923971663661110480240543603 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xy2tywAABJ9GOlL0

Request Chain 21

https://cextec.com/craa/cra_files/i18n/en.min.js HTTP 301
https://www.cextec.com/craa/cra_files/i18n/en.min.js

Request Chain 23

https://cextec.com/gol-ged/awsc/amss/pub/js/timeout.js HTTP 301
https://www.cextec.com/gol-ged/awsc/amss/pub/js/timeout.js

Request Chain 25

https://cextec.com/craa/cra_files/i18n/en.min.js HTTP 301
https://www.cextec.com/craa/cra_files/i18n/en.min.js

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request cra.html Show response
cextec.com/craa/ 15 KB
15 KB 272ms
72ms Document
text/html 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: adeb584dd4ddc3c92a565ef7b2b1d59b20e442f8ea23bbeb739b7abd47696272

Request headers

Host: cextec.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:47 GMT
Server: Apache
Last-Modified: Tue, 04 Aug 2020 01:44:05 GMT
Accept-Ranges: bytes
Content-Length: 14965
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK timeout.js.download Show response
cextec.com/craa/cra_files/ 12 KB
13 KB 429ms
83ms Script
application/javascript 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/timeout.js.download
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: ae8dbee616013eaacb629a6da658da3782f7e8cccf3e2a129270ef8b6266461e

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Last-Modified: Tue, 04 Aug 2020 00:58:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 12694

GET
H/1.1 200
OK en.min.js.download Show response
cextec.com/craa/cra_files/ 6 KB
6 KB 73ms
71ms Script
application/javascript 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/en.min.js.download
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: 300208b1cc705d12a8504aad3f98e188045a373260955126dd58893baa50a3cb

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:47 GMT
Last-Modified: Tue, 04 Aug 2020 00:58:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5709

GET
H/1.1 200
OK jquery.magnific-popup.min.js.download Show response
cextec.com/craa/cra_files/ 21 KB
21 KB 213ms
71ms Script
application/javascript 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/jquery.magnific-popup.min.js.download
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: 312735d1664d0b3c3fba68ea4ac54021cbc6181e9a77264112d9017eab082dd3

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Last-Modified: Tue, 04 Aug 2020 00:58:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 21098

GET
H/1.1 200
OK satelliteLib-c2082deaf69c358c641c5eb20f94b615dd606662.js.download Show response
cextec.com/craa/cra_files/ 195 KB
195 KB 214ms
72ms Script
application/javascript 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/satelliteLib-c2082deaf69c358c641c5eb20f94b615dd606662.js.download
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: 6351e3c62b028077f26888bd5f3f75255ccdc4d0ee03de2a8abc1a643d885f65

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Last-Modified: Tue, 04 Aug 2020 00:58:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 199836

GET
H/1.1 200
OK theme.min.css
cextec.com/craa/cra_files/ 288 KB
289 KB 146ms
72ms Stylesheet
text/css 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/theme.min.css
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: aa5000460efb2e67b39cec17aaa847742bc5becc9c2aea32fd635873dfc1191f

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Last-Modified: Tue, 04 Aug 2020 00:58:32 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 295308

GET
H/1.1 200
OK apps.css
cextec.com/craa/cra_files/ 3 KB
3 KB 212ms
71ms Stylesheet
text/css 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/apps.css
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: 0792d5065b2f21dda9320d61527c0af92fb14282e465da8788c52dffa324a94c

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Last-Modified: Tue, 04 Aug 2020 00:58:32 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3291

GET
H/1.1 200
OK common.css
cextec.com/craa/cra_files/ 3 KB
3 KB 213ms
72ms Stylesheet
text/css 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/common.css
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: 667e31435709f66786104abe8c8fa3c8d2cf9eaf2a184f9025086b42f0417913

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Last-Modified: Tue, 04 Aug 2020 00:58:32 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3239

GET
H/1.1 200
OK amssUtils.js.download Show response
cextec.com/craa/cra_files/ 4 KB
4 KB 285ms
71ms Script
application/javascript 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/amssUtils.js.download
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: eae0e07ad74621b813a91b0ed4d1f78ab5f427239c9d5bc3aebf97c4760ec945

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Last-Modified: Tue, 04 Aug 2020 00:58:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4329

GET
H/1.1 200
OK s-code-contents-722625ca156c1c77875802d147e029edf6304536.js.download Show response
cextec.com/craa/cra_files/ 32 KB
32 KB 287ms
73ms Script
application/javascript 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/s-code-contents-722625ca156c1c77875802d147e029edf6304536.js.download
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: e6f99c322f7bcc6248683811b5b1d3c21ca7308f844fb2f93825275c889c53f2

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Last-Modified: Tue, 04 Aug 2020 00:58:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 32630

GET
H/1.1 200
OK jquery.min.js.download Show response
cextec.com/craa/cra_files/ 82 KB
83 KB 286ms
72ms Script
application/javascript 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/jquery.min.js.download
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Last-Modified: Tue, 04 Aug 2020 00:58:34 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 84384

GET
H/1.1 200
OK wet-boew.min.js.download Show response
cextec.com/craa/cra_files/ 196 KB
196 KB 337ms
71ms Script
application/javascript 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/wet-boew.min.js.download
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: 8a6a33002521ed32b60d1971389d610daa692c970ff4a92b861d6dd2241af0bf

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Last-Modified: Tue, 04 Aug 2020 00:58:34 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 200861

GET
H/1.1 200
OK theme.min.js.download Show response
cextec.com/craa/cra_files/ 32 KB
32 KB 360ms
75ms Script
application/javascript 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/theme.min.js.download
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: e9fb94353f129775f7c24a1dee7f6cc3d892760b667c4a709b33e40bebcf3fb7

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Last-Modified: Tue, 04 Aug 2020 00:58:34 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 32682

GET
H/1.1 200
OK apps.js.download Show response
cextec.com/craa/cra_files/ 2 KB
2 KB 382ms
71ms Script
application/javascript 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/apps.js.download
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: b25f13ec18abd6d2454915f18831ad8109a959a868003d6eebd8142d6950d7d7

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Last-Modified: Tue, 04 Aug 2020 00:58:34 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2243

GET
H/1.1 200
OK timeout.css
cextec.com/craa/cra_files/ 428 B
669 B 213ms
72ms Stylesheet
text/css 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/timeout.css
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: 447a4a6c6d785d6fc009367d1fd835b3245114e3162a5dafe288ea54ffd7e0c7

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Last-Modified: Tue, 04 Aug 2020 00:58:34 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 428

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 365 B
1 KB 201ms
53ms XHR
application/json 3.248.37.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A90F2A0D55423F537F000101%40AdobeOrg&d_nsid=0&ts=1596829128337

Requested by

Host: cextec.com
URL: https://cextec.com/craa/cra_files/satelliteLib-c2082deaf69c358c641c5eb20f94b615dd606662.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.37.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-37-251.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0822e52065fcb8e86041ba11e6ee6604e87ad93c690774c22b0fbcd3535dfd51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v078-0dc80623d.edge-irl1.demdex.com 5.76.0.20200805085924 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: o8TnYqa2Qzo=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://cextec.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 302
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

404
Not Found

font-awesome.css
www.cextec.com/craa/cra_files/font-awesome-4.7.0/css/
Redirect Chain

https://cextec.com/craa/cra_files/font-awesome-4.7.0/css/font-awesome.css
https://www.cextec.com/craa/cra_files/font-awesome-4.7.0/css/font-awesome.css

0
0

1598ms
1456ms

Stylesheet
text/html

185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cextec.com/craa/cra_files/font-awesome-4.7.0/css/font-awesome.css
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: /
Resource Hash

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Server: Apache
X-Redirect-By: WordPress
X-Frame-Options: SAMEORIGIN
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Location: https://www.cextec.com/craa/cra_files/font-awesome-4.7.0/css/font-awesome.css
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=98
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1

404
Not Found

timeout.css
www.cextec.com/gol-ged/awsc/amss/pub/css/
Redirect Chain

https://cextec.com/gol-ged/awsc/amss/pub/css/timeout.css
https://www.cextec.com/gol-ged/awsc/amss/pub/css/timeout.css

0
0

1797ms
1592ms

Stylesheet
text/html

185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cextec.com/gol-ged/awsc/amss/pub/css/timeout.css
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: /
Resource Hash

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Fri, 07 Aug 2020 19:38:48 GMT
Server: Apache
X-Redirect-By: WordPress
X-Frame-Options: SAMEORIGIN
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Location: https://www.cextec.com/gol-ged/awsc/amss/pub/css/timeout.css
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=97
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 id Show response
canada.sc.omtrdc.net/ 2 B
314 B 154ms
43ms XHR
application/x-javascript 15.236.9.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canada.sc.omtrdc.net/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=A90F2A0D55423F537F000101%40AdobeOrg&mid=13650254066856096593657778844901325990&ts=1596829128544

Requested by

Host: cextec.com
URL: https://cextec.com/craa/cra_files/satelliteLib-c2082deaf69c358c641c5eb20f94b615dd606662.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Fri, 07 Aug 2020 19:38:48 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7447d85976-gp5qr
vary: Origin
x-c: master-1315.Ia06625.M0-426
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://cextec.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Xy2tywAABJ9GOlL0
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=13680756551923971663661110480240543603
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xy2tywAABJ9GOlL0

42 B
915 B

52ms
51ms

Image
image/gif

3.248.37.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xy2tywAABJ9GOlL0

Requested by

Host: cextec.com
URL: https://cextec.com/craa/cra.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.37.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-37-251.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v078-0bc48b874.edge-irl1.demdex.com 5.76.0.20200805085924 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: R3yufAUJRQI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 07 Aug 2020 19:38:51 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xy2tywAABJ9GOlL0
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H/1.1 200
OK sig-blk-en.svg Show response
cextec.com/craa/cra_files/ Frame 11F2 10 KB
11 KB 72ms
72ms Document
image/svg+xml 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/sig-blk-en.svg
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: ede8178f5d7e3f8bafa83702d2c54ae6f6e3bfb12f8acda98d5181a63365c81f

Request headers

Host: cextec.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: object
Referer: https://cextec.com/craa/cra.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: AMCVS_A90F2A0D55423F537F000101%40AdobeOrg=1; AMCV_A90F2A0D55423F537F000101%40AdobeOrg=-330454231%7CMCIDTS%7C18482%7CMCMID%7C13650254066856096593657778844901325990%7CMCAAMLH-1597433928%7C6%7CMCAAMB-1597433928%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1596836328s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.1.2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cextec.com/craa/cra.html

Response headers

Date: Fri, 07 Aug 2020 19:38:51 GMT
Server: Apache
Last-Modified: Tue, 04 Aug 2020 00:58:32 GMT
Accept-Ranges: bytes
Content-Length: 10723
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml

GET
H/1.1 200
OK Cookie set dest5.html
canada.demdex.net/ Frame B33B 0
0 211ms
48ms Document
text/html 52.49.61.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canada.demdex.net/dest5.html?d_nsid=0

Requested by

Host: cextec.com
URL: https://cextec.com/craa/cra_files/satelliteLib-c2082deaf69c358c641c5eb20f94b615dd606662.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.61.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-61-185.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: canada.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cextec.com/craa/cra.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=13680756551923971663661110480240543603
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cextec.com/craa/cra.html

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 05 Aug 2020 12:34:40 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=13680756551923971663661110480240543603;Path=/;Domain=.demdex.net;Expires=Wed, 03-Feb-2021 19:38:51 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: e8kPqfZFTyM=
Content-Length: 2785
Connection: keep-alive

GET
H/1.1

404
Not Found

en.min.js
www.cextec.com/craa/cra_files/i18n/
Redirect Chain

https://cextec.com/craa/cra_files/i18n/en.min.js
https://www.cextec.com/craa/cra_files/i18n/en.min.js

0
0

1367ms
1228ms

Image
text/html

185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cextec.com/craa/cra_files/i18n/en.min.js
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Fri, 07 Aug 2020 19:38:51 GMT
Server: Apache
X-Redirect-By: WordPress
X-Frame-Options: SAMEORIGIN
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Location: https://www.cextec.com/craa/cra_files/i18n/en.min.js
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=96
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 s-code-contents-722625ca156c1c77875802d147e029edf6304536.js Show response
assets.adobedtm.com/caacec67651710193d2331efef325107c23a0145/ 32 KB
12 KB 29ms
9ms Script
application/x-javascript 2a02:26f0:10c:382::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/caacec67651710193d2331efef325107c23a0145/s-code-contents-722625ca156c1c77875802d147e029edf6304536.js
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra_files/satelliteLib-c2082deaf69c358c641c5eb20f94b615dd606662.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e6f99c322f7bcc6248683811b5b1d3c21ca7308f844fb2f93825275c889c53f2

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 19:38:51 GMT
content-encoding: gzip
last-modified: Mon, 11 May 2020 13:28:59 GMT
server: AkamaiNetStorage
status: 200
etag: "a4f59c3f184ff9e358242397e32dbdf2:1589203739.988433"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cextec.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 12016
expires: Fri, 07 Aug 2020 20:38:51 GMT

GET
H/1.1

404
Not Found

timeout.js
www.cextec.com/gol-ged/awsc/amss/pub/js/
Redirect Chain

https://cextec.com/gol-ged/awsc/amss/pub/js/timeout.js
https://www.cextec.com/gol-ged/awsc/amss/pub/js/timeout.js

0
0

1670ms
1527ms

Script
text/html

185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cextec.com/gol-ged/awsc/amss/pub/js/timeout.js
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: /
Resource Hash

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Fri, 07 Aug 2020 19:38:51 GMT
Server: Apache
X-Redirect-By: WordPress
X-Frame-Options: SAMEORIGIN
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Location: https://www.cextec.com/gol-ged/awsc/amss/pub/js/timeout.js
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=98
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK wmms-blk.svg Show response
cextec.com/craa/cra_files/ Frame D975 5 KB
5 KB 72ms
72ms Document
image/svg+xml 185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://cextec.com/craa/cra_files/wmms-blk.svg
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: Apache /
Resource Hash: dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487

Request headers

Host: cextec.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: object
Referer: https://cextec.com/craa/cra.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: AMCVS_A90F2A0D55423F537F000101%40AdobeOrg=1; AMCV_A90F2A0D55423F537F000101%40AdobeOrg=-330454231%7CMCIDTS%7C18482%7CMCMID%7C13650254066856096593657778844901325990%7CMCAAMLH-1597433928%7C6%7CMCAAMB-1597433928%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1596836328s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.1.2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cextec.com/craa/cra.html

Response headers

Date: Fri, 07 Aug 2020 19:38:51 GMT
Server: Apache
Last-Modified: Tue, 04 Aug 2020 00:58:32 GMT
Accept-Ranges: bytes
Content-Length: 4765
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml

GET
H/1.1

404
Not Found

en.min.js
www.cextec.com/craa/cra_files/i18n/
Redirect Chain

https://cextec.com/craa/cra_files/i18n/en.min.js
https://www.cextec.com/craa/cra_files/i18n/en.min.js

0
0

1349ms
1209ms

Script
text/html

185.73.178.19
HOSTISOFT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cextec.com/craa/cra_files/i18n/en.min.js
Requested by: Host: cextec.com
URL: https://cextec.com/craa/cra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.73.178.19 , Spain, ASN203292 (HOSTISOFT, ES),
Reverse DNS: server.axencialocaldecolocacion.com
Software: /
Resource Hash

Request headers

Referer: https://cextec.com/craa/cra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Fri, 07 Aug 2020 19:38:54 GMT
Server: Apache
X-Redirect-By: WordPress
X-Frame-Options: SAMEORIGIN
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Location: https://www.cextec.com/craa/cra_files/i18n/en.min.js
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=95
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canadian Government (Government)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
canada.demdex.net
canada.sc.omtrdc.net
cextec.com
cm.everesttech.net
dpm.demdex.net
www.cextec.com
15.236.9.100
185.73.178.19
2a02:26f0:10c:382::1e80
3.248.37.251
52.49.61.185
66.117.28.86
0792d5065b2f21dda9320d61527c0af92fb14282e465da8788c52dffa324a94c
0822e52065fcb8e86041ba11e6ee6604e87ad93c690774c22b0fbcd3535dfd51
300208b1cc705d12a8504aad3f98e188045a373260955126dd58893baa50a3cb
312735d1664d0b3c3fba68ea4ac54021cbc6181e9a77264112d9017eab082dd3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447a4a6c6d785d6fc009367d1fd835b3245114e3162a5dafe288ea54ffd7e0c7
6351e3c62b028077f26888bd5f3f75255ccdc4d0ee03de2a8abc1a643d885f65
667e31435709f66786104abe8c8fa3c8d2cf9eaf2a184f9025086b42f0417913
8a6a33002521ed32b60d1971389d610daa692c970ff4a92b861d6dd2241af0bf
aa5000460efb2e67b39cec17aaa847742bc5becc9c2aea32fd635873dfc1191f
adeb584dd4ddc3c92a565ef7b2b1d59b20e442f8ea23bbeb739b7abd47696272
ae8dbee616013eaacb629a6da658da3782f7e8cccf3e2a129270ef8b6266461e
b25f13ec18abd6d2454915f18831ad8109a959a868003d6eebd8142d6950d7d7
dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f99c322f7bcc6248683811b5b1d3c21ca7308f844fb2f93825275c889c53f2
e9fb94353f129775f7c24a1dee7f6cc3d892760b667c4a709b33e40bebcf3fb7
eae0e07ad74621b813a91b0ed4d1f78ab5f427239c9d5bc3aebf97c4760ec945
ede8178f5d7e3f8bafa83702d2c54ae6f6e3bfb12f8acda98d5181a63365c81f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

cextec.com Open in urlscan Pro 185.73.178.19 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

17 %IPv6

5 Domains

7 Subdomains

5 IPs

5 Countries

926 kBTransfer

940 kBSize

0 Cookies

4 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

cextec.com Open in urlscan Pro
185.73.178.19 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

7
Subdomains

5
IPs

5
Countries

926 kB
Transfer

940 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!