my.shaw-bills.com
Open in
urlscan Pro
23.254.142.141
Malicious Activity!
Public Scan
URL:
https://my.shaw-bills.com/
Submission: On March 09 via api from US — Scanned from US
Submission: On March 09 via api from US — Scanned from US
Summary
This website contacted 17 IPs
in 3 countries
across 16 domains to perform 45 HTTP transactions.
The main IP is 23.254.142.141, located in
Orlando, United States and
belongs to HOSTWINDS, US.
The main domain is my.shaw-bills.com.
TLS certificate: Issued by R3 on March 9th 2023. Valid for: 3 months.
This is the only time my.shaw-bills.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on March 9th 2023. Valid for: 3 months.
This is the only time my.shaw-bills.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Shaw (Telecommunication)Domain & IP information
1
23.254.142.141
(Orlando, United States)
ASN54290 (HOSTWINDS, US)
PTR: client-23-254-142-141.hostwindsdns.com
ASN54290 (HOSTWINDS, US)
PTR: client-23-254-142-141.hostwindsdns.com
| my.shaw-bills.com |
15
96.6.31.14
(Secaucus, United States)
ASN16625 (AKAMAI-AS, US)
PTR: a96-6-31-14.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a96-6-31-14.deploy.static.akamaitechnologies.com
| signin.shaw.ca |
3
54.172.104.243
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-104-243.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-104-243.compute-1.amazonaws.com
| dpm.demdex.net |
2
108.138.128.2
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-2.jfk50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-2.jfk50.r.cloudfront.net
| cdn.appdynamics.com |
1
54.171.51.57
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-51-57.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-51-57.eu-west-1.compute.amazonaws.com
| rum-collector-2.pingdom.net |
1
18.164.116.94
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-94.jfk50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-94.jfk50.r.cloudfront.net
| t.contentsquare.net |
3
104.17.209.240
(None, )
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com | |
| siteintercept.qualtrics.com |
1
34.238.201.160
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-201-160.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-201-160.compute-1.amazonaws.com
| datacloud.tealiumiq.com |
1
52.207.31.79
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-31-79.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-31-79.compute-1.amazonaws.com
| shaw.demdex.net |
1
52.44.199.107
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-199-107.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-199-107.compute-1.amazonaws.com
| cm.everesttech.net |
1
63.140.38.113
(United States)
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-113.data.adobedc.net
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-113.data.adobedc.net
| shawtelevision.112.2o7.net |
2
52.0.156.250
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
| loadm.exelator.com |
2
142.250.65.162
(United States)
ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
| cm.g.doubleclick.net |
1
52.10.185.240
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-185-240.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-185-240.us-west-2.compute.amazonaws.com
| col.eum-appdynamics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 15 |
shaw.ca
signin.shaw.ca — Cisco Umbrella Rank: 731436 |
144 KB |
| 9 |
tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1022 |
424 KB |
| 4 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 200 shaw.demdex.net — Cisco Umbrella Rank: 191295 |
6 KB |
| 3 |
exelator.com
2 redirects
loadm.exelator.com — Cisco Umbrella Rank: 1419 load77.exelator.com — Cisco Umbrella Rank: 3271 |
2 KB |
| 3 |
doubleclick.net
2 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 |
1 KB |
| 3 |
qualtrics.com
zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com — Cisco Umbrella Rank: 832971 siteintercept.qualtrics.com — Cisco Umbrella Rank: 950 |
25 KB |
| 2 |
appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 3458 |
61 KB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 24 |
20 KB |
| 2 |
pingdom.net
rum-static.pingdom.net — Cisco Umbrella Rank: 5053 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 4750 |
3 KB |
| 1 |
eum-appdynamics.com
col.eum-appdynamics.com — Cisco Umbrella Rank: 2773 |
733 B |
| 1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
408 B |
| 1 |
2o7.net
shawtelevision.112.2o7.net |
344 B |
| 1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1019 |
517 B |
| 1 |
tealiumiq.com
datacloud.tealiumiq.com — Cisco Umbrella Rank: 8048 |
748 B |
| 1 |
contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3253 |
99 KB |
| 1 |
shaw-bills.com
my.shaw-bills.com |
4 KB |
| 45 | 16 |
| Domain | Requested by | |
|---|---|---|
| 15 | signin.shaw.ca |
my.shaw-bills.com
signin.shaw.ca |
| 9 | tags.tiqcdn.com |
signin.shaw.ca
tags.tiqcdn.com |
| 3 | dpm.demdex.net |
tags.tiqcdn.com
|
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | loadm.exelator.com | 2 redirects |
| 2 | siteintercept.qualtrics.com |
zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com
cdn.appdynamics.com |
| 2 | cdn.appdynamics.com |
tags.tiqcdn.com
cdn.appdynamics.com |
| 2 | www.google-analytics.com |
tags.tiqcdn.com
|
| 1 | col.eum-appdynamics.com |
cdn.appdynamics.com
|
| 1 | load77.exelator.com | |
| 1 | www.google.com | |
| 1 | shawtelevision.112.2o7.net | |
| 1 | cm.everesttech.net | 1 redirects |
| 1 | shaw.demdex.net |
tags.tiqcdn.com
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | datacloud.tealiumiq.com |
tags.tiqcdn.com
|
| 1 | zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com |
tags.tiqcdn.com
|
| 1 | t.contentsquare.net |
tags.tiqcdn.com
|
| 1 | rum-collector-2.pingdom.net |
rum-static.pingdom.net
|
| 1 | rum-static.pingdom.net |
tags.tiqcdn.com
|
| 1 | my.shaw-bills.com | |
| 45 | 21 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.shaw.ca |
| business.shaw.ca |
| webmail.shaw.ca |
| register.shaw.ca |
| register.shawdirect.ca |
| community.shaw.ca |
| www.shawdirect.ca |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| my.shaw-bills.com R3 |
2023-03-09 - 2023-06-07 |
3 months | crt.sh |
| san.shaw.ca DigiCert TLS RSA SHA256 2020 CA1 |
2022-12-10 - 2023-12-13 |
a year | crt.sh |
| tags.tiqcdn.com Amazon RSA 2048 M02 |
2023-03-01 - 2023-06-16 |
4 months | crt.sh |
| pingdom.net Cloudflare Inc ECC CA-3 |
2022-11-13 - 2023-11-13 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-02-20 - 2023-05-15 |
3 months | crt.sh |
| *.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
| *.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-17 - 2023-07-22 |
a year | crt.sh |
| *.pingdom.net Amazon RSA 2048 M01 |
2023-02-10 - 2023-12-20 |
10 months | crt.sh |
| t.contentsquare.net Amazon RSA 2048 M01 |
2023-02-21 - 2023-11-11 |
9 months | crt.sh |
| *.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-04 - 2023-05-04 |
a year | crt.sh |
| *.tealiumiq.com Amazon RSA 2048 M01 |
2023-03-01 - 2023-09-23 |
7 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-02-20 - 2023-05-15 |
3 months | crt.sh |
| *.112.2o7.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-04-08 - 2023-04-20 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2023-02-20 - 2023-05-15 |
3 months | crt.sh |
| *.eum-appdynamics.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-14 - 2023-07-15 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://my.shaw-bills.com/
Frame ID: B8C2CDA46C043AABB121F145A1B196EE
Requests: 42 HTTP requests in this frame
Frame:
https://shaw.demdex.net/dest5.html?d_nsid=0
Frame ID: 1B70803BABE7367BC3811EBC615903A7
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Sign On - ShawDetected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AppDynamics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adrum
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
URL: http://www.shaw.ca/store/
Search URL Search Domain Scan URL
URL: https://business.shaw.ca/
Search URL Search Domain Scan URL
URL: http://webmail.shaw.ca/
Title: Webmail
Title: Webmail
Search URL Search Domain Scan URL
URL: https://www.shaw.ca/contact-us/
Search URL Search Domain Scan URL
URL: https://register.shaw.ca/
Title: create a Shaw ID
Title: create a Shaw ID
Search URL Search Domain Scan URL
URL: https://register.shawdirect.ca/direct?lang=en
Title: create a Shaw ID instead.
Title: create a Shaw ID instead.
Search URL Search Domain Scan URL
URL: https://register.shawdirect.ca/direct?lang=fr
Title: créer un identifiant Shaw à la place.
Title: créer un identifiant Shaw à la place.
Search URL Search Domain Scan URL
URL: https://community.shaw.ca/docs/DOC-14645
Search URL Search Domain Scan URL
URL: http://www.shawdirect.ca/english/support/article/9705/
Search URL Search Domain Scan URL
URL: https://register.shaw.ca/forgotshawid
Title: Retrieve your Shaw ID
Title: Retrieve your Shaw ID
Search URL Search Domain Scan URL
URL: https://register.shaw.ca/forgotpassword
Title: Reset your password
Title: Reset your password
Search URL Search Domain Scan URL
URL: https://register.shawdirect.ca/forgotshawid?lang=en
Title: Retrieve your Shaw ID
Title: Retrieve your Shaw ID
Search URL Search Domain Scan URL
URL: https://register.shawdirect.ca/forgotpassword?lang=en
Title: Reset your password
Title: Reset your password
Search URL Search Domain Scan URL
URL: https://register.shawdirect.ca/forgotshawid?lang=fr
Title: Identifiant Shaw
Title: Identifiant Shaw
Search URL Search Domain Scan URL
URL: https://register.shawdirect.ca/forgotpassword?lang=fr
Title: mot de passe
Title: mot de passe
Search URL Search Domain Scan URL
URL: http://www.shaw.ca/privacy-policy/
Search URL Search Domain Scan URL
URL: http://www.shaw.ca/terms-of-use/
Search URL Search Domain Scan URL
URL: http://www.shaw.ca/accessibility/
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 36- https://cm.everesttech.net/cm/dd?d_uuid=77371306239036800881584551472074068287 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZAoESgAAADrvFQMv
- https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=77371306239036800881584551472074068287 HTTP 302
- https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=77371306239036800881584551472074068287&xl8blockcheck=1 HTTP 302
- https://load77.exelator.com/pixel.gif
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzczNzEzMDYyMzkwMzY4MDA4ODE1ODQ1NTE0NzIwNzQwNjgyODc= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzczNzEzMDYyMzkwMzY4MDA4ODE1ODQ1NTE0NzIwNzQwNjgyODc=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEK041GIG5SU3DeoHrzecmps&google_cver=1?gdpr=0&gdpr_consent=
45 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
my.shaw-bills.com/ |
35 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
signin.shaw.ca/assets/css/ |
119 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
consolidated-style.css
signin.shaw.ca/assets/css/ |
143 KB 64 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
consolidated-masthead.css
signin.shaw.ca/assets/css/ |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
consolidated-footer.css
signin.shaw.ca/assets/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modal-close.png
signin.shaw.ca/assets/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
questionmark.png
signin.shaw.ca/assets/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-help-blue-bkgd.png
signin.shaw.ca/assets/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
error_button.png
signin.shaw.ca/assets/images/ |
185 B 323 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
signin.shaw.ca/assets/js/ |
84 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
signin.shaw.ca/assets/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
consolidated-script.js
signin.shaw.ca/assets/js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
masthead_webmail.png
signin.shaw.ca/assets/images/ |
520 B 657 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
masthead_contact.png
signin.shaw.ca/assets/images/ |
400 B 537 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
myshaw-logo.png
signin.shaw.ca/assets/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon_help.png
signin.shaw.ca/assets/images/ |
705 B 843 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
128 KB 129 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prum.min.js
rum-static.pingdom.net/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.8.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
69 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.9.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
23 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.12.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
168 KB 168 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.14.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.44.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.53.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.57.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
752 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adrum-latest.js
cdn.appdynamics.com/adrum/ |
110 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
beacon.gif
rum-collector-2.pingdom.net/img/ |
0 213 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b829dc86-7600-47e9-8cf6-4eb0c3528c7a.js
t.contentsquare.net/uxa/ |
376 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
i.gif
datacloud.tealiumiq.com/shaw/main/2/ |
43 B 748 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 412 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
2 B 348 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
www.google-analytics.com/ |
35 B 193 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
13.884592655f8e03c201b2.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
63 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
shaw.demdex.net/ Frame 1B70 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=ZAoESgAAADrvFQMv
dpm.demdex.net/ Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s51900546034573
shawtelevision.112.2o7.net/b/ss/shawutsdevelopment/1/JS-2.22.3/ |
43 B 344 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adrum-ext.bb4998b9fa08203795298c5909e8245d.js
cdn.appdynamics.com/ |
53 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
10 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel.gif
load77.exelator.com/ Frame 1B70 Redirect Chain
|
43 B 346 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEK041GIG5SU3DeoHrzecmps&google_cver=1
dpm.demdex.net/ Frame 1B70 Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/APP_KEY_NOT_SET/ |
0 733 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Shaw (Telecommunication)123 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless function| $ function| jQuery string| siteName string| pageCode string| utag_url object| utag_data function| modifyLinksForDirect function| openChatWindow function| openEmailWindow function| openDirectChatWindow function| openDirectChatWindowFr function| openDirectEmailWindow function| openDirectEmailWindowFr function| closeNav function| signInClicked function| openHelp function| openVodRegister function| openVodLearnMore function| openVodForgot function| openTveLearnMore function| openAkamaiEnGetStartedNowClick function| openAkamaiFrGetStartedNowClick function| openAkamaiCreateShawIdClick function| openAkamaiForgetShawIdClick function| openModal function| checkButtonEnable function| getParameterByName function| setAnalyticsCallData function| detectDevice function| isBrowserSupported object| errMsg boolean| utag_condload object| utag function| loadLibrary object| _prum function| get_url_param function| geoip function| order_total function| order_id function| order_currency function| rgu_count function| product_names function| product_order_types function| lead_form_name function| lead_form_name_clean function| eoid function| is_thanks boolean| __tealium_twc_switch function| get_geo function| aid_prioritize function| cid_prioritize function| tealium_enrichment object| deviceDetector function| clickTrackEvent string| ClickTalePIISelector function| translate_id object| qualified_audiences object| sorted_audience object| priotized_audience_list object| qualified_contentid object| sorted_contentid object| priotized_contentid_list object| adobe function| Visitor string| GoogleAnalyticsObject function| ga object| s function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in number| s_objectID number| s_giq object| _uxa object| sobject function| MediaHeartbeat function| MediaHeartbeatConfig function| MediaHeartbeatDelegate function| TealiumMediaHeartbeatDelegate object| ADB number| c string| ZN_eEBGNDcL8eo8iX3_ed string| ZN_eEBGNDcL8eo8iX3_sampleRate string| ZN_eEBGNDcL8eo8iX3_url object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.84.1 object| s_Obj function| s_PPVevent number| s_PPVt object| s_i_shawutsdevelopment object| ADRUM number| adrum-start-time object| CS_CONF object| CS_INTEGRATIONS_CONF object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| UXAnalytics object| _qsie23 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .shaw-bills.com/ | Name: _cs_mk Value: 0.08891458527254592_1678378057513 |
|
| .shaw-bills.com/ | Name: _ga Value: GA1.2.1456337804.1678378058 |
|
| .shaw-bills.com/ | Name: _gid Value: GA1.2.210177534.1678378058 |
|
| .shaw-bills.com/ | Name: _gat_tealium_0 Value: 1 |
|
| .demdex.net/ | Name: demdex Value: 77371306239036800881584551472074068287 |
|
| .shaw-bills.com/ | Name: AMCVS_5F34123F5245B4A70A490D45%40AdobeOrg Value: 1 |
|
| .shaw-bills.com/ | Name: p_url Value: https%3A%2F%2Fmy.shaw-bills.com%2F |
|
| .shaw-bills.com/ | Name: s_nr Value: 1678378057764-New |
|
| .shaw-bills.com/ | Name: gpv Value: login%7Cmyacct-cable-web |
|
| .shaw-bills.com/ | Name: s_ppvl Value: %5B%5BB%5D%5D |
|
| .shaw-bills.com/ | Name: s_depth Value: 1 |
|
| .shaw-bills.com/ | Name: s_cc Value: true |
|
| .tealiumiq.com/ | Name: TAPID Value: shaw/main>0186c720be9b000944357f05002703073001a06b00b08| |
|
| .shaw-bills.com/ | Name: utag_main Value: v_id:0186c720be9b000944357f05002703073001a06b00b08$_sn:1$_se:1$_ss:1$_st:1678379857374$ses_id:1678378057374%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:shaw-bills.com$dc_visit:1$dc_event:1%3Bexp-session$dc_region:us-east-1%3Bexp-session |
|
| my.shaw-bills.com/ | Name: QSI_HistorySession Value: https%3A%2F%2Fmy.shaw-bills.com%2F~1678378057986 |
|
| .shaw-bills.com/ | Name: s_ppv Value: login%257Cmyacct-cable-web%2C100%2C100%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CL |
|
| .demdex.net/ | Name: dextp Value: 3-1-1678378058029|771-1-1678378058130 |
|
| .exelator.com/ | Name: EE Value: "ea6491d87c033daf3e55bbe8caf079e5" |
|
| .exelator.com/ | Name: ud Value: "eJxrXxzq6XKLQSE10czE0jDFwjzZwNg4JTHNONXUNCkp1SI5Mc3A3DLVdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQcEl%252BUWb6otDgxUUpaQyLSopPBR9OngAA1M8q%252FQ%253D%253D" |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~ZAoESgAAADrvFQMv |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUkl-PFgQNMwfTbgEX4uWcV0auD-SKxsc81RTEDk8rIHBHF98wegTlQoLe-ZJpo |
|
| .dpm.demdex.net/ | Name: dpm Value: 77371306239036800881584551472074068287 |
|
| .shaw-bills.com/ | Name: AMCV_5F34123F5245B4A70A490D45%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19426%7CMCMID%7C77131245364546035321560567100347954283%7CMCAAMLH-1678982857%7C7%7CMCAAMB-1678982857%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1678385257s%7CNONE%7CMCSYNCSOP%7C411-19433%7CvVersion%7C5.2.0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.appdynamics.com
cm.everesttech.net
cm.g.doubleclick.net
col.eum-appdynamics.com
datacloud.tealiumiq.com
dpm.demdex.net
load77.exelator.com
loadm.exelator.com
my.shaw-bills.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
shaw.demdex.net
shawtelevision.112.2o7.net
signin.shaw.ca
siteintercept.qualtrics.com
stats.g.doubleclick.net
t.contentsquare.net
tags.tiqcdn.com
www.google-analytics.com
www.google.com
zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com
104.17.209.240
108.138.128.2
142.250.65.162
18.164.116.94
23.254.142.141
2600:9000:23ca:6c00:7:2bfb:7c00:93a1
2606:4700:10::6816:3768
2607:f8b0:4004:c1b::9a
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::2004
2a02:6ea0:c400::11
34.238.201.160
52.0.156.250
52.10.185.240
52.207.31.79
52.44.199.107
54.171.51.57
54.172.104.243
63.140.38.113
96.6.31.14
037fe3005d6b17146f109692c246b263a2a79ddb7283ae268936061383b04a4f
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1852b6d7d354ca8cf0351233e2a0defe5c3076a72ae0b42457b68668abf0bb1b
1d5cfe14d65accc4bd1df0d7c3bb65be70d0f4e94a5f9d40465343a2807548ae
24a30c46660b5da2ff939d429f4148adb8419a607081a6c75551dc4394b04bcb
274778694b546ecf5358dce687bcbc8a24431e27755d93d303dd0a3fea6843a1
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30b07af0c79b6241e9cd0ac1b56006cefb70b6204d9a1eb98a61b7b73e3fb7a5
33985c672627f4762e520066f83bb4e3728719ffed7641888b702587d1b5a693
34f87f1dc5bf8168d41f1ba29a11a6952a75d9dc62a2a53f960f79811d575fb2
3de0670375c8a9763362d95d2863c6e1e0360fa3f900c4e9b4b1a10194e3fe89
4736ab13de4022e81368ecb037e79a64b21f651d6c754b2d64214ffb65945546
4eb21eb21da4496feacb2bfffdd8fd5141e55722aeca62317ac1a7e023030169
54943ee955893329bfc53146be34221baa2e76d7980a6531016e6f7ed6936c61
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ad09b9161e1abea918c16dd0c0fd21a3daaabece5ec6332249731a0107e28b5
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
614d39f4274ca8032f469c43df74c5af86bd4253c9f52108a18525d112420e0b
6df486ea6e03946f2f54d3520f748119852867965ac98da46cd1a8891b4a305e
6ec9c2368898735110979395728ff5deb81a4ee216153e046a137dd3125722b2
7486020708eb6170eaa03c3104b820ea03ef0264a1bdec1fe0e3d37c177fa14c
7be2be9134c8b9eca3b5d3eecade23587a99b748f4617883c3fa16dcde0dac0b
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8085ad712d0b84fcdd5c4a35911e8c63dfccfe3c30453b5a874c4177f0929b8e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a75553d642732a5847a602907afc814edf0f73147fb1bf6b6e92611ef8c16c0
8db644f3efb6feb22c47e9f28ceb754b01ab76f3cd7531db38aeef1e19f4b376
8fd80b99ee0cfd4cc62295e31ea7e22f81919aa86fa645f35a043497191d6cae
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
bb5bd9a54df34684b0240f80c557a1f30a96781f689fa0b3b69fad0099f9c769
c0061e75763887d3058b37ab18e22adb27f01d2df4f0c74aeb6552269a1988cb
c8931fcf8b2e41e21f06ba1f2e920b8767bd32241300899add925fa9e72860a5
d9c69594744647024b8797524eae0a935b2cb63ae1948e1d44fe4575d5d103c7
db4d14963080317a8207e978fb259c6f0a5a5260ca566ffdcc13233d2e12e8ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2a9aba22bfbb8d136886a5132fb6a792c27788e24e1b634252ecc5648e1680
ec51af52b6cd0605a0a294e423c2dda442fd996d751e29b46b9ed65f4d0ea9e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00ad3d529b0a5972933c983b166e0ea4c9ff0276c34feb58f8307d3731bd934