urlscan.io logo urlscan.io
SecurityTrails logo

wonderf.info Open in urlscan Pro
195.123.243.47  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://wonderf.info/webmailss/Shaw/
Submission: On March 20 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 35 HTTP transactions. The main IP is 195.123.243.47, located in Ukraine and belongs to LAYER6, UA. The main domain is wonderf.info.
This is the only time wonderf.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Shaw (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
11 195.123.243.47 204957 (LAYER6)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 172.217.21.194 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
35 11
11    195.123.243.47 (Ukraine)

ASN204957 (LAYER6, UA)
PTR: doicvpo.dcxosoe.com
wonderf.info
1    2a00:1450:4001:81c::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com.eg
2    2a00:1450:4001:81e::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
6    172.217.21.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
pagead2.googlesyndication.com
2    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:809::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
3    2a00:1450:4001:815::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
3    2a00:1450:4001:819::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
1    2a00:1450:4001:81d::2014 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
amp-error-reporting.appspot.com
Domain Requested by
11 wonderf.info wonderf.info
6 securepubads.g.doubleclick.net wonderf.info
www.googletagservices.com
securepubads.g.doubleclick.net
3 cdn.ampproject.org securepubads.g.doubleclick.net
3 tpc.googlesyndication.com wonderf.info
securepubads.g.doubleclick.net
2 www.google-analytics.com wonderf.info
2 www.googletagservices.com wonderf.info
securepubads.g.doubleclick.net
2 adservice.google.com wonderf.info
www.googletagservices.com
1 pagead2.googlesyndication.com
1 amp-error-reporting.appspot.com cdn.ampproject.org
1 adservice.google.de www.googletagservices.com
1 adservice.google.com.eg wonderf.info
0 zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com Failed wonderf.info
35 12

This site contains links to these domains. Also see Links.

Domain
www.shaw.ca
business.shaw.ca
community.shaw.ca
my.shaw.ca
signon.shaw.ca
register.shaw.ca
Subject Issuer Validity Valid
*.google.com.eg
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
misc-sni.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.appspot.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://wonderf.info/webmailss/Shaw/
Frame ID: 396CB5BF53FE0AA091F8671343BC41BD
Requests: 29 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011903070012530/amp4ads-v0.js
Frame ID: F7D34A7886A3693E946FD43E4ADC2E54
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^Handlebars$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • env /^Modernizr$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

35
Requests

51 %
HTTPS

80 %
IPv6

11
Domains

12
Subdomains

11
IPs

3
Countries

750 kB
Transfer

1446 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 16
  • http://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=http%3A%2F%2Flocalhost%2Ftest%2F&t=1549684120333 HTTP 307
  • https://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=http%3A%2F%2Flocalhost%2Ftest%2F&t=1549684120333
Request Chain 31
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1457125841&utmhn=wonderf.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sign%20in%20.%20Shaw&utmhid=1353933754&utmr=-&utmp=%2Fwebmailss%2FShaw%2F&utmht=1553099595657&utmac=UA-6191386-23&utmcc=__utma%3D20575294.278549251.1553099595.1553099595.1553099595.1%3B%2B__utmz%3D20575294.1553099596.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1920590435&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1457125841&utmhn=wonderf.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sign%20in%20.%20Shaw&utmhid=1353933754&utmr=-&utmp=%2Fwebmailss%2FShaw%2F&utmht=1553099595657&utmac=UA-6191386-23&utmcc=__utma%3D20575294.278549251.1553099595.1553099595.1553099595.1%3B%2B__utmz%3D20575294.1553099596.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1920590435&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~
Request Chain 32
  • http://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=http%3A%2F%2Fwonderf.info%2Fwebmailss%2FShaw%2F&t=1553099595685 HTTP 307
  • https://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=http%3A%2F%2Fwonderf.info%2Fwebmailss%2FShaw%2F&t=1553099595685

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wonderf.info/webmailss/Shaw/ 		19 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://wonderf.info/webmailss/Shaw/
Protocol
HTTP/1.1
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
4e164b722449ca612e0fd7db6cd6934f3ef620572a7f315d7f264b36bff6ea55

Request headers

Host
wonderf.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:33:14 GMT
Server
Apache
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Accept-Ranges
bytes
Content-Length
19508
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
integrator.js
adservice.google.com.eg/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.eg/adsid/integrator.js?domain=localhost
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:33:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=localhost
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:33:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
combine_signon_136.css
wonderf.info/webmailss/Shaw/css/ 		160 KB
160 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://wonderf.info/webmailss/Shaw/css/combine_signon_136.css
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
HTTP/1.1
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
5ac0d1a87ad5eccf2f71c70cad9a38a11e498cc395f2205d45dd7a4524c6582d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
wonderf.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://wonderf.info/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:33:14 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
163641
pubads_impl_rendering_2019013101.js
securepubads.g.doubleclick.net/gpt/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019013101.js?21063143
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4893b6ab6f829846b2d16d9b09bbcf9422f3719610bd61d2d4682a9115fb9ce1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:33:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Feb 2019 20:17:33 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
23918
x-xss-protection
1; mode=block
expires
Wed, 20 Mar 2019 16:33:14 GMT
gpt.js
www.googletagservices.com/tag/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
68661329a1cd69d6d40894a3531b37e648a4057832a3ab433afc6abd1d64d313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:33:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"112 / 429 of 1000 / last-modified: 1553036242"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
10782
X-XSS-Protection
1; mode=block
Expires
Wed, 20 Mar 2019 16:33:14 GMT
pubads_impl_2019013101.js
securepubads.g.doubleclick.net/gpt/ 		181 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4d9867046e990bd68ab027d5e92df3e32e5d72a09ec3ad0a791ddb8130d0017f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:33:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Feb 2019 20:17:33 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
63420
x-xss-protection
1; mode=block
expires
Wed, 20 Mar 2019 16:33:14 GMT
webmail-desktop.png
wonderf.info/webmailss/Shaw/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wonderf.info/webmailss/Shaw/images/webmail-desktop.png
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
HTTP/1.1
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
27c361265ec07215bcd0373d146e385e13bc62d35cda4f1310faad6dee9eb7b2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
wonderf.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://wonderf.info/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:33:14 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4657
error_button.png
wonderf.info/webmailss/Shaw/images/ 		185 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wonderf.info/webmailss/Shaw/images/error_button.png
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
HTTP/1.1
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
3de0670375c8a9763362d95d2863c6e1e0360fa3f900c4e9b4b1a10194e3fe89

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
wonderf.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://wonderf.info/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:33:14 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
185
helpIcon.png
wonderf.info/webmailss/Shaw/images/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wonderf.info/webmailss/Shaw/images/icons/helpIcon.png
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
HTTP/1.1
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
4a57782e3a025dd4aef0918ddab21ffa7dc69777710836bd1f185ac77a468b37

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
wonderf.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://wonderf.info/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:33:15 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1427
modal-close.png
wonderf.info/webmailss/Shaw/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wonderf.info/webmailss/Shaw/images/modal-close.png
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
HTTP/1.1
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
30b07af0c79b6241e9cd0ac1b56006cefb70b6204d9a1eb98a61b7b73e3fb7a5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
wonderf.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://wonderf.info/webmailss/Shaw/
Cookie
__gads=ID=5e5a86c411f4012f:T=1553099595:S=ALNI_MaIfTS0fMxOr9h_LCtJsp9muHV6WQ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:33:15 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1340
jquery.min.js
wonderf.info/webmailss/Shaw/js/ 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wonderf.info/webmailss/Shaw/js/jquery.min.js
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
HTTP/1.1
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
wonderf.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://wonderf.info/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:33:14 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
94839
combine_signon_136.js
wonderf.info/webmailss/Shaw/js/ 		97 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wonderf.info/webmailss/Shaw/js/combine_signon_136.js
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
HTTP/1.1
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
e0ad5458dbc7bf04431ba5aa06bbc9d2dcb984c22c419c4605a458c3e0c9db8b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
wonderf.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://wonderf.info/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:33:14 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
99059
login-form.shaw.js
wonderf.info/webmailss/Shaw/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wonderf.info/webmailss/Shaw/js/login-form.shaw.js
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
HTTP/1.1
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
90431299afc79f2f07c5bbbc64d9d9c6b3e0613db138e0e1675a5a400e3d3e2e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
wonderf.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://wonderf.info/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:33:15 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
5102
jquery.cookie.js
wonderf.info/webmailss/Shaw/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wonderf.info/webmailss/Shaw/js/jquery.cookie.js
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
HTTP/1.1
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
b3ac405c96e1194eb6ab54b6676028c7380716aa5212a26f1572a845808abd5e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
wonderf.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://wonderf.info/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:33:15 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1911
jquery.base64.min.js
wonderf.info/webmailss/Shaw/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wonderf.info/webmailss/Shaw/js/jquery.base64.min.js
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
HTTP/1.1
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
wonderf.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://wonderf.info/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:33:15 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1782
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
4092
date
Wed, 20 Mar 2019 15:25:03 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17168
expires
Wed, 20 Mar 2019 17:25:03 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
/
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/
Redirect Chain
  • http://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=http%3A%2F%2Flocalhost%2Ftest%2F&t=1549684120333
  • https://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=http%3A%2F%2Flocalhost%2Ftest%2F&t=1549684120333
0
0
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=wonderf.info
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wonderf.info
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_320.js
securepubads.g.doubleclick.net/gpt/ 		160 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_320.js?21063344
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
sffe /
Resource Hash
6a8be2c633707cc4f4330f5fd02a0a4f59f3b0056a10539075a9d72eeab3b6f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2019 17:46:40 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
58711
x-xss-protection
1; mode=block
expires
Wed, 20 Mar 2019 16:33:15 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4415454065360573&correlator=311395781793196&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&json_a=1&eid=21063344%2C21061865%2C21062833%2C21062886%2C21063016&vrg=2019013101&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=0&sfv=1-0-32&iu_parts=6872%2Cwebmail.shaw.ca&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=7&abxe=1&lmt=1551496310&dt=1553099595321&dlt=1553099594419&idt=884&frm=20&biw=1600&bih=1200&oid=3&adxs=879&adys=184&adks=3847475914&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwonderf.info%2Fwebmailss%2FShaw%2F&dssz=12&icsg=699051&std=0&vis=1&scr_x=0&scr_y=0&psz=383x400&msz=310x250&blev=1&bisch=1&ga_vid=278549251.1553099595&ga_sid=1553099595&ga_hid=1353933754&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f6a04ee5aaf58a1e08a408533b218c3f9e013efd00c10af88d95a333a2a35659
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://wonderf.info/webmailss/Shaw/
Origin
http://wonderf.info

Response headers

date
Wed, 20 Mar 2019 16:33:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
4897
x-xss-protection
1; mode=block
google-lineitem-id
4661315958
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138232299730
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://wonderf.info
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019013101.js
securepubads.g.doubleclick.net/gpt/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019013101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4893b6ab6f829846b2d16d9b09bbcf9422f3719610bd61d2d4682a9115fb9ce1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Feb 2019 20:17:33 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
23918
x-xss-protection
1; mode=block
expires
Wed, 20 Mar 2019 16:33:15 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011903070012530/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011903070012530/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
55b898eeb6afc0bd8fbe8c051c5f6c270da59cc140959535beeb07d1c1fd3457
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
992087
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
7952
x-xss-protection
1; mode=block
server
sffe
date
Sat, 09 Mar 2019 04:58:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8e0e5d95e8d8e00a"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Mar 2020 04:58:28 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011903070012530/ Frame F7D3 		268 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011903070012530/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019013101.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4ae79421312711ee05e95e312c741a776e6d37317767f9bccb35cf19900d2053
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
997141
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
86952
x-xss-protection
1; mode=block
server
sffe
date
Sat, 09 Mar 2019 03:34:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1873028a0afeff2a"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Mar 2020 03:34:14 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011903070012530/v0/ Frame F7D3 		135 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011903070012530/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019013101.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
87ee7466a4c44faea154684cd6acc885c4fd82906c2a82598c4fd3435fa37f9a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
1015158
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
43370
x-xss-protection
1; mode=block
server
sffe
date
Fri, 08 Mar 2019 22:33:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"eac4e0c4b459ff03"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Mar 2020 22:33:57 GMT
truncated
/ Frame F7D3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16693a6714e975614583e4790ad63dac9d30deca51fc711683e701e4787c249e

Request headers

Response headers

Content-Type
image/png
osd.js
www.googletagservices.com/activeview/js/current/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ea8709c333523eaa79e47d2670f5bbb49c469bf52de4d4c5d4b83571ec14da65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:33:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1552585448432221"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
27825
X-XSS-Protection
1; mode=block
Expires
Wed, 20 Mar 2019 16:33:15 GMT
11885643988731137303
tpc.googlesyndication.com/simgad/ Frame F7D3 		119 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11885643988731137303
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 04:36:30 GMT
x-content-type-options
nosniff
age
993405
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
119
x-xss-protection
1; mode=block
last-modified
Wed, 02 May 2018 13:19:50 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Mar 2020 04:36:30 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F7D3 		0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0ZUibsL3aDiiI0BDM1RJcYi9WuW90GKHuvlga7mc_aBqYgatD333-CsrDr1vf4TkJ7v4EWFMMGWr8LxFOYW-z6KKlm7Ka-OuPyyMaNM6cSffURBndpoNp9nWE60EryULJ6FnBgCjI8FbBEYuc-OePCnpVMk67psb6u_j7l0Xjk5phr0wwpaFuS79O9Z7_kDVhcGXDT2xyNdl6YDwSQARAtmvpBXdC18qDCc0pR_gBV3UHcQJNb8MvCh4&sai=AMfl-YThaReEJjgKqJIubUQK45B08kxDjelMzwB1rvXPKWinPElYDImYJcx-MMMrnCD1VSM6gDKgHac1PptHE4KYnk20gcoU3haC_aQcZ3P1&sig=Cg0ArKJSzPIxzqTbPPUoEAE&adurl=
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:33:15 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Wed, 20 Mar 2019 16:33:15 GMT
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1457125841&utmhn=wonderf.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sign%20i...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1457125841&utmhn=wonderf.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sign%20...
35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1457125841&utmhn=wonderf.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sign%20in%20.%20Shaw&utmhid=1353933754&utmr=-&utmp=%2Fwebmailss%2FShaw%2F&utmht=1553099595657&utmac=UA-6191386-23&utmcc=__utma%3D20575294.278549251.1553099595.1553099595.1553099595.1%3B%2B__utmz%3D20575294.1553099596.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1920590435&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~
Requested by
Host: wonderf.info
URL: http://wonderf.info/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Mar 2019 16:33:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1457125841&utmhn=wonderf.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sign%20in%20.%20Shaw&utmhid=1353933754&utmr=-&utmp=%2Fwebmailss%2FShaw%2F&utmht=1553099595657&utmac=UA-6191386-23&utmcc=__utma%3D20575294.278549251.1553099595.1553099595.1553099595.1%3B%2B__utmz%3D20575294.1553099596.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1920590435&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~
Non-Authoritative-Reason
HSTS
/
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/
Redirect Chain
  • http://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=http%3A%2F%2Fwonderf.info%2Fwebmailss%2FShaw%2F&t=1553099595685
  • https://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=http%3A%2F%2Fwonderf.info%2Fwebmailss%2FShaw%2F&t=1553099595685
0
0
r
amp-error-reporting.appspot.com/ Frame F7D3 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011903070012530/amp4ads-v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
Origin
http://wonderf.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Mar 2019 16:33:16 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2
activeview
pagead2.googlesyndication.com/pcs/ Frame F7D3 		42 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstW0owh2v1h0HBDG9WdppSpInUU-cG-xMq2CVVO3lA0afgITkbjTi1FRsTtVJSj8GwRn304-BUdRZPDnplgfgy6GYE3jP0EeI-OnQ&sig=Cg0ArKJSzGY2BZqXgsE_EAE&id=ampim&o=879,203&d=1,1&ss=1600,1200&bs=1600,1200&mcvt=1004&mtos=0,0,1004,1004,1004&tos=0,0,1004,0,0&tfs=71&tls=1075&g=100&h=100&pt=75&tt=1076&rpt=75&rst=1553099595400&r=v&adk=3847475914&avms=ampa
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wonderf.info/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Mar 2019 16:33:16 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
URL
https://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=http%3A%2F%2Flocalhost%2Ftest%2F&t=1549684120333
Domain
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
URL
https://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=http%3A%2F%2Fwonderf.info%2Fwebmailss%2FShaw%2F&t=1553099595685

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Shaw (Telecommunication)

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| gptadslots object| googletag function| checkAd object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| GPT_jstiming undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id object| google_reactive_ads_global_state object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| AMP_CONFIG object| log object| AMPErrors boolean| ampInaboxInitialized object| AMP_MODE function| reportError object| AMP function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| $ function| jQuery object| Handlebars function| openChatWindow function| openEmailWindow boolean| supportsTransitions object| analyticsSignon object| analyticsRegisterForgot object| shaw function| init function| showTabs function| checkFailedLogin function| showTabsForRealms function| matchRealmsInRealmsArray function| showRealm function| manageCookie object| submitButton function| manageUserNameInput function| email function| occ function| shawDirect function| showEmailTabActive function| showOCCTabActive function| showShawdirectTabActive function| setAnchorFromURL object| jQuery17207687112368762703 object| html5 object| Modernizr function| yepnope function| displayError function| checkEmpty string| gaJsHost object| _gat object| _gaq object| pageTracker

6 Cookies

Domain/Path Name / Value
.wonderf.info/ Name: __utmb
Value: 20575294.1.10.1553099596
.wonderf.info/ Name: __utmt
Value: 1
.wonderf.info/ Name: __utmz
Value: 20575294.1553099596.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.wonderf.info/ Name: __utma
Value: 20575294.278549251.1553099595.1553099595.1553099595.1
.wonderf.info/ Name: __utmc
Value: 20575294
.wonderf.info/ Name: __gads
Value: ID=5e5a86c411f4012f:T=1553099595:S=ALNI_MaIfTS0fMxOr9h_LCtJsp9muHV6WQ

2 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/011903070012530/amp4ads-v0.js(Line 550)
Message:
Powered by AMP ⚡ HTML – Version 1903070012530
console-api error URL: https://cdn.ampproject.org/rtv/011903070012530/amp4ads-v0.js(Line 140)
Message:
localStorage not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.eg
adservice.google.de
amp-error-reporting.appspot.com
cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
wonderf.info
www.google-analytics.com
www.googletagservices.com
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
172.217.21.194
195.123.243.47
2a00:1450:4001:809::2002
2a00:1450:4001:815::2001
2a00:1450:4001:816::2002
2a00:1450:4001:816::200e
2a00:1450:4001:819::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2014
2a00:1450:4001:81e::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
16693a6714e975614583e4790ad63dac9d30deca51fc711683e701e4787c249e
27c361265ec07215bcd0373d146e385e13bc62d35cda4f1310faad6dee9eb7b2
30b07af0c79b6241e9cd0ac1b56006cefb70b6204d9a1eb98a61b7b73e3fb7a5
3de0670375c8a9763362d95d2863c6e1e0360fa3f900c4e9b4b1a10194e3fe89
4893b6ab6f829846b2d16d9b09bbcf9422f3719610bd61d2d4682a9115fb9ce1
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c
4a57782e3a025dd4aef0918ddab21ffa7dc69777710836bd1f185ac77a468b37
4ae79421312711ee05e95e312c741a776e6d37317767f9bccb35cf19900d2053
4d9867046e990bd68ab027d5e92df3e32e5d72a09ec3ad0a791ddb8130d0017f
4e164b722449ca612e0fd7db6cd6934f3ef620572a7f315d7f264b36bff6ea55
55b898eeb6afc0bd8fbe8c051c5f6c270da59cc140959535beeb07d1c1fd3457
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ac0d1a87ad5eccf2f71c70cad9a38a11e498cc395f2205d45dd7a4524c6582d
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
68661329a1cd69d6d40894a3531b37e648a4057832a3ab433afc6abd1d64d313
6a8be2c633707cc4f4330f5fd02a0a4f59f3b0056a10539075a9d72eeab3b6f5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87ee7466a4c44faea154684cd6acc885c4fd82906c2a82598c4fd3435fa37f9a
90431299afc79f2f07c5bbbc64d9d9c6b3e0613db138e0e1675a5a400e3d3e2e
b3ac405c96e1194eb6ab54b6676028c7380716aa5212a26f1572a845808abd5e
e0ad5458dbc7bf04431ba5aa06bbc9d2dcb984c22c419c4605a458c3e0c9db8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8709c333523eaa79e47d2670f5bbb49c469bf52de4d4c5d4b83571ec14da65
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6a04ee5aaf58a1e08a408533b218c3f9e013efd00c10af88d95a333a2a35659