dawnofmars.com
Open in
urlscan Pro
162.241.30.119
Malicious Activity!
Public Scan
Effective URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Submission: On March 06 via manual from GB — Scanned from GB
Summary
This is the only time dawnofmars.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telus (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 162.241.30.119 162.241.30.119 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
5 | 107.162.138.125 107.162.138.125 | 55002 (DEFENSE-NET) (DEFENSE-NET) | |
1 | 2a04:4e42:200... 2a04:4e42:200::282 | 54113 (FASTLY) (FASTLY) | |
1 2 | 18.66.242.154 18.66.242.154 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 52.222.236.2 52.222.236.2 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a02:26f0:fb:... 2a02:26f0:fb:59e::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
13 | 2600:9000:224... 2600:9000:224a:4c00:12:94b3:c380:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 3 | 54.155.94.243 54.155.94.243 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 95.101.88.192 95.101.88.192 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 13.36.218.177 13.36.218.177 | 16509 (AMAZON-02) (AMAZON-02) | |
2 2 | 54.194.191.134 54.194.191.134 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.228.10.200 54.228.10.200 | 16509 (AMAZON-02) (AMAZON-02) | |
37 | 12 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5925.bluehost.com
dawnofmars.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-154.dus51.r.cloudfront.net
d3gdddol7ipjoy.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-2.fra56.r.cloudfront.net
cdn.telus.digital |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN16509 (AMAZON-02, US)
images.ctfassets.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-94-243.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-88-192.deploy.static.akamaitechnologies.com
fast.telus.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
a.telus.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-10-200.eu-west-1.compute.amazonaws.com
telus.tt.omtrdc.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 4327 |
21 KB |
6 |
telus.com
www.telus.com — Cisco Umbrella Rank: 229186 a.telus.com |
493 KB |
5 |
telus.digital
cdn.telus.digital — Cisco Umbrella Rank: 297570 |
114 KB |
4 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 184 fast.telus.demdex.net |
7 KB |
3 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 515 |
111 KB |
2 |
everesttech.net
2 redirects
cm.everesttech.net — Cisco Umbrella Rank: 878 |
772 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124 |
114 KB |
2 |
cloudfront.net
1 redirects
d3gdddol7ipjoy.cloudfront.net |
788 KB |
2 |
dawnofmars.com
dawnofmars.com |
38 KB |
1 |
omtrdc.net
telus.tt.omtrdc.net — Cisco Umbrella Rank: 407580 |
536 B |
1 |
polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2002 |
655 B |
37 | 11 |
Domain | Requested by | |
---|---|---|
13 | images.ctfassets.net |
dawnofmars.com
|
5 | cdn.telus.digital |
dawnofmars.com
|
5 | www.telus.com |
dawnofmars.com
|
3 | dpm.demdex.net |
1 redirects
assets.adobedtm.com
dawnofmars.com |
3 | assets.adobedtm.com |
dawnofmars.com
assets.adobedtm.com |
2 | cm.everesttech.net | 2 redirects |
2 | connect.facebook.net |
assets.adobedtm.com
connect.facebook.net |
2 | d3gdddol7ipjoy.cloudfront.net |
1 redirects
dawnofmars.com
|
2 | dawnofmars.com |
dawnofmars.com
|
1 | telus.tt.omtrdc.net |
assets.adobedtm.com
|
1 | a.telus.com |
assets.adobedtm.com
|
1 | fast.telus.demdex.net |
assets.adobedtm.com
|
1 | cdn.polyfill.io |
dawnofmars.com
|
37 | 13 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.telus.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-13 - 2022-12-12 |
a year | crt.sh |
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020 |
2021-06-04 - 2022-07-06 |
a year | crt.sh |
cdn.telus.digital DigiCert TLS RSA SHA256 2020 CA1 |
2021-06-15 - 2022-06-20 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-10 - 2022-09-10 |
a year | crt.sh |
images.ctfassets.net Amazon |
2022-02-17 - 2023-03-18 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-12-13 - 2022-03-13 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Frame ID: 86E68188566D8946F9EFA86C524C2CBC
Requests: 36 HTTP requests in this frame
Frame:
http://fast.telus.demdex.net/dest5.html?d_nsid=0
Frame ID: F2DB410A9E7B88AF9617809754773247
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
My TELUS - Log in to manage your TELUS account | TELUSSupportFind a store Contact usSupportFind a store Contact usPage URL History Show full URLs
- http://dawnofmars.com/ Page URL
- http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Prototype (JavaScript Frameworks) Expand
Detected patterns
- (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
React (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+data-react
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Page Statistics
38 Outgoing links
These are links going to different origins than the main page.
Title: Personal
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Health
Search URL Search Domain Scan URL
Title: Agriculture
Search URL Search Domain Scan URL
Title: Social Impact
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: My TELUS
Search URL Search Domain Scan URL
Title: Forgot your username?
Search URL Search Domain Scan URL
Title: Forgot your password?
Search URL Search Domain Scan URL
Title: Create a My TELUS account
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: SupportSupport
Search URL Search Domain Scan URL
Title: Find a store Find a store
Search URL Search Domain Scan URL
Title: Contact usContact us
Search URL Search Domain Scan URL
Title: TELUS’ commitments to Reconciliation
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: About Us
Search URL Search Domain Scan URL
Title: TELUS Digital
Search URL Search Domain Scan URL
Title: The Network that gives back
Search URL Search Domain Scan URL
Title: TELUS & CRTC Wireless Code
Search URL Search Domain Scan URL
Title: Privacy / Cookies
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Service Terms
Search URL Search Domain Scan URL
Title: User Terms
Search URL Search Domain Scan URL
Title: Policies
Search URL Search Domain Scan URL
Title: TELUS Service Status
Search URL Search Domain Scan URL
Title: Neighbourhood
Search URL Search Domain Scan URL
Title: Order Status
Search URL Search Domain Scan URL
Title: Social Impact
Search URL Search Domain Scan URL
Title: TELUS Procurement
Search URL Search Domain Scan URL
Title: TELUS International
Search URL Search Domain Scan URL
Title: TELUS Webmail
Search URL Search Domain Scan URL
Title: TELUS Wise
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://dawnofmars.com/ Page URL
- http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- http://d3gdddol7ipjoy.cloudfront.net/lib/chat/latest/js/chat_widget_component.js HTTP 301
- https://d3gdddol7ipjoy.cloudfront.net/lib/chat/latest/js/chat_widget_component.js
- http://cm.everesttech.net/cm/dd?d_uuid=74139629586061895791523221613240233390 HTTP 301
- https://cm.everesttech.net/cm/dd?d_uuid=74139629586061895791523221613240233390 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiRanAAAAKDq6gQz HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YiRanAAAAKDq6gQz
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
dawnofmars.com/ |
134 B 439 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
indexx.php
dawnofmars.com/ |
114 KB 38 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles_03d9f66a4b4cbc9c12d2.css
www.telus.com/telus-login/static/ |
69 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor_7943e3c78ff77357d85a.js
www.telus.com/telus-login/static/ |
394 KB 158 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle_2ed4f7d5ed764d7ce5da.js
www.telus.com/telus-login/static/ |
581 KB 198 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.js
cdn.polyfill.io/v3/ |
306 B 655 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chat_widget_component.js
d3gdddol7ipjoy.cloudfront.net/lib/chat/latest/js/ Redirect Chain
|
3 MB 787 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aff68211-86bb-476d-882e-f7a3face144c.woff2
cdn.telus.digital/thorium/core/fonts/ |
49 KB 50 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b8765d4b-d9a3-48b9-ac65-560e7517cf0e.woff2
cdn.telus.digital/thorium/core/fonts/etext/ |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dc50c02f-3f77-4e75-b89c-e3f9bb4752e6.woff2
cdn.telus.digital/thorium/core/fonts/etext/ |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3e8a8b56-3cb0-4347-b670-eaaf06b76e9b.woff2
cdn.telus.digital/thorium/core/fonts/etext/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core-icons.woff2
cdn.telus.digital/thorium/core/v0.4.0/ |
4 KB 5 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js
assets.adobedtm.com/ |
308 KB 89 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo_TELUS.svg
images.ctfassets.net/fikanzmkdlqn/3yUnySNpS8IS4CeyUeWgeg/5bcfa9c592acfe591f26d85f6820fa5f/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grass.png
www.telus.com/telus-login/static/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone.png
www.telus.com/telus-login/static/ |
85 KB 86 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Download_on_the_App_Store_Badge-2.svg
images.ctfassets.net/fikanzmkdlqn/63wh5ooIuS1xgB8xAHwvQz/d1a390b7c4b88e14941c305e0b2b80ab/ |
12 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google-play-badge.svg
images.ctfassets.net/fikanzmkdlqn/0oRZngdLGyvTYwGZPBxFD/e19a15c77ae3604400033a24c60d4336/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube_grey.png
images.ctfassets.net/fikanzmkdlqn/3UT98RTJqlPOosADIS0zvT/9b3533f1f427f80a1d0d94b88a46838a/ |
575 B 932 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin_black.png
images.ctfassets.net/fikanzmkdlqn/1P6VE6ZOJAU3W1ULhZGHg9/4142a65944018d05ea97a32330a87cce/ |
485 B 841 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram_black.png
images.ctfassets.net/fikanzmkdlqn/YBVTvLZlG6HIyhZDqq2Lg/a3bd363759a87b4547b77763c0795ee6/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_twitter.png
images.ctfassets.net/fikanzmkdlqn/hkD1lmVshb1MQ0edzfRwT/aaa832db728d65c28f59745787e15711/ |
899 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-facebook.png
images.ctfassets.net/fikanzmkdlqn/7oy6SUxAHZmOiicDcj7xd0/f7d6573ddf1fdff72aaa8dfadacb52fc/ |
666 B 1021 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
youtube_grey.png
images.ctfassets.net/fikanzmkdlqn/3UT98RTJqlPOosADIS0zvT/9b3533f1f427f80a1d0d94b88a46838a/ |
575 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linkedin_black.png
images.ctfassets.net/fikanzmkdlqn/1P6VE6ZOJAU3W1ULhZGHg9/4142a65944018d05ea97a32330a87cce/ |
485 B 1002 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instagram_black.png
images.ctfassets.net/fikanzmkdlqn/YBVTvLZlG6HIyhZDqq2Lg/a3bd363759a87b4547b77763c0795ee6/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_twitter.png
images.ctfassets.net/fikanzmkdlqn/hkD1lmVshb1MQ0edzfRwT/aaa832db728d65c28f59745787e15711/ |
899 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-facebook.png
images.ctfassets.net/fikanzmkdlqn/7oy6SUxAHZmOiicDcj7xd0/f7d6573ddf1fdff72aaa8dfadacb52fc/ |
666 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP143333dab9bb4582a773c81f3a840074/ |
33 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
fast.telus.demdex.net/ Frame F2DB |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
a.telus.com/ |
48 B 696 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Redirect Chain
|
42 B 943 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1415433098759990
connect.facebook.net/signals/config/ |
308 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
json
telus.tt.omtrdc.net/m2/telus/mbox/ |
96 B 536 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EP143333dab9bb4582a773c81f3a840074/ |
27 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telus (Telecommunication)27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| structuredClone object| oncontextlost object| oncontextrestored object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| fbq function| _fbq object| visitor object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s string| hasFired function| AppMeasurement_Module_AudienceManagement function| DIL8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dawnofmars.com/ | Name: mboxResponses Value: %5B%5D |
|
.dawnofmars.com/ | Name: check Value: true |
|
dawnofmars.com/ | Name: AMCVS_67A50FC0539F0BBD0A490D45%40AdobeOrg Value: 1 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~YiRanAAAAKDq6gQz |
|
.demdex.net/ | Name: demdex Value: 78674079843198080640445433187084537542 |
|
.dawnofmars.com/ | Name: mbox Value: session#53fcf9698bfa4c129f91b11beb079d0c#1646551523|PC#53fcf9698bfa4c129f91b11beb079d0c.37_0#1709794463 |
|
.dpm.demdex.net/ | Name: dpm Value: 78674079843198080640445433187084537542 |
|
dawnofmars.com/ | Name: AMCV_67A50FC0539F0BBD0A490D45%40AdobeOrg Value: -1712354808%7CMCIDTS%7C19058%7CMCMID%7C74160995519953361651525425852565453888%7CMCAAMLH-1647154462%7C6%7CMCAAMB-1647154462%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1646556862s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19065%7CvVersion%7C4.3.0 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.telus.com
assets.adobedtm.com
cdn.polyfill.io
cdn.telus.digital
cm.everesttech.net
connect.facebook.net
d3gdddol7ipjoy.cloudfront.net
dawnofmars.com
dpm.demdex.net
fast.telus.demdex.net
images.ctfassets.net
telus.tt.omtrdc.net
www.telus.com
107.162.138.125
13.36.218.177
162.241.30.119
18.66.242.154
2600:9000:224a:4c00:12:94b3:c380:93a1
2a02:26f0:fb:59e::1e80
2a03:2880:f02d:100:face:b00c:0:3
2a04:4e42:200::282
52.222.236.2
54.155.94.243
54.194.191.134
54.228.10.200
95.101.88.192
05df6749b40aa1b53f7df9192666e1cc8fefc41b4e4fac0d0a60272e0ca4c67b
089357ed2af64609f30dfdeaf6ad88944a3f1e9e80b25f29935e7c4c209e8596
15320a61c226ce529acf988e7c5c6aafd879ffe649f52d2c85b09905e551e6d5
1fe69a53b80d3d6812605112439dfc8f3f18961b5500e4be894c008d90f36eb8
3ad77ff4c28dc4a08c6cd1becd3d22dceab81d6b34e2401255f759b5f6bf3662
4e8ca1b1af11367b1fd07e792d1917d86cd675e4ffe55e5b8fe6c0a81be33783
56b0625243f403285df4a6ec2b3bb68b17501a6a95ba30252a917c06d4395f58
5a6c0623bd497827f7939c0527ab371d852336c10b599de0e5a7b2558238dff9
5a729421e7c4f8f3f34978287eea2dd6c287a0a21c683f217f08b2962a084147
5bb3ee539bf3f0c7583a4228ab4594dc2f7cb3ba57baa83082a6ac82b2e70f7b
726b4339c7bca67dbba88d1f121857e2130d7ac194df7a512461ae621cfc2ff1
762106d664b68625bebfb51bdca3f518d54a23b23852e805180cd69a4db03892
7adbc085f4ca58718317d3c12bafe06e65bffc31b1310d5ef3a005f18155e554
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
84d4db6313fb22cea11f29bf7606e15d7402def53d98ad3a455ba239b91d1815
8b0bdf7c73676fe438bc4f9309ef96057fe04ab5756de3e0af6a443675f975fa
8ee0779d3b4df5a0acc07553641f93bfe71627178d72df4f523e1be58cfccceb
92aa7cd51cb613f9cc5d189ba2347703ac1cad37115ae545672ca7d5a5162e82
a616b9791d131303600202aadd912ea7971fa0bd0b4bb581619638212eb13d1e
ad992343effac3f561ea1ff167aa2cce3d152dca2e884377d68de0f4081242a5
bfa4124bc3a91dbcecc3fa1034666ac5e3b773c453b6383a3f37ce1ebbbe723d
bfa5287428dea9f2a7b12e3130dd1848e5a9711d4ac92e600394b2c07f8769db
cbe1b0f1185a0b862a1e9ed248098ff59f79de8c00cd0ea2dd873023e704d3f4
d6493b314efed0bbb50a1c152735904e998bc7e6dd0d693d0faef11825b07d0b
d8985cae9eda7ce2bb937053b26c94a391b53c4e2563ed77c6527db0e41a16e4
de6a5ec49457a455533ff3086c3ee8b3c994c5988044fbd148e86f1d51a3b3c8
e74b4b79aabd526c2419166103be05e4685bd5a557bae7315b058aeb0d213e74
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
f776d0dfb485629c7351534355429068fd43071b7613e3d2042986fd5b5bf46c
ffe4337649e5c901cc03b21952f66fc1b38b8226aad7d70d13830ee15777765f