urlscan.io logo urlscan.io
SecurityTrails logo

empfreedommobile.ca Open in urlscan Pro
2606:4700:3033::6815:b8c  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://empfreedommobile.ca/
Effective URL: https://empfreedommobile.ca/
Submission: On July 17 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3033::6815:b8c, located in United States and belongs to CLOUDFLARENET, US. The main domain is empfreedommobile.ca.
TLS certificate: Issued by GTS CA 1P5 on July 16th 2023. Valid for: 3 months.
This is the only time empfreedommobile.ca was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Freedom Mobile (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
9 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:402... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
11 4
Apex Domain
Subdomains		 Transfer
10 empfreedommobile.ca
empfreedommobile.ca
136 KB
1 gstatic.com
www.gstatic.com
173 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 10
877 B
11 3
Domain Requested by
10 empfreedommobile.ca 1 redirects empfreedommobile.ca
1 www.gstatic.com www.google.com
1 www.google.com empfreedommobile.ca
11 3

This site contains links to these domains. Also see Links.

Domain
www.cyberark.com
Subject Issuer Validity Valid
empfreedommobile.ca
GTS CA 1P5		 2023-07-16 -
2023-10-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://empfreedommobile.ca/
Frame ID: 558136F5B5D31249FCEA565499AEB64D
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CyberArk Identity Login

Page URL History Show full URLs

  1. http://empfreedommobile.ca/ HTTP 302
    https://empfreedommobile.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

309 kB
Transfer

933 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://empfreedommobile.ca/ HTTP 302
    https://empfreedommobile.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
empfreedommobile.ca/
Redirect Chain
  • http://empfreedommobile.ca/
  • https://empfreedommobile.ca/
65 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://empfreedommobile.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:b8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
326a9df281bd09eb4052db1c060bb4a37ef306ff64c2bc822c5636ef66c5d31c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e83d0e009903870-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 17 Jul 2023 16:21:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O432HWd5ZkArevPz0lipbeQRoplXz95L4JMsRyhC%2FBGCPYDpncFdJtXONTUjUm8%2Brhr8BRC4TiHT9h8e8AzefalgfepbuLmSqI%2FKRwU9iTZdrLHxNmcfX5BDDxoPdlD4X8AOYJsCDmDp1Y%2BJqmkxPZW4"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7e83d0dddcc539d7-YYZ
Connection
keep-alive
Content-Type
text/html
Date
Mon, 17 Jul 2023 16:21:04 GMT
Location
https://empfreedommobile.ca/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGmmd%2BCy%2B74g6hJZwyLE7zsboeh8wdcYFNKoLa8gtN8aJg%2FRyLhbyrH3OBrCz%2FXXOe%2FU87JERe2iXftOnqUy7Tt34OwTD9P8KYCJPPU02uK2Az8%2F1TX0uuoD1satEoMoOqcrf0AHJsG3RQ6qq4PucheQ"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
login.css
empfreedommobile.ca/vfslow/lib/uibuild/standalonelogin/css/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://empfreedommobile.ca/vfslow/lib/uibuild/standalonelogin/css/login.css?_ver=1688780681
Requested by
Host: empfreedommobile.ca
URL: https://empfreedommobile.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:b8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
964a7e1c2b4bfe1c7fffd2ff598ffc5100d5f87d0c3629a558e65983bcdac81a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://empfreedommobile.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 16:21:04 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Jul 2023 01:43:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64b34b3e-9c37"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiOSGofonX4uOHedyy%2BPcLGmwepvTLlnIQMFB2yTPj4btp9nQjuWDyuBabEttUuA%2FWRUEu3dW%2FG1Sbknlo1mEK87e8lfSW9yZIfV5%2FS2cN2yJAZmrSGhnv2pptpBVYzXtbOI%2B%2BRZ8JA9JaJFZO3JcHsx"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7e83d0e14b203870-YYZ
alt-svc
h3=":443"; ma=86400
login.js
empfreedommobile.ca/vfslow/lib/uibuild/standalonelogin/ 		315 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://empfreedommobile.ca/vfslow/lib/uibuild/standalonelogin/login.js?_ver=1688780681
Requested by
Host: empfreedommobile.ca
URL: https://empfreedommobile.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:b8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92dd63f82990cca800f93c0427c547a751318af1191c4a32da899f4f962dd485

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://empfreedommobile.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 16:21:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Jul 2023 01:43:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64b34b3d-4ea47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zzn1l9pHWRLtATJDa9rzyyLKVVWzT0JPUq7wSTOrdcaIYjADwqc3ebzfCFk9kDJGkExwWiRgTqlJjf7nNcQ6Xqznmbbm%2FQuhCOLlFNjnhDn2MNTavR8duWynz7rCAhhnQybXlG1sDpd8%2FNUhxZ4h%2BQwg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7e83d0e16b493870-YYZ
alt-svc
h3=":443"; ma=86400
open-sans.css
empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/fonts/ 		3 KB
914 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/fonts/open-sans.css
Requested by
Host: empfreedommobile.ca
URL: https://empfreedommobile.ca/vfslow/lib/uibuild/standalonelogin/css/login.css?_ver=1688780681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:b8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c86b11befaee15cbf833e3a274be30294776ae82b2688c9fb2041d6731cb2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://empfreedommobile.ca/vfslow/lib/uibuild/standalonelogin/css/login.css?_ver=1688780681
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 16:21:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 16 Jul 2023 01:43:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64b34b3e-d72"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vr0KzG3vtm261yAjOFO3jKCrtsCJriyDo6gbY0zWHjJxxI72Iy5YiyPQqFBxa8WwH1solNWAs6yPRbNU7adUbtSh4PNSM45E21le33Zo2jjzICq5gsOmBDavPOEGfy7aI5HkChZanvfrCa6dvhil%2BSNb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7e83d0e25d7c54cd-YYZ
alt-svc
h3=":443"; ma=86400
api.js
www.google.com/recaptcha/ 		852 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: empfreedommobile.ca
URL: https://empfreedommobile.ca/vfslow/lib/uibuild/standalonelogin/login.js?_ver=1688780681
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
22bf4f819fd70a1b99e8376fe1a5992576b4bb15b49495adbaf4e68c775d5c1d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://empfreedommobile.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 16:21:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
557
x-xss-protection
1; mode=block
expires
Mon, 17 Jul 2023 16:21:05 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ 		428 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33fff5e71230b233c586df2513ccfc7fb79983af64a59022d1359e262b8c689a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://empfreedommobile.ca/
Origin
https://empfreedommobile.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 01:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176042
x-xss-protection
0
last-modified
Sun, 09 Jul 2023 08:00:56 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Jul 2024 01:02:17 GMT
login_background.svg
empfreedommobile.ca/vfslow/lib/ui/StandaloneLogin/images/ 		15 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://empfreedommobile.ca/vfslow/lib/ui/StandaloneLogin/images/login_background.svg?1687496660
Requested by
Host: empfreedommobile.ca
URL: https://empfreedommobile.ca/vfslow/lib/uibuild/standalonelogin/css/login.css?_ver=1688780681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:b8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5de0615c92c275d0815b66f536c8fdec4fc0a9372c89d43ac90d634e7f6daa8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://empfreedommobile.ca/vfslow/lib/uibuild/standalonelogin/css/login.css?_ver=1688780681
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 16:21:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 16 Jul 2023 01:43:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64b34b3f-3a8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4y%2BJ%2B4WrMG13fxAjXsWnHxoF4iK4luzmk1fq0UhhY%2FMsiQBPgB6X587CpJ2RxHgJpxnjbIM6ncimS%2FA6SWJSv4et965SuhGbXY2QgaeIRlg7NRssQBQGNKY%2F%2Bd4%2F5WCBipVsBPFyKEMuruIjpZr9%2B4f6"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7e83d0e44f5954cd-YYZ
alt-svc
h3=":443"; ma=86400
open-sans-400.woff2
empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/fonts/Open-Sans/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/fonts/Open-Sans/open-sans-400.woff2
Requested by
Host: empfreedommobile.ca
URL: https://empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/fonts/open-sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:b8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Request headers

Referer
https://empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/fonts/open-sans.css
Origin
https://empfreedommobile.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 16:21:05 GMT
cf-cache-status
MISS
last-modified
Sun, 16 Jul 2023 01:43:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64b34b3f-382c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Bzry8fj%2FLI9XXE1WLoFyz%2BhuUh9OoLaHwmC64a2YnXGFwwqfa2wIqV8SByCkNRXcENKQJS3RdnrBj%2B40FlRr3x730Ps9CazTUKz3bSNNINu%2FKqv5P73fwALnODupZFMD0fdapm5O3Majn5Z4viOn%2B1I"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e83d0e46f7454cd-YYZ
alt-svc
h3=":443"; ma=86400
content-length
14380
open-sans-300.woff2
empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/fonts/Open-Sans/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/fonts/Open-Sans/open-sans-300.woff2
Requested by
Host: empfreedommobile.ca
URL: https://empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/fonts/open-sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:b8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2

Request headers

Referer
https://empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/fonts/open-sans.css
Origin
https://empfreedommobile.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 16:21:05 GMT
cf-cache-status
MISS
last-modified
Sun, 16 Jul 2023 01:43:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64b34b3f-3a54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rhvo6NuEzb0yQDpcoTaIdYVgjdNvtSF7onHW1I7tWQnPxUwLLVBS9AdW8b4T5%2BeDaIJCOEGyuUSYXlYAsWfG45KcH3%2B9YvBakJp2%2FilGHoObQvarSijpFNqbUHv%2FhLTCoGk5I1kZtFluX2JkwFcSku9b"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e83d0e48f9254cd-YYZ
alt-svc
h3=":443"; ma=86400
content-length
14932
open-sans-700.woff2
empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/fonts/Open-Sans/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/fonts/Open-Sans/open-sans-700.woff2
Requested by
Host: empfreedommobile.ca
URL: https://empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/fonts/open-sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:b8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Request headers

Referer
https://empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/fonts/open-sans.css
Origin
https://empfreedommobile.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 16:21:05 GMT
cf-cache-status
MISS
last-modified
Sun, 16 Jul 2023 01:43:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64b34b3e-3ad0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZJsWrxOxWD65XcOi%2FY0OaiqFGhBTgTdBKyNSip08ldob7uyktO5C4gHZQ563r5Gvdl%2BQJ1BwuPuJlWjTf4bOhmD429KiFVFxrIr7G1OUPdLjNZuzkcPngmFf3BAeLS7hqi%2BIYI27uWG7dmctQ2lFgYP"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e83d0e48f9454cd-YYZ
alt-svc
h3=":443"; ma=86400
content-length
15056
truncated
/ 		21 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bde3f30262ed2df1e570d223cc6b7946ef1fe8b2402309aa88761049682b7e97

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
cyberark-powered-by-shadowed.svg
empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/images//logos/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://empfreedommobile.ca/vfslow/lib/uibuild/compiled/idaptive/production/resources/images//logos/cyberark-powered-by-shadowed.svg?_v=1688780681
Requested by
Host: empfreedommobile.ca
URL: https://empfreedommobile.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:b8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3800c606aa370fec698d323661b5b959fcdbabaa77389cbb6246cec69c91c783

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://empfreedommobile.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 16:21:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 16 Jul 2023 01:43:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64b34b3e-ec1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rZW%2Fz%2BssMAKDUAsNUr59RMvpWLDXzs0WOTBvLUf7c%2Fq9G8Jip9fena8hthvcFevLoDkY6hMm7XtM6lsby4jEojUFWeBNjfjmMvrHmRdXNUqEUI1TCMWfmVBAtAMfZPoZcgoiPXC5oJ4eOxHslLfFjIh"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7e83d0e48f9a54cd-YYZ
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Freedom Mobile (Telecommunication)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| AuthData object| ServerConfig object| $jscomp object| LoginUtil function| LegacyLoginView function| LoginView function| AvgWebLoginView function| SamsungChallengeLoginView function| SamsungPasswordValidationLoginView function| SamsungWebLoginView object| LoginAPI object| StyleUtil object| u2f object| FieldValidation object| LegacyChallengeTemplates object| LegacyEnrollTemplates object| LegacyMobileChallengeTemplates object| LegacyMobileTemplates object| LegacyWebTemplates object| WebTemplates function| ChallengeLoginView function| EnrollLoginView function| LegacyChallengeLoginView function| LegacyEnrollLoginView function| LegacyMobileChallengeLoginView function| LegacyMobileLoginView function| LegacyPasswordValidationLoginView function| LegacyWebLoginView function| MobileChallengeLoginView function| MobileLoginView function| PasswordValidationLoginView function| WebLoginView object| ENGLISH_LOGIN_RESOURCES object| LOGIN_RESOURCES function| LaunchLoginView object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

0 Cookies