urlscan.io logo urlscan.io
SecurityTrails logo

104.168.173.248 Open in urlscan Pro
104.168.173.248  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://104.168.173.248/start.html
Submission: On April 25 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 8 countries across 16 domains to perform 43 HTTP transactions. The main IP is 104.168.173.248, located in United States and belongs to HOSTWINDS, US. The main domain is 104.168.173.248.
This is the only time 104.168.173.248 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Shaw (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
2 104.168.173.248 54290 (HOSTWINDS)
9 24.244.7.145 6327 (SHAW)
11 23.45.60.174 20940 (AKAMAI-ASN1)
1 2404:6800:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 104.17.208.240 13335 (CLOUDFLAR...)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 18.65.181.62 16509 (AMAZON-02)
1 13.225.173.32 16509 (AMAZON-02)
3 35.73.132.106 16509 (AMAZON-02)
1 52.198.51.78 16509 (AMAZON-02)
1 1 54.254.87.92 16509 (AMAZON-02)
1 63.140.50.108 16509 (AMAZON-02)
2 2 3.114.95.219 16509 (AMAZON-02)
1 2a02:6ea0:d60... 60068 (CDN77 ^_^)
2 2 172.217.161.66 15169 (GOOGLE)
1 52.17.239.191 16509 (AMAZON-02)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 44.240.48.158 ()
43 17
2    104.168.173.248 (United States)

ASN54290 (HOSTWINDS, US)
PTR: client-104-168-173-248.hostwindsdns.com
104.168.173.248
9    24.244.7.145 (Vancouver, Canada)

ASN6327 (SHAW, CA)
signin.shaw.ca
11    23.45.60.174 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-60-174.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    2404:6800:4004:801::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:10::6816:3768 (United States)

ASN13335 (CLOUDFLARENET, US)
rum-static.pingdom.net
3    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com
siteintercept.qualtrics.com
2    2a03:2880:f00c:19:face:b00c:0:3 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    18.65.181.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-181-62.nrt57.r.cloudfront.net
cdn.appdynamics.com
1    13.225.173.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-173-32.nrt57.r.cloudfront.net
t.contentsquare.net
3    35.73.132.106 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-73-132-106.ap-northeast-1.compute.amazonaws.com
dpm.demdex.net
1    52.198.51.78 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-51-78.ap-northeast-1.compute.amazonaws.com
shaw.demdex.net
1    54.254.87.92 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-87-92.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
1    63.140.50.108 (United States)

ASN16509 (AMAZON-02, US)
shawtelevision.112.2o7.net
2    3.114.95.219 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-95-219.ap-northeast-1.compute.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:d600::2 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
2    172.217.161.66 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f2.1e100.net
cm.g.doubleclick.net
1    52.17.239.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-239-191.eu-west-1.compute.amazonaws.com
rum-collector-2.pingdom.net
2    2a03:2880:f10c:83:face:b00c:0:25de (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    44.240.48.158 (None, )

ASN- ()
col.eum-appdynamics.com
Apex Domain
Subdomains		 Transfer
11 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 934
118 KB
9 shaw.ca
signin.shaw.ca — Cisco Umbrella Rank: 741341
287 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 199
shaw.demdex.net — Cisco Umbrella Rank: 150396
6 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1119
load77.exelator.com — Cisco Umbrella Rank: 2601
2 KB
3 qualtrics.com
zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com — Cisco Umbrella Rank: 837365
siteintercept.qualtrics.com — Cisco Umbrella Rank: 990
24 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
501 B
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 195
711 B
2 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 3011
58 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 137
114 KB
2 pingdom.net
rum-static.pingdom.net — Cisco Umbrella Rank: 4810
rum-collector-2.pingdom.net — Cisco Umbrella Rank: 4382
3 KB
1 eum-appdynamics.com
col.eum-appdynamics.com
1016 B
1 2o7.net
shawtelevision.112.2o7.net
599 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 916
517 B
1 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3579
70 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
0 tealiumiq.com Failed
datacloud.tealiumiq.com Failed
43 16
Domain Requested by
11 tags.tiqcdn.com signin.shaw.ca
tags.tiqcdn.com
9 signin.shaw.ca 104.168.173.248
signin.shaw.ca
3 dpm.demdex.net tags.tiqcdn.com
2 www.facebook.com
2 cm.g.doubleclick.net 2 redirects
2 loadm.exelator.com 2 redirects
2 siteintercept.qualtrics.com zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com
cdn.appdynamics.com
2 cdn.appdynamics.com tags.tiqcdn.com
cdn.appdynamics.com
2 connect.facebook.net tags.tiqcdn.com
cdn.appdynamics.com
1 col.eum-appdynamics.com cdn.appdynamics.com
1 rum-collector-2.pingdom.net cdn.appdynamics.com
1 load77.exelator.com
1 shawtelevision.112.2o7.net
1 cm.everesttech.net 1 redirects
1 shaw.demdex.net tags.tiqcdn.com
1 t.contentsquare.net tags.tiqcdn.com
1 zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com
1 rum-static.pingdom.net tags.tiqcdn.com
1 www.google-analytics.com tags.tiqcdn.com
0 datacloud.tealiumiq.com Failed tags.tiqcdn.com
43 20

This site contains links to these domains. Also see Links.

Domain
www.shaw.ca
business.shaw.ca
webmail.shaw.ca
upload.wikimedia.org
Subject Issuer Validity Valid
signin.shaw.ca
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-11 -
2022-05-16		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-01 -
2022-05-02		 3 months crt.sh
*.appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-21 -
2022-07-22		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.qualtrics.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-24 -
2022-09-24		 a year crt.sh
*.eum-appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-14 -
2022-07-15		 a year crt.sh

This page contains 2 frames:

Primary Page: http://104.168.173.248/start.html
Frame ID: B7196B2FFF16AD977FDB16BD87C3B8A9
Requests: 40 HTTP requests in this frame

Frame: https://shaw.demdex.net/dest5.html?d_nsid=0
Frame ID: 95806501464DD2FB7E8E561C51B5D045
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Update Billing Information

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

49 %
HTTPS

26 %
IPv6

16
Domains

20
Subdomains

17
IPs

8
Countries

772 kB
Transfer

1879 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • http://zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_eEBGNDcL8eo8iX3&Q_LOC=http%3A%2F%2F104.168.173.248%2Fstart.html HTTP 307
  • https://zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_eEBGNDcL8eo8iX3&Q_LOC=http%3A%2F%2F104.168.173.248%2Fstart.html
Request Chain 30
  • https://cm.everesttech.net/cm/dd?d_uuid=78189231316460038992879467666891499278 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmYwnwAAAJbBFQPi
Request Chain 35
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=78189231316460038992879467666891499278 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=78189231316460038992879467666891499278&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 37
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzgxODkyMzEzMTY0NjAwMzg5OTI4Nzk0Njc2NjY4OTE0OTkyNzg= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzgxODkyMzEzMTY0NjAwMzg5OTI4Nzk0Njc2NjY4OTE0OTkyNzg=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJ3G18z3ecoqUe-n0KlJuwI&google_cver=1?gdpr=0&gdpr_consent=

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request start.html
104.168.173.248/ 		21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://104.168.173.248/start.html
Protocol
HTTP/1.1
Server
104.168.173.248 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
client-104-168-173-248.hostwindsdns.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a326c41c446471c5e1848ba017592f1bb12dfbd3db8af96ec0e7fdbdf63a2a53

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
4383
Content-Type
text/html
Date
Mon, 25 Apr 2022 05:24:42 GMT
ETag
"52aa-57eee7ee7f400-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Tue, 08 Jan 2019 08:54:40 GMT
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
bootstrap.min.css
signin.shaw.ca/assets/css/ 		119 KB
120 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signin.shaw.ca/assets/css/bootstrap.min.css
Requested by
Host: 104.168.173.248
URL: http://104.168.173.248/start.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
24.244.7.145 Vancouver, Canada, ASN6327 (SHAW, CA),
Reverse DNS
Software
/
Resource Hash
7486020708eb6170eaa03c3104b820ea03ef0264a1bdec1fe0e3d37c177fa14c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:45 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Fri, 14 Jan 2022 18:20:23 GMT
Content-Length
122239
Content-Type
text/css
consolidated-style.css
104.168.173.248/ 		143 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://104.168.173.248/consolidated-style.css
Requested by
Host: 104.168.173.248
URL: http://104.168.173.248/start.html
Protocol
HTTP/1.1
Server
104.168.173.248 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
client-104-168-173-248.hostwindsdns.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
63f26ca6aab3179af6352d8523e98d9acb6986670264320499e2ca9f911fb74b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/start.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Nov 2018 07:25:14 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"23cca-579a96fb32a80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
consolidated-masthead.css
signin.shaw.ca/assets/css/ 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signin.shaw.ca/assets/css/consolidated-masthead.css
Requested by
Host: 104.168.173.248
URL: http://104.168.173.248/start.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
24.244.7.145 Vancouver, Canada, ASN6327 (SHAW, CA),
Reverse DNS
Software
/
Resource Hash
34f87f1dc5bf8168d41f1ba29a11a6952a75d9dc62a2a53f960f79811d575fb2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:45 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Fri, 14 Jan 2022 18:20:23 GMT
Content-Length
21265
Content-Type
text/css
consolidated-footer.css
signin.shaw.ca/assets/css/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signin.shaw.ca/assets/css/consolidated-footer.css
Requested by
Host: 104.168.173.248
URL: http://104.168.173.248/start.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
24.244.7.145 Vancouver, Canada, ASN6327 (SHAW, CA),
Reverse DNS
Software
/
Resource Hash
8085ad712d0b84fcdd5c4a35911e8c63dfccfe3c30453b5a874c4177f0929b8e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:45 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Fri, 14 Jan 2022 18:20:23 GMT
Content-Length
7487
Content-Type
text/css
jquery.min.js
signin.shaw.ca/assets/js/ 		84 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.shaw.ca/assets/js/jquery.min.js
Requested by
Host: 104.168.173.248
URL: http://104.168.173.248/start.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
24.244.7.145 Vancouver, Canada, ASN6327 (SHAW, CA),
Reverse DNS
Software
/
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:45 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Fri, 14 Jan 2022 18:20:24 GMT
Content-Length
85578
Content-Type
application/javascript
bootstrap.min.js
signin.shaw.ca/assets/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.shaw.ca/assets/js/bootstrap.min.js
Requested by
Host: 104.168.173.248
URL: http://104.168.173.248/start.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
24.244.7.145 Vancouver, Canada, ASN6327 (SHAW, CA),
Reverse DNS
Software
/
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:45 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Fri, 14 Jan 2022 18:20:24 GMT
Content-Length
36868
Content-Type
application/javascript
consolidated-script.js
signin.shaw.ca/assets/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.shaw.ca/assets/js/consolidated-script.js
Requested by
Host: 104.168.173.248
URL: http://104.168.173.248/start.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
24.244.7.145 Vancouver, Canada, ASN6327 (SHAW, CA),
Reverse DNS
Software
/
Resource Hash
0d1d6c6f7ac9b07b5cda7a36f26f6e4c6ab19075b00cbf583c863081b70dc456

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:45 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Fri, 14 Jan 2022 18:20:24 GMT
Content-Length
13111
Content-Type
application/javascript
masthead_webmail.png
signin.shaw.ca/assets/images/ 		520 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signin.shaw.ca/assets/images/masthead_webmail.png
Requested by
Host: signin.shaw.ca
URL: https://signin.shaw.ca/assets/css/consolidated-masthead.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
24.244.7.145 Vancouver, Canada, ASN6327 (SHAW, CA),
Reverse DNS
Software
/
Resource Hash
037fe3005d6b17146f109692c246b263a2a79ddb7283ae268936061383b04a4f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://signin.shaw.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:45 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Fri, 14 Jan 2022 18:20:24 GMT
Content-Length
520
Content-Type
image/png
masthead_contact.png
signin.shaw.ca/assets/images/ 		400 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signin.shaw.ca/assets/images/masthead_contact.png
Requested by
Host: signin.shaw.ca
URL: https://signin.shaw.ca/assets/css/consolidated-masthead.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
24.244.7.145 Vancouver, Canada, ASN6327 (SHAW, CA),
Reverse DNS
Software
/
Resource Hash
4eb21eb21da4496feacb2bfffdd8fd5141e55722aeca62317ac1a7e023030169

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://signin.shaw.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:45 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Fri, 14 Jan 2022 18:20:24 GMT
Content-Length
400
Content-Type
image/png
myshaw-logo.png
signin.shaw.ca/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signin.shaw.ca/assets/images/myshaw-logo.png
Requested by
Host: 104.168.173.248
URL: http://104.168.173.248/consolidated-style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
24.244.7.145 Vancouver, Canada, ASN6327 (SHAW, CA),
Reverse DNS
Software
/
Resource Hash
614d39f4274ca8032f469c43df74c5af86bd4253c9f52108a18525d112420e0b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:45 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Fri, 14 Jan 2022 18:20:24 GMT
Content-Length
4268
Content-Type
image/png
utag.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Requested by
Host: signin.shaw.ca
URL: https://signin.shaw.ca/assets/js/consolidated-script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.60.174 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-60-174.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
14a93a21bccc19e3c79c6810d7fcd15512ccaba6c50468482fc767c170e966c8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 05:24:46 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 16:34:45 GMT
server
AkamaiNetStorage
etag
"5960e388323353cf01fd0353737bfe6e:1649435685.63604"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
38002
expires
Mon, 25 Apr 2022 05:29:46 GMT
utag.8.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.8.js?utv=ut4.42.202204081634
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Server
23.45.60.174 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-60-174.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cc6b18d1a408c79d389e032e42db6ed1765d842068c486193f838451554a90aa

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2022 16:34:41 GMT
Server
AkamaiNetStorage
ETag
"9876f3c854bbd6d2674c204beedee942:1649435681.178005"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1296000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24240
Expires
Tue, 10 May 2022 05:24:46 GMT
utag.9.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.9.js?utv=ut4.42.202106031942
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Server
23.45.60.174 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-60-174.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
29842e7e025c51618d22d7a4aadcb8985e22e0fadd0c65f9055ce342c1569168

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2022 16:34:43 GMT
Server
AkamaiNetStorage
ETag
"ff41ff31c255f3be07d1f2ba84627d16:1649435683.962021"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1296000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5570
Expires
Tue, 10 May 2022 05:24:46 GMT
utag.12.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		168 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.12.js?utv=ut4.42.202204081634
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Server
23.45.60.174 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-60-174.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0d423bfac5576d22bc8228fcb70c5b1d69bff3c622441fe781810087b577742f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2022 16:34:42 GMT
Server
AkamaiNetStorage
ETag
"9d046c06c3e3824ffd4dce162ecf01b8:1649435682.678781"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1296000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33954
Expires
Tue, 10 May 2022 05:24:46 GMT
utag.14.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.14.js?utv=ut4.42.201812042013
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Server
23.45.60.174 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-60-174.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
01dabffc47350f2c1c01bea09c67d33e3a36a73ec4409f8799a15012430ec217

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2022 16:34:41 GMT
Server
AkamaiNetStorage
ETag
"7583cce3385589def2d40c9aae39f118:1649435681.433537"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1296000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
934
Expires
Tue, 10 May 2022 05:24:46 GMT
utag.45.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.45.js?utv=ut4.42.201711301801
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Server
23.45.60.174 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-60-174.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ebd39df795bc7a4b0a1546165a0424bde5c799a714326ee1a3d97f2d81bde415

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2022 16:34:42 GMT
Server
AkamaiNetStorage
ETag
"9b263280118c8773265708e3771b726e:1649435682.974455"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1296000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3192
Expires
Tue, 10 May 2022 05:24:46 GMT
utag.44.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.44.js?utv=ut4.42.201803281630
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Server
23.45.60.174 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-60-174.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
dccb152ad98320cb4a85c1f9a84800ddb654679ece276d4fe7a7bf95cc9e3669

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2022 16:34:38 GMT
Server
AkamaiNetStorage
ETag
"d2a520bb5b411fa1ab291263eac0c484:1649435678.600151"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1296000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4093
Expires
Tue, 10 May 2022 05:24:46 GMT
utag.50.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.50.js?utv=ut4.42.201808202111
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Server
23.45.60.174 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-60-174.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8604e28ad73dcb612caf79c29ade4184009dcee371b1b1b4c1f8466df1f1ea2b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2022 16:34:45 GMT
Server
AkamaiNetStorage
ETag
"d5ae714fa545d4ea3ecd7e184d17e509:1649435685.125638"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1296000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
996
Expires
Tue, 10 May 2022 05:24:46 GMT
utag.53.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.53.js?utv=ut4.42.202007131726
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Server
23.45.60.174 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-60-174.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2f54ed194bd2a1ae7a4c4500b7f7df656c78de7437406bfefed54d72c942361b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2022 16:34:43 GMT
Server
AkamaiNetStorage
ETag
"4aebed9ce4ada7959b8f8dc1e43d2aa7:1649435683.378414"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1296000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1615
Expires
Tue, 10 May 2022 05:24:46 GMT
utag.57.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.57.js?utv=ut4.42.202204081634
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Server
23.45.60.174 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-60-174.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
71e8afb529d65c92b565b89d9ddc2f993620a1c0cb9984b92ad20e665c0eb35c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2022 16:34:42 GMT
Server
AkamaiNetStorage
ETag
"1f5e6aade2870ad260bcd6a7409d4ce8:1649435682.450632"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1296000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3657
Expires
Tue, 10 May 2022 05:24:46 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3636
date
Mon, 25 Apr 2022 04:24:10 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 25 Apr 2022 06:24:10 GMT
i.gif
datacloud.tealiumiq.com/shaw/main/2/ 		0
0
prum.min.js
rum-static.pingdom.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://rum-static.pingdom.net/prum.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Server
2606:4700:10::6816:3768 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:47 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Tue, 11 May 2021 14:01:38 GMT
Server
cloudflare
ETag
W/"609a8e42-1849"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7014a77febaa2083-NRT
/
zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com/WRSiteInterceptEngine/
Redirect Chain
  • http://zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_eEBGNDcL8eo8iX3&Q_LOC=http%3A%2F%2F104.168.173.248%2Fstart.html
  • https://zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_eEBGNDcL8eo8iX3&Q_LOC=http%3A%2F%2F104.168.173.248%2Fstart.html
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_eEBGNDcL8eo8iX3&Q_LOC=http%3A%2F%2F104.168.173.248%2Fstart.html
Protocol
H2
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7911f975a339e307f35ef7f422a94b37ba44f0f75546b44085a6c7c4934aa355
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 05:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
253464
cf-polished
origSize=8435
cf-ray
7014a7800ba380e9-NRT
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"20f3-VvY3g9PfiCopM54Q0Tg8koU491w"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept

Redirect headers

Location
https://zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_eEBGNDcL8eo8iX3&Q_LOC=http%3A%2F%2F104.168.173.248%2Fstart.html
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
hZ8ZFOl4nxPrP8w8GK2MXTlTOwuf1AogUn9AqKhHfVLkm6HSRK8KhpYY72purMas9MMHN1bmRr35M1p5x0Xi+A==
x-fb-trip-id
548340344
x-frame-options
DENY
date
Mon, 25 Apr 2022 05:24:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
adrum-latest.js
cdn.appdynamics.com/adrum/ 		103 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-latest.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.181.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-181-62.nrt57.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
802fe463fb2c5049f755d600c2add791806ba93cf67009d1f621119887e411d7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 18:35:14 GMT
content-encoding
gzip
age
298172
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 20 Dec 2021 22:21:02 GMT
server
nginx/1.16.1
etag
W/"61c101ce-19b76"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 1ec5c4b165968f8e5c872b374a497e8e.cloudfront.net (CloudFront)
cache-control
public, max-age=2678400, s-max-age=14400
x-amz-cf-pop
NRT57-P2
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
cfWcKvv2-CtlAIo7flneiq5etAplGdy7M3eol1uevyRM02wZ3epeug==
b829dc86-7600-47e9-8cf6-4eb0c3528c7a.js
t.contentsquare.net/uxa/ 		308 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://t.contentsquare.net/uxa/b829dc86-7600-47e9-8cf6-4eb0c3528c7a.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Server
13.225.173.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-173-32.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bc8e4bf6a911836aee2a68c3809a6354e57a19d6c2407ca2913ae9619e31c12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Sat, 23 Apr 2022 15:22:03 GMT
Content-Encoding
gzip
Age
136964
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
71100
Last-Modified
Wed, 20 Apr 2022 12:46:40 GMT
Server
AmazonS3
ETag
"214cf3830d69f1a627af8349e3398edc"
Content-Type
application/javascript;charset=utf-8
Via
1.1 bb32c519ef639e0d83cbe59c5c12bd30.cloudfront.net (CloudFront)
Cache-Control
max-age=900
X-Amz-Cf-Pop
NRT57-C4
Accept-Ranges
bytes
X-Amz-Cf-Id
N1ejnygR1q7WyuylIVrljhlhzrFNXjovs__9z4DlzNKTLkOVR7AMbA==
id
dpm.demdex.net/ 		753 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5F34123F5245B4A70A490D45%40AdobeOrg&d_nsid=0&ts=1650864286732
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.73.132.106 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-132-106.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
4fe09a2a1611769baeda9c64a99369f3c8078eae4d5b1c416a8ec17d3c9d3bdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://104.168.173.248/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-tyo3-1-v029-0b4db5a76.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
MvE4rtD3TXg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://104.168.173.248
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
482
Expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=shaw/uts-shaw-myaccount/202204081634&cb=1650864286735
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Server
23.45.60.174 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-60-174.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 05:24:46 GMT
Last-Modified
Thu, 14 Apr 2016 16:57:51 GMT
Server
AkamaiNetStorage
ETag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
Content-Type
application/x-javascript
Cache-Control
max-age=600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2
Expires
Mon, 25 Apr 2022 05:34:46 GMT
dest5.html
shaw.demdex.net/ Frame 9580 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shaw.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.51.78 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-51-78.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://104.168.173.248/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-tyo3-2-v029-0b3a8a0e9.edge-tyo3.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
kn5lna2sSq8=
content-encoding
gzip
date
Mon, 25 Apr 2022 05:24:46 GMT
last-modified
Wed, 13 Apr 2022 15:29:26 GMT
vary
accept-encoding
ibs:dpid=411&dpuuid=YmYwnwAAAJbBFQPi
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=78189231316460038992879467666891499278
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmYwnwAAAJbBFQPi
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmYwnwAAAJbBFQPi
Protocol
HTTP/1.1
Server
35.73.132.106 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-132-106.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-1-v029-0bea6dd3d.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
RylwcwI5QKQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmYwnwAAAJbBFQPi
Date
Mon, 25 Apr 2022 05:24:47 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
11.056a039c38103052854b.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/11.056a039c38103052854b.chunk.js?Q_CLIENTVERSION=1.70.0&Q_CLIENTTYPE=web&Q_BRANDID=104.168.173.248
Requested by
Host: zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com
URL: http://zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_eEBGNDcL8eo8iX3&Q_LOC=http%3A%2F%2F104.168.173.248%2Fstart.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
791302fdc2c111f4a3b921acdb9309693aa848f414f6666d289e18633896bef0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 05:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
535292
cf-polished
origSize=60694
cf-ray
7014a7806c5580e9-NRT
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Apr 2022 20:04:17 GMT
server
cloudflare
etag
W/"ed16-1801a3a19e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
adrum-ext.59191791453ae6311081a09b4cf33c2d.js
cdn.appdynamics.com/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.appdynamics.com/adrum-ext.59191791453ae6311081a09b4cf33c2d.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
HTTP/1.1
Server
18.65.181.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-181-62.nrt57.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
e490994ad61a64454e06354b4c74756269548b48e8bd476b35762d713ccb8c86

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 20:02:19 GMT
Content-Encoding
gzip
Age
724947
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
access-control-allow-origin
*
Last-Modified
Wed, 21 Jul 2021 17:52:36 GMT
Server
nginx/1.16.1
ETag
W/"60f85ee4-ccbc"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
Content-Type
application/javascript
Via
1.1 c9203ba15af2ae82294719bd8bb5fcce.cloudfront.net (CloudFront)
Cache-Control
public, max-age=2678400, s-max-age=14400
X-Amz-Cf-Pop
NRT57-P2
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Amz-Cf-Id
G3Lp9M8BHd278v7SUdLROQE_mZl5PBBQC8Cv-af3nO3byV49cXyB7g==
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_eEBGNDcL8eo8iX3&Q_CLIENTVERSION=1.70.0&Q_CLIENTTYPE=web
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a809ca87e0e7f644cf36ef01a9976f6626a8cbef816ccd99806bdb44cab97ba0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://104.168.173.248/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 25 Apr 2022 05:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://104.168.173.248
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
trace-id
7d7b55635a74d714
cf-ray
7014a780acc680e9-NRT
s74135578206599
shawtelevision.112.2o7.net/b/ss/shawutsdevelopment/1/JS-2.22.3/ 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shawtelevision.112.2o7.net/b/ss/shawutsdevelopment/1/JS-2.22.3/s74135578206599?AQB=1&ndh=1&pf=1&t=25%2F3%2F2022%205%3A24%3A46%201%200&sdid=0234CB6B94A071F6-30CD5863529DA4A6&mid=78427895039474360152855464953641484890&aamlh=11&ce=UTF-8&ns=Shaw&cdp=4&pageName=login%7Cmyacct-cable-web&g=http%3A%2F%2F104.168.173.248%2Fstart.html&cc=cad&ch=myacct-cable-web&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=login%7Cmyacct-cable-web&v1=login%7Cmyacct-cable-web&c2=myacct-cable-web&v2=myacct-cable-web&c4=New&v4=New&c5=5&v5=5&c8=my%20account%20web%20signin&v8=my%20account%20web%20signin&c9=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F100.0.4896.127%20Safari%2F537.36&v9=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F100.0.4896.127%20Safari%2F537.36&c10=http%3A%2F%2F104.168.173.248%2Fstart.html&v10=http%3A%2F%2F104.168.173.248%2Fstart.html&c11=2.22.3&v11=2.22.3&v13=78427895039474360152855464953641484890&c14=english&v14=english&c16=%7Cundefined%7Cundefined&c17=1&c19=logged-out&v19=logged-out&c22=desktop&v25=01805f2debda001a1833478f9af403074002106c00b08%7C1650864286682&v63=0.053417345978500785_1650864286734&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5F34123F5245B4A70A490D45%40AdobeOrg&AQE=1
Protocol
HTTP/1.1
Server
63.140.50.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 05:24:46 GMT
x-content-type-options
nosniff
x-c
main-1637.I660130.M0-562
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 26 Apr 2022 05:24:46 GMT
server
jag
xserver
anedge-66757b4dd8-tnkqv
etag
3545204059851849728-4619838644727468019
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 24 Apr 2022 05:24:46 GMT
pixel.gif
load77.exelator.com/ Frame 9580
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=78189231316460038992879467666891499278
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=78189231316460038992879467666891499278&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Protocol
H2
Server
2a02:6ea0:d600::2 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://shaw.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-77-nzt
AVQROQLuydL/274MAA
x-accel-expires
@1651065796
date
Mon, 25 Apr 2022 05:24:47 GMT
etag
"59f0c3fc-2b"
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
x-77-nzt-ray
fAEAJUjt1Pw
x-77-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-cache
HIT
x-age
835291
accept-ranges
bytes
x-77-pop
hongkongHK
content-length
43

Redirect headers

date
Mon, 25 Apr 2022 05:24:47 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
1588964151367054
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1588964151367054?v=2.9.57&r=stable
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b140c4c9b771b38f312f684e8518394551245316f609e6ae91e41f78e0e74164
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
/HvgRRZ+qo6ubCJ01lzLNlpOBRut5I6c0Rw20whOY937Y90ryS5rbmIXf7jdbJgCtxWbZOfBHfH1A5Bwjtavxw==
x-fb-trip-id
548340344
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 25 Apr 2022 05:24:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1650864287290
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ibs:dpid=771&dpuuid=CAESEJ3G18z3ecoqUe-n0KlJuwI&google_cver=1
dpm.demdex.net/ Frame 9580
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzgxODkyMzEzMTY0NjAwMzg5OTI4Nzk0Njc2NjY4OTE0OTkyNzg=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzgxODkyMzEzMTY0NjAwMzg5OTI4Nzk0Njc2NjY4OTE0OTkyNzg=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJ3G18z3ecoqUe-n0KlJuwI&google_cver=1?gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJ3G18z3ecoqUe-n0KlJuwI&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
35.73.132.106 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-132-106.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://shaw.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-2-v029-0116570aa.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
h1gjCYbFQO4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 05:24:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJ3G18z3ecoqUe-n0KlJuwI&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.gif
rum-collector-2.pingdom.net/img/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://rum-collector-2.pingdom.net/img/beacon.gif?id=53ce90f5abe53d1f69f80a08&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=1&cE=124&dLE=1&dLS=1&fS=0&hS=-1&rE=-1&rS=-1&reS=124&resS=250&resE=251&uEE=-1&uES=-1&dL=257&dI=3195&dCLES=3195&dCLEE=3196&dC=3904&lES=3904&lEE=3904&s=nt&title=Update%20Billing%20Information&path=http%3A%2F%2F104.168.173.248%2Fstart.html&ref=&sId=t817r9jt&sST=1650864287&sIS=1&rV=0&v=1.4.1
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
HTTP/1.1
Server
52.17.239.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-239-191.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Mon, 25 Apr 2022 05:24:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588964151367054&ev=PageView&dl=http%3A%2F%2F104.168.173.248%2Fstart.html&rl=&if=false&ts=1650864287459&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.3.1650864287456.531522765&it=1650864286999&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 05:24:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 25 Apr 2022 05:24:47 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588964151367054&ev=Microdata&dl=http%3A%2F%2F104.168.173.248%2Fstart.html&rl=&if=false&ts=1650864288968&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Update%20Billing%20Information%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.3.1650864287456.531522765&it=1650864286999&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://104.168.173.248/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 05:24:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 25 Apr 2022 05:24:49 GMT
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/APP_KEY_NOT_SET/ 		0
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/APP_KEY_NOT_SET/adrum
Requested by
Host: cdn.appdynamics.com
URL: http://cdn.appdynamics.com/adrum-ext.59191791453ae6311081a09b4cf33c2d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.48.158 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://104.168.173.248/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 05:24:50 GMT
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
Connection
keep-alive
access-control-allow-headers
origin, content-type, accept
Content-Length
0
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
datacloud.tealiumiq.com
URL
http://datacloud.tealiumiq.com/shaw/main/2/i.gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Shaw (Telecommunication)

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| checkform function| $ function| jQuery string| siteName string| pageCode string| utag_url object| utag_data function| modifyLinksForDirect function| openChatWindow function| openEmailWindow function| openDirectChatWindow function| openDirectChatWindowFr function| openDirectEmailWindow function| openDirectEmailWindowFr function| closeNav function| signInClicked function| openHelp function| openVodRegister function| openVodLearnMore function| openVodForgot function| openTveLearnMore function| openAkamaiEnGetStartedNowClick function| openAkamaiFrGetStartedNowClick function| openAkamaiCreateShawIdClick function| openAkamaiForgetShawIdClick function| openModal function| checkButtonEnable function| getParameterByName function| setAnalyticsCallData function| detectDevice function| isBrowserSupported object| errMsg boolean| utag_condload object| utag function| loadLibrary function| get_url_param function| geoip function| order_total function| order_id function| order_currency function| rgu_count function| product_names function| product_order_types function| lead_form_name function| lead_form_name_clean function| eoid function| is_thanks boolean| __tealium_twc_switch function| aid_prioritize function| cid_prioritize function| tealium_enrichment object| deviceDetector function| clickTrackEvent string| ClickTalePIISelector function| translate_id object| qualified_audiences object| sorted_audience object| priotized_audience_list object| qualified_contentid object| sorted_contentid object| priotized_contentid_list object| adobe function| Visitor string| GoogleAnalyticsObject function| ga object| _prum string| ZN_eEBGNDcL8eo8iX3_ed string| ZN_eEBGNDcL8eo8iX3_sampleRate string| ZN_eEBGNDcL8eo8iX3_url function| fbq function| _fbq object| _uxa undefined| sobject function| MediaHeartbeat function| MediaHeartbeatConfig function| MediaHeartbeatDelegate function| TealiumMediaHeartbeatDelegate object| ADB number| c object| s function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in number| s_objectID number| s_giq object| CS_CONF object| CS_INTEGRATIONS_CONF object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csEventtarget object| CSPathComputation object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.70.0 object| ADRUM number| adrum-start-time object| s_Obj function| s_PPVevent number| s_PPVt object| s_i_shawutsdevelopment object| _qsie

19 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 78189231316460038992879467666891499278
104.168.173.248/ Name: AMCVS_5F34123F5245B4A70A490D45%40AdobeOrg
Value: 1
104.168.173.248/ Name: p_url
Value: http%3A%2F%2F104.168.173.248%2Fstart.html
104.168.173.248/ Name: s_nr
Value: 1650864286840-New
104.168.173.248/ Name: gpv
Value: login%7Cmyacct-cable-web
104.168.173.248/ Name: s_ppvl
Value: %5B%5BB%5D%5D
104.168.173.248/ Name: s_depth
Value: 1
104.168.173.248/ Name: s_cc
Value: true
104.168.173.248/ Name: QSI_HistorySession
Value: http%3A%2F%2F104.168.173.248%2Fstart.html~1650864287018
.demdex.net/ Name: dextp
Value: 3-1-1650864286976|771-1-1650864287079
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YmYwnwAAAJbBFQPi
.dpm.demdex.net/ Name: dpm
Value: 78189231316460038992879467666891499278
104.168.173.248/ Name: AMCV_5F34123F5245B4A70A490D45%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19108%7CMCMID%7C78427895039474360152855464953641484890%7CMCAAMLH-1651469086%7C11%7CMCAAMB-1651469086%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1650871486s%7CNONE%7CMCSYNCSOP%7C411-19115%7CvVersion%7C5.2.0
.exelator.com/ Name: EE
Value: "ab6a9207eb0888291c8551d90795cd3c"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSExySzR0sjAPDXJwMLCwsjSMNnC1NQwxdLA3NI0OcU4eXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAYEl%252BUWb6Iq%252BAxUUpaQyLSopPBR%252FQnw4Ahdop0Q%253D%253D"
104.168.173.248/ Name: s_ppv
Value: login%257Cmyacct-cable-web%2C100%2C100%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CL
.doubleclick.net/ Name: IDE
Value: AHWqTUm8wxsMBuat3UazSQtHNqH3BVs0WOn_hhUAkL4sfoCHxCqblOPzsRMPbF2f7a0
104.168.173.248/ Name: _fbp
Value: fb.3.1650864287456.531522765
.facebook.com/ Name: fr
Value: 0TkXA9R8N2xNGmTpT..BiZjCf...1.0.BiZjCf.

2 Console Messages

Source Level URL
Text
javascript error URL: http://104.168.173.248/start.html
Message:
Access to XMLHttpRequest at 'http://datacloud.tealiumiq.com/shaw/main/2/i.gif' from origin 'http://104.168.173.248' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://datacloud.tealiumiq.com/shaw/main/2/i.gif
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.appdynamics.com
cm.everesttech.net
cm.g.doubleclick.net
col.eum-appdynamics.com
connect.facebook.net
datacloud.tealiumiq.com
dpm.demdex.net
load77.exelator.com
loadm.exelator.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
shaw.demdex.net
shawtelevision.112.2o7.net
signin.shaw.ca
siteintercept.qualtrics.com
t.contentsquare.net
tags.tiqcdn.com
www.facebook.com
www.google-analytics.com
zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com
datacloud.tealiumiq.com
104.168.173.248
104.17.208.240
13.225.173.32
172.217.161.66
18.65.181.62
23.45.60.174
24.244.7.145
2404:6800:4004:801::200e
2606:4700:10::6816:3768
2a02:6ea0:d600::2
2a03:2880:f00c:19:face:b00c:0:3
2a03:2880:f10c:83:face:b00c:0:25de
3.114.95.219
35.73.132.106
44.240.48.158
52.17.239.191
52.198.51.78
54.254.87.92
63.140.50.108
01dabffc47350f2c1c01bea09c67d33e3a36a73ec4409f8799a15012430ec217
037fe3005d6b17146f109692c246b263a2a79ddb7283ae268936061383b04a4f
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0d1d6c6f7ac9b07b5cda7a36f26f6e4c6ab19075b00cbf583c863081b70dc456
0d423bfac5576d22bc8228fcb70c5b1d69bff3c622441fe781810087b577742f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14a93a21bccc19e3c79c6810d7fcd15512ccaba6c50468482fc767c170e966c8
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
29842e7e025c51618d22d7a4aadcb8985e22e0fadd0c65f9055ce342c1569168
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f54ed194bd2a1ae7a4c4500b7f7df656c78de7437406bfefed54d72c942361b
34f87f1dc5bf8168d41f1ba29a11a6952a75d9dc62a2a53f960f79811d575fb2
4bc8e4bf6a911836aee2a68c3809a6354e57a19d6c2407ca2913ae9619e31c12
4eb21eb21da4496feacb2bfffdd8fd5141e55722aeca62317ac1a7e023030169
4fe09a2a1611769baeda9c64a99369f3c8078eae4d5b1c416a8ec17d3c9d3bdf
614d39f4274ca8032f469c43df74c5af86bd4253c9f52108a18525d112420e0b
63f26ca6aab3179af6352d8523e98d9acb6986670264320499e2ca9f911fb74b
71e8afb529d65c92b565b89d9ddc2f993620a1c0cb9984b92ad20e665c0eb35c
7486020708eb6170eaa03c3104b820ea03ef0264a1bdec1fe0e3d37c177fa14c
7911f975a339e307f35ef7f422a94b37ba44f0f75546b44085a6c7c4934aa355
791302fdc2c111f4a3b921acdb9309693aa848f414f6666d289e18633896bef0
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
802fe463fb2c5049f755d600c2add791806ba93cf67009d1f621119887e411d7
8085ad712d0b84fcdd5c4a35911e8c63dfccfe3c30453b5a874c4177f0929b8e
8604e28ad73dcb612caf79c29ade4184009dcee371b1b1b4c1f8466df1f1ea2b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a326c41c446471c5e1848ba017592f1bb12dfbd3db8af96ec0e7fdbdf63a2a53
a809ca87e0e7f644cf36ef01a9976f6626a8cbef816ccd99806bdb44cab97ba0
b140c4c9b771b38f312f684e8518394551245316f609e6ae91e41f78e0e74164
c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec
cc6b18d1a408c79d389e032e42db6ed1765d842068c486193f838451554a90aa
dccb152ad98320cb4a85c1f9a84800ddb654679ece276d4fe7a7bf95cc9e3669
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e490994ad61a64454e06354b4c74756269548b48e8bd476b35762d713ccb8c86
ebd39df795bc7a4b0a1546165a0424bde5c799a714326ee1a3d97f2d81bde415
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629