www.serviceagent.colegiohuitakafusa.com Open in urlscan Pro
172.81.182.240 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.serviceagent.colegiohuitakafusa.com/
Submission: On August 12 via automatic, source certstream-suspicious (August 12th 2021, 5:17:32 pm UTC)

Summary HTTP 20 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 20 HTTP transactions. The main IP is 172.81.182.240, located in Toronto, Canada and belongs to COGENT-174, US. The main domain is www.serviceagent.colegiohuitakafusa.com.
TLS certificate: Issued by R3 on August 12th 2021. Valid for: 3 months.

This is the only time www.serviceagent.colegiohuitakafusa.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canadian Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
8	172.81.182.240 172.81.182.240	174 (COGENT-174) (COGENT-174)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3 3	205.193.117.159 205.193.117.159	2665 (CDAGOVN) (CDAGOVN)
3	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::fe9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
20	8

8 172.81.182.240 (Toronto, Canada)

ASN174 (COGENT-174, US)
PTR: 240.182.81.172.lunanode-rdns.com

www.serviceagent.colegiohuitakafusa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.193.117.159 (Canada) 3 redirects

ASN2665 (CDAGOVN, CA)

canada.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:2a0::fe9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.canada.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	colegiohuitakafusa.com www.serviceagent.colegiohuitakafusa.com	182 KB
6	canada.ca 3 redirects canada.ca www.canada.ca	62 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	31 KB
2	gstatic.com fonts.gstatic.com	38 KB
2	jsdelivr.net cdn.jsdelivr.net	12 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	17 KB
1	jquery.com code.jquery.com	24 KB
20	7

	Domain	Requested by
8	www.serviceagent.colegiohuitakafusa.com	www.serviceagent.colegiohuitakafusa.com ajax.googleapis.com
3	www.canada.ca	www.serviceagent.colegiohuitakafusa.com
3	canada.ca	3 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	www.serviceagent.colegiohuitakafusa.com
2	cdn.jsdelivr.net	www.serviceagent.colegiohuitakafusa.com
1	stackpath.bootstrapcdn.com	www.serviceagent.colegiohuitakafusa.com
1	code.jquery.com	www.serviceagent.colegiohuitakafusa.com
1	ajax.googleapis.com	www.serviceagent.colegiohuitakafusa.com
20	9

This site contains links to these domains. Also see Links.

Domain
canada.ca
pm.gc.ca
open.canada.ca

Subject Issuer	Validity	Valid
serviceagent.colegiohuitakafusa.com R3	`2021-08-12` - `2021-11-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.canada.ca GeoTrust RSA CA 2018	`2021-04-22` - `2022-04-27`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.serviceagent.colegiohuitakafusa.com/
Frame ID: CA6569B169A6D849C722B6C4C803BC55
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<div class="[^"]*parbase/i
script /\/etc\/designs\//i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<div class="[^"]*parbase/i
script /\/etc\/designs\//i

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

365 kB
Transfer

981 kB
Size

0
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://canada.ca/en/employment-social-development/corporate/contact/ei-individual.html
Title: Contact Employment Insurance

Search URL Search Domain Scan URL

URL: https://canada.ca/en/government/dept.html
Title: Departments and agencies

Search URL Search Domain Scan URL

URL: https://canada.ca/en/government/publicservice.html
Title: Public service and military

Search URL Search Domain Scan URL

URL: https://canada.ca/en/news.html
Title: News

Search URL Search Domain Scan URL

URL: https://canada.ca/en/government/system/laws.html
Title: Treaties, laws and regulations

Search URL Search Domain Scan URL

URL: https://canada.ca/en/transparency/reporting.html
Title: Government-wide reporting

Search URL Search Domain Scan URL

URL: http://pm.gc.ca/en
Title: Prime Minister

Search URL Search Domain Scan URL

URL: https://canada.ca/en/government/system.html
Title: About government

Search URL Search Domain Scan URL

URL: http://open.canada.ca/en
Title: Open government

Search URL Search Domain Scan URL

URL: https://canada.ca/en/social.html
Title: Social media

Search URL Search Domain Scan URL

URL: https://canada.ca/en/mobile.html
Title: Mobile applications

Search URL Search Domain Scan URL

URL: https://canada.ca/en/government/about.html
Title: About Canada.ca

Search URL Search Domain Scan URL

URL: https://canada.ca/en/transparency/terms.html
Title: Terms and conditions

Search URL Search Domain Scan URL

URL: https://canada.ca/en/transparency/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://canada.ca/etc/designs/canada/wet-boew/js/wet-boew.min.js HTTP 302
https://www.canada.ca/etc/designs/canada/wet-boew/js/wet-boew.min.js

Request Chain 16

https://canada.ca/etc/designs/canada/wet-boew/js/i18n/en.min.js HTTP 302
https://www.canada.ca/etc/designs/canada/wet-boew/js/i18n/en.min.js

Request Chain 17

https://canada.ca/etc/designs/canada/wet-boew/js/i18n/en.min.js HTTP 302
https://www.canada.ca/etc/designs/canada/wet-boew/js/i18n/en.min.js

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.serviceagent.colegiohuitakafusa.com/ 9 KB
3 KB 588ms
116ms Document
text/html 172.81.182.240
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.serviceagent.colegiohuitakafusa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.81.182.240 Toronto, Canada, ASN174 (COGENT-174, US),
Reverse DNS: 240.182.81.172.lunanode-rdns.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 13100c538cfc2bb5a4eea3480fb4772b37f98b07622857bd90ffa2cd7dbcd50e

Request headers

Host: www.serviceagent.colegiohuitakafusa.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 17:17:15 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3281
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK theme.min.css
www.serviceagent.colegiohuitakafusa.com/css/ 375 KB
76 KB 120ms
119ms Stylesheet
text/css 172.81.182.240
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.serviceagent.colegiohuitakafusa.com/css/theme.min.css
Requested by: Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.81.182.240 Toronto, Canada, ASN174 (COGENT-174, US),
Reverse DNS: 240.182.81.172.lunanode-rdns.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: a3836d73b957ac5981a746636eb5ea1ac903a0f92d4075da35744d529c94167b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.serviceagent.colegiohuitakafusa.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.serviceagent.colegiohuitakafusa.com/
Connection: keep-alive
Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 17:17:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Apr 2020 01:55:10 GMT
Server: Apache/2.4.25 (Debian)
ETag: "5dde5-5a3c34e3b1b80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK all.css
www.serviceagent.colegiohuitakafusa.com/css/ 54 KB
12 KB 113ms
113ms Stylesheet
text/css 172.81.182.240
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.serviceagent.colegiohuitakafusa.com/css/all.css
Requested by: Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.81.182.240 Toronto, Canada, ASN174 (COGENT-174, US),
Reverse DNS: 240.182.81.172.lunanode-rdns.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: f176eed6d3dee2104d6450de9e2ff86b41a15c99e7ad847822c8026f4238d01e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.serviceagent.colegiohuitakafusa.com
Accept-Encoding: gzip, deflate, br
Host: www.serviceagent.colegiohuitakafusa.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.serviceagent.colegiohuitakafusa.com/
Connection: keep-alive
Origin: https://www.serviceagent.colegiohuitakafusa.com
Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 17:17:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Apr 2020 01:42:54 GMT
Server: Apache/2.4.25 (Debian)
ETag: "d74b-5a3c3225ca380-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12068

GET
H/1.1 200
OK logo.svg
www.serviceagent.colegiohuitakafusa.com/img/ 10 KB
10 KB 224ms
110ms Image
image/svg+xml 172.81.182.240
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.serviceagent.colegiohuitakafusa.com/img/logo.svg
Requested by: Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.81.182.240 Toronto, Canada, ASN174 (COGENT-174, US),
Reverse DNS: 240.182.81.172.lunanode-rdns.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: b2e36d892559ddef5691afa5bfba0996945fade837eb649bf6761f583ed95007

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.serviceagent.colegiohuitakafusa.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.serviceagent.colegiohuitakafusa.com/
Connection: keep-alive
Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 17:17:15 GMT
Last-Modified: Tue, 21 Apr 2020 01:48:46 GMT
Server: Apache/2.4.25 (Debian)
ETag: "2749-5a3c33757bb80"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 10057

GET
H/1.1 200
OK bg.jpg
www.serviceagent.colegiohuitakafusa.com/ 74 KB
75 KB 330ms
109ms Image
image/jpeg 172.81.182.240
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.serviceagent.colegiohuitakafusa.com/bg.jpg
Requested by: Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.81.182.240 Toronto, Canada, ASN174 (COGENT-174, US),
Reverse DNS: 240.182.81.172.lunanode-rdns.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: cdcb4942c9a4cbaa3e6fd5d8db8c370ec4b0c8c20dc1ef04ee719b4c733f7090

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.serviceagent.colegiohuitakafusa.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.serviceagent.colegiohuitakafusa.com/
Connection: keep-alive
Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 17:17:15 GMT
Last-Modified: Mon, 09 Aug 2021 14:49:48 GMT
Server: Apache/2.4.25 (Debian)
ETag: "129db-5c9217f283b00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 76251

GET
H/1.1 200
OK wmms-blk.svg
www.serviceagent.colegiohuitakafusa.com/img/ 5 KB
5 KB 331ms
110ms Image
image/svg+xml 172.81.182.240
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.serviceagent.colegiohuitakafusa.com/img/wmms-blk.svg
Requested by: Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.81.182.240 Toronto, Canada, ASN174 (COGENT-174, US),
Reverse DNS: 240.182.81.172.lunanode-rdns.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.serviceagent.colegiohuitakafusa.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.serviceagent.colegiohuitakafusa.com/
Connection: keep-alive
Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 17:17:15 GMT
Last-Modified: Tue, 21 Apr 2020 01:49:50 GMT
Server: Apache/2.4.25 (Debian)
ETag: "129d-5a3c33b284b80"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4765

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
29 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Aug 2022 16:11:30 GMT

GET
H2

200

wet-boew.min.js Show response
www.canada.ca/etc/designs/canada/wet-boew/js/
Redirect Chain

https://canada.ca/etc/designs/canada/wet-boew/js/wet-boew.min.js
https://www.canada.ca/etc/designs/canada/wet-boew/js/wet-boew.min.js

148 KB
52 KB

150ms
14ms

Script
application/javascript

2a02:26f0:6c00:2a0::fe9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canada.ca/etc/designs/canada/wet-boew/js/wet-boew.min.js

Requested by

Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::fe9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

1d5841f0b13b7365ceb95abef753a027a664e6d14af92691249a261a94c74463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-dispatcher: dispatcher2cacentral1
date: Thu, 12 Aug 2021 17:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-vhost: publish
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 53028
last-modified: Tue, 29 Jun 2021 16:24:58 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "25157-5c5ea0c018a80-gzip"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

Location: https://www.canada.ca/etc/designs/canada/wet-boew/js/wet-boew.min.js
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 jquery-3.4.1.slim.min.js Show response
code.jquery.com/ 69 KB
24 KB 41ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by: Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Origin: https://www.serviceagent.colegiohuitakafusa.com
Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 17:17:15 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-1157d"
vary: Accept-Encoding
x-hw: 1628788635.dop041.fr8.t,1628788635.cds244.fr8.hn,1628788635.cds260.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24328

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 21 KB
8 KB 22ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js

Requested by

Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.serviceagent.colegiohuitakafusa.com
Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 5587634
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7510
etag: W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
x-served-by: cache-fra19139-FRA
date: Thu, 12 Aug 2021 17:17:15 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 59 KB
17 KB 46ms
25ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js

Requested by

Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.serviceagent.colegiohuitakafusa.com
Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 17:17:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-08-02 20:41:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: de2d2f3d2665f3b6f4ef5f616a481121
cf-ray: 67db5b2a58724e3e-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 loadingoverlay.min.js Show response
cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.6/dist/ 12 KB
4 KB 22ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.6/dist/loadingoverlay.min.js

Requested by

Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e6c098f1491055376679ccfc0d46cd0a512e1beec85f7e00038404885ba742f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 4135270
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3563
etag: W/"2f0c-8/i2QXIbsblKaxOikwT5PT+ipvw"
x-served-by: cache-fra19146-FRA
date: Thu, 12 Aug 2021 17:17:15 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 9 KB
972 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,latin-ext

Requested by

Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/css/theme.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e00f6c2716f039999bc8973a543bb471c3437f8c49891a292d8c24fcbbe41a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 16:42:35 GMT
server: ESF
date: Thu, 12 Aug 2021 17:17:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Aug 2021 17:17:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
530 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin,latin-ext

Requested by

Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/css/theme.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5f1c76620875851a634bc5349bc3177c262f6bfbfb5fcfa7c7b1ff91d1bd36d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 16:12:14 GMT
server: ESF
date: Thu, 12 Aug 2021 17:17:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Aug 2021 17:17:15 GMT

GET
H/1.1 404
Not Found landscape.png
www.serviceagent.colegiohuitakafusa.com/assets/ 302 B
302 B 111ms
110ms Image
text/html 172.81.182.240
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.serviceagent.colegiohuitakafusa.com/assets/landscape.png
Requested by: Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/css/theme.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.81.182.240 Toronto, Canada, ASN174 (COGENT-174, US),
Reverse DNS: 240.182.81.172.lunanode-rdns.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 91b8f8be7b6f70583d7b4325ec2414369f0eb9a24e4067a809161267e0922865

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.serviceagent.colegiohuitakafusa.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.serviceagent.colegiohuitakafusa.com/css/theme.min.css
Connection: keep-alive
Referer: https://www.serviceagent.colegiohuitakafusa.com/css/theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 17:17:15 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 302
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v14/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v14/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.serviceagent.colegiohuitakafusa.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 23:31:06 GMT
x-content-type-options: nosniff
age: 150369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16056
x-xss-protection: 0
last-modified: Tue, 13 Jul 2021 21:27:33 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 23:31:06 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.serviceagent.colegiohuitakafusa.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:29:48 GMT
x-content-type-options: nosniff
age: 233247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:29:48 GMT

GET
H2

200

en.min.js
www.canada.ca/etc/designs/canada/wet-boew/js/i18n/
Redirect Chain

https://canada.ca/etc/designs/canada/wet-boew/js/i18n/en.min.js
https://www.canada.ca/etc/designs/canada/wet-boew/js/i18n/en.min.js

6 KB
6 KB

18ms
17ms

Image
application/javascript

2a02:26f0:6c00:2a0::fe9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canada.ca/etc/designs/canada/wet-boew/js/i18n/en.min.js

Requested by

Host: www.serviceagent.colegiohuitakafusa.com
URL: https://www.serviceagent.colegiohuitakafusa.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::fe9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Thu, 12 Aug 2021 17:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-vhost: publish
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 2851
last-modified: Thu, 20 May 2021 16:17:26 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "17f1-5c2c547699180-gzip"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes

Redirect headers

Location: https://www.canada.ca/etc/designs/canada/wet-boew/js/i18n/en.min.js
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2

200

en.min.js Show response
www.canada.ca/etc/designs/canada/wet-boew/js/i18n/
Redirect Chain

https://canada.ca/etc/designs/canada/wet-boew/js/i18n/en.min.js
https://www.canada.ca/etc/designs/canada/wet-boew/js/i18n/en.min.js

6 KB
3 KB

15ms
15ms

Script
application/javascript

2a02:26f0:6c00:2a0::fe9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canada.ca/etc/designs/canada/wet-boew/js/i18n/en.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::fe9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

1af65b0846accd7ceb6b77be71a1f1a878682e2d5b82893e3a0e3acbe3b7f0ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.serviceagent.colegiohuitakafusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Thu, 12 Aug 2021 17:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-vhost: publish
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2851
last-modified: Thu, 20 May 2021 16:17:26 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "17f1-5c2c547699180-gzip"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes

Redirect headers

Location: https://www.canada.ca/etc/designs/canada/wet-boew/js/i18n/en.min.js
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 404
Not Found messages.en.html Show response
www.serviceagent.colegiohuitakafusa.com/bin/canada/alert/ 302 B
518 B 111ms
110ms XHR
text/html 172.81.182.240
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.serviceagent.colegiohuitakafusa.com/bin/canada/alert/messages.en.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.81.182.240 Toronto, Canada, ASN174 (COGENT-174, US),
Reverse DNS: 240.182.81.172.lunanode-rdns.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 91b8f8be7b6f70583d7b4325ec2414369f0eb9a24e4067a809161267e0922865

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.serviceagent.colegiohuitakafusa.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.serviceagent.colegiohuitakafusa.com/
Accept: */*
Referer: https://www.serviceagent.colegiohuitakafusa.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 17:17:16 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 302
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canadian Government (Government)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
canada.ca
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
stackpath.bootstrapcdn.com
www.canada.ca
www.serviceagent.colegiohuitakafusa.com
172.81.182.240
2001:4de0:ac18::1:a:2b
205.193.117.159
2606:4700::6812:acf
2a00:1450:4001:80f::200a
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a02:26f0:6c00:2a0::fe9
2a04:4e42:3::485
13100c538cfc2bb5a4eea3480fb4772b37f98b07622857bd90ffa2cd7dbcd50e
1af65b0846accd7ceb6b77be71a1f1a878682e2d5b82893e3a0e3acbe3b7f0ff
1d5841f0b13b7365ceb95abef753a027a664e6d14af92691249a261a94c74463
2e00f6c2716f039999bc8973a543bb471c3437f8c49891a292d8c24fcbbe41a5
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
91b8f8be7b6f70583d7b4325ec2414369f0eb9a24e4067a809161267e0922865
a3836d73b957ac5981a746636eb5ea1ac903a0f92d4075da35744d529c94167b
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
b2e36d892559ddef5691afa5bfba0996945fade837eb649bf6761f583ed95007
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cdcb4942c9a4cbaa3e6fd5d8db8c370ec4b0c8c20dc1ef04ee719b4c733f7090
d5f1c76620875851a634bc5349bc3177c262f6bfbfb5fcfa7c7b1ff91d1bd36d
dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c098f1491055376679ccfc0d46cd0a512e1beec85f7e00038404885ba742f9
f176eed6d3dee2104d6450de9e2ff86b41a15c99e7ad847822c8026f4238d01e

www.serviceagent.colegiohuitakafusa.com Open in urlscan Pro 172.81.182.240 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

78 %IPv6

7 Domains

9 Subdomains

8 IPs

4 Countries

365 kBTransfer

981 kBSize

0 Cookies

14 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

20 JavaScript Global Variables

0 Cookies

Indicators

www.serviceagent.colegiohuitakafusa.com Open in urlscan Pro
172.81.182.240 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

365 kB
Transfer

981 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!