urlscan.io logo urlscan.io
SecurityTrails logo

92.119.159.3 Open in urlscan Pro
92.119.159.3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://92.119.159.3/
Effective URL: https://92.119.159.3/
Submission: On July 30 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 14 domains to perform 39 HTTP transactions. The main IP is 92.119.159.3, located in Moscow, Russian Federation and belongs to IPSERVER-RU-NET Fiord, RU. The main domain is 92.119.159.3.
TLS certificate: Issued by R3 on May 27th 2023. Valid for: 3 months.
This is the only time 92.119.159.3 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Shaw (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 3 92.119.159.3 44812 (IPSERVER-...)
9 184.30.131.195 16625 (AKAMAI-AS)
9 2600:9000:20c... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.66.192.76 16509 (AMAZON-02)
2 18.164.52.23 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.59.160.246 16509 (AMAZON-02)
4 54.154.199.42 16509 (AMAZON-02)
3 104.17.208.240 13335 (CLOUDFLAR...)
1 52.215.126.166 16509 (AMAZON-02)
1 1 52.208.181.207 16509 (AMAZON-02)
1 63.140.62.135 15224 (OMNITURE)
2 2 34.254.143.3 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2 142.250.186.34 15169 (GOOGLE)
1 52.26.128.255 16509 (AMAZON-02)
39 15
3    92.119.159.3 (Moscow, Russian Federation)

ASN44812 (IPSERVER-RU-NET Fiord, RU)
PTR: e-oakro.org.uk
92.119.159.3
9    184.30.131.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-131-195.deploy.static.akamaitechnologies.com
signin.shaw.ca
9    2600:9000:20c3:c800:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
1    2606:4700:10::6816:3768 (United States)

ASN13335 (CLOUDFLARENET, US)
rum-static.pingdom.net
1    18.66.192.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-76.muc50.r.cloudfront.net
t.contentsquare.net
2    18.164.52.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-23.cdg50.r.cloudfront.net
cdn.appdynamics.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.59.160.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-160-246.eu-central-1.compute.amazonaws.com
datacloud.tealiumiq.com
4    54.154.199.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-199-42.eu-west-1.compute.amazonaws.com
dpm.demdex.net
shaw.demdex.net
3    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1    52.215.126.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-126-166.eu-west-1.compute.amazonaws.com
rum-collector-2.pingdom.net
1    52.208.181.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-181-207.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    63.140.62.135 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-135.data.adobedc.net
shawtelevision.112.2o7.net
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
1    52.26.128.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-128-255.us-west-2.compute.amazonaws.com
col.eum-appdynamics.com
Apex Domain
Subdomains		 Transfer
9 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1058
108 KB
9 shaw.ca
signin.shaw.ca — Cisco Umbrella Rank: 712301
92 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 216
shaw.demdex.net — Cisco Umbrella Rank: 172309
6 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1655
load77.exelator.com — Cisco Umbrella Rank: 4075
2 KB
3 qualtrics.com
zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 768
25 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
956 B
2 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 3662
61 KB
2 pingdom.net
rum-static.pingdom.net — Cisco Umbrella Rank: 5926
rum-collector-2.pingdom.net — Cisco Umbrella Rank: 5537
3 KB
1 eum-appdynamics.com
col.eum-appdynamics.com — Cisco Umbrella Rank: 2555
735 B
1 2o7.net
shawtelevision.112.2o7.net
344 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1085
517 B
1 tealiumiq.com
datacloud.tealiumiq.com — Cisco Umbrella Rank: 6107
748 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 58
21 KB
1 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3322
74 KB
39 14
Domain Requested by
9 tags.tiqcdn.com signin.shaw.ca
tags.tiqcdn.com
9 signin.shaw.ca 92.119.159.3
signin.shaw.ca
3 dpm.demdex.net tags.tiqcdn.com
2 cm.g.doubleclick.net 2 redirects
2 loadm.exelator.com 2 redirects
2 siteintercept.qualtrics.com cdn.appdynamics.com
2 cdn.appdynamics.com tags.tiqcdn.com
cdn.appdynamics.com
1 col.eum-appdynamics.com cdn.appdynamics.com
1 load77.exelator.com
1 shawtelevision.112.2o7.net
1 cm.everesttech.net 1 redirects
1 shaw.demdex.net cdn.appdynamics.com
1 rum-collector-2.pingdom.net cdn.appdynamics.com
1 zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com cdn.appdynamics.com
1 datacloud.tealiumiq.com tags.tiqcdn.com
1 www.google-analytics.com tags.tiqcdn.com
1 t.contentsquare.net tags.tiqcdn.com
1 rum-static.pingdom.net tags.tiqcdn.com
39 18

This site contains links to these domains. Also see Links.

Domain
www.shaw.ca
business.shaw.ca
webmail.shaw.ca
Subject Issuer Validity Valid
mysjrbcable.com
R3		 2023-05-27 -
2023-08-25		 3 months crt.sh
san.shaw.ca
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-16 -
2023-12-13		 6 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
pingdom.net
Cloudflare Inc ECC CA-3		 2022-11-13 -
2023-11-13		 a year crt.sh
t.contentsquare.net
Amazon RSA 2048 M01		 2023-02-21 -
2023-11-11		 9 months crt.sh
*.appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-21 -
2024-07-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.tealiumiq.com
Amazon RSA 2048 M01		 2023-07-26 -
2024-08-23		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-03-26		 a year crt.sh
*.pingdom.net
Amazon RSA 2048 M01		 2023-02-10 -
2023-12-20		 10 months crt.sh
*.112.2o7.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-10		 a year crt.sh
*.eum-appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-14 -
2024-07-14		 a year crt.sh

This page contains 2 frames:

Primary Page: https://92.119.159.3/
Frame ID: D0145577F51CFCF04E3F12D5DC6369BF
Requests: 36 HTTP requests in this frame

Frame: https://shaw.demdex.net/dest5.html?d_nsid=0
Frame ID: CB71E03D26902DEE87C364806FDC69EE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shaw - Update Billing Information

Page URL History Show full URLs

  1. http://92.119.159.3/ HTTP 301
    https://92.119.159.3/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

82 %
HTTPS

24 %
IPv6

14
Domains

18
Subdomains

15
IPs

5
Countries

456 kB
Transfer

1571 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://92.119.159.3/ HTTP 301
    https://92.119.159.3/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://cm.everesttech.net/cm/dd?d_uuid=45748711066693330533007889125797282162 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZMZ77AAAADpAYgOJ
Request Chain 35
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=45748711066693330533007889125797282162 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=45748711066693330533007889125797282162&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 36
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDU3NDg3MTEwNjY2OTMzMzA1MzMwMDc4ODkxMjU3OTcyODIxNjI= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDU3NDg3MTEwNjY2OTMzMzA1MzMwMDc4ODkxMjU3OTcyODIxNjI=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEE16smsFKB1VweZroZugmzo&google_cver=1?gdpr=0&gdpr_consent=

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
92.119.159.3/
Redirect Chain
  • http://92.119.159.3/
  • https://92.119.159.3/
21 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://92.119.159.3/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.119.159.3 Moscow, Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
e-oakro.org.uk
Software
nginx / PleskLin
Resource Hash
2ffe70f7c5b6465f6b2638b21e019226099d6f065fdff4d0f7a8762e83644d38

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Sun, 30 Jul 2023 15:04:09 GMT
etag
W/"64716108-5489"
last-modified
Sat, 27 May 2023 01:46:48 GMT
server
nginx
x-powered-by
PleskLin

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sun, 30 Jul 2023 15:04:09 GMT
Location
https://92.119.159.3/
Server
nginx
bootstrap.min.css
signin.shaw.ca/assets/css/ 		190 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signin.shaw.ca/assets/css/bootstrap.min.css
Requested by
Host: 92.119.159.3
URL: https://92.119.159.3/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.131.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-131-195.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jul 2023 15:04:10 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Wed, 28 Jun 2023 02:01:56 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store
content-length
27513
expires
Sun, 30 Jul 2023 15:04:10 GMT
consolidated-style.css
92.119.159.3/ 		143 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://92.119.159.3/consolidated-style.css
Requested by
Host: 92.119.159.3
URL: https://92.119.159.3/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.119.159.3 Moscow, Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
e-oakro.org.uk
Software
nginx / PleskLin
Resource Hash
7d8ad769314517452cbe37ac8ab7a641ed0b051308d0d77c2c8a30c5bcd1556a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:04:09 GMT
content-encoding
br
last-modified
Sat, 27 May 2023 01:46:46 GMT
server
nginx
etag
W/"64716106-23cbc"
x-powered-by
PleskLin
content-type
text/css
consolidated-masthead.css
signin.shaw.ca/assets/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signin.shaw.ca/assets/css/consolidated-masthead.css
Requested by
Host: 92.119.159.3
URL: https://92.119.159.3/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.131.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-131-195.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ffa650c99d2ab1f576f34e4db663f8ef8d962b28f53c3b0db0f85c50db533d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jul 2023 15:04:10 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Wed, 28 Jun 2023 02:01:56 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store
content-length
4050
expires
Sun, 30 Jul 2023 15:04:10 GMT
consolidated-footer.css
signin.shaw.ca/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signin.shaw.ca/assets/css/consolidated-footer.css
Requested by
Host: 92.119.159.3
URL: https://92.119.159.3/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.131.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-131-195.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8122789605535d11db8df7637f82781735476bcb1d291c78b605985d4157dfae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jul 2023 15:04:10 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Tue, 27 Jun 2023 23:48:25 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store
content-length
1570
expires
Sun, 30 Jul 2023 15:04:10 GMT
jquery.min.js
signin.shaw.ca/assets/js/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.shaw.ca/assets/js/jquery.min.js
Requested by
Host: 92.119.159.3
URL: https://92.119.159.3/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.131.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-131-195.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jul 2023 15:04:10 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Wed, 28 Jun 2023 02:01:56 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-length
31085
expires
Sun, 30 Jul 2023 15:04:10 GMT
bootstrap.min.js
signin.shaw.ca/assets/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.shaw.ca/assets/js/bootstrap.min.js
Requested by
Host: 92.119.159.3
URL: https://92.119.159.3/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.131.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-131-195.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
consolidated-script.js
signin.shaw.ca/assets/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.shaw.ca/assets/js/consolidated-script.js
Requested by
Host: 92.119.159.3
URL: https://92.119.159.3/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.131.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-131-195.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d6200a45ac6b2de144501a150b364c772c5c3f8c1be7a70bb47441b9189b8989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jul 2023 15:04:10 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Thu, 29 Jun 2023 21:08:22 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-length
4059
expires
Sun, 30 Jul 2023 15:04:10 GMT
mail-new.png
signin.shaw.ca/assets/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signin.shaw.ca/assets/images/mail-new.png
Requested by
Host: signin.shaw.ca
URL: https://signin.shaw.ca/assets/css/consolidated-masthead.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.131.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-131-195.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b23e4e5b5ff1cc0bba8d21f685b90f5a3a2825c9a19b821ca7f2e22da615fef1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://signin.shaw.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:04:10 GMT
cache-control
must-revalidate, max-age=0
referrer-policy
origin
last-modified
Tue, 06 Jun 2023 18:52:45 GMT
content-length
13082
content-type
image/png
contact-new.png
signin.shaw.ca/assets/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signin.shaw.ca/assets/images/contact-new.png
Requested by
Host: signin.shaw.ca
URL: https://signin.shaw.ca/assets/css/consolidated-masthead.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.131.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-131-195.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6014d9f259183e2191d47425d562172ca5c2237ee1d4846e7664ea1c02a99946

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://signin.shaw.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:04:10 GMT
cache-control
must-revalidate, max-age=0
referrer-policy
origin
last-modified
Tue, 06 Jun 2023 18:52:45 GMT
content-length
6822
content-type
image/png
myshaw-logo.png
signin.shaw.ca/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signin.shaw.ca/assets/images/myshaw-logo.png
Requested by
Host: 92.119.159.3
URL: https://92.119.159.3/consolidated-style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.131.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-131-195.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
614d39f4274ca8032f469c43df74c5af86bd4253c9f52108a18525d112420e0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:04:11 GMT
cache-control
must-revalidate, max-age=0
referrer-policy
origin
last-modified
Tue, 06 Jun 2023 15:03:03 GMT
content-length
4268
content-type
image/png
TedNext-SemiBold.woff2
signin.shaw.ca/assets/fonts/ 		0
0
TedNext-Regular.woff2
signin.shaw.ca/assets/fonts/ 		0
0
utag.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		127 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Requested by
Host: signin.shaw.ca
URL: https://signin.shaw.ca/assets/js/consolidated-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:c800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1cfc78c02d85921044543f4fafcf55adc7de2c70c9a3bd958a84240d1385899

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
SUdr.s9uNlnnvC3Q5ToQSmKll.ryhc0I
content-encoding
br
via
1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
date
Sun, 30 Jul 2023 15:04:12 GMT
last-modified
Tue, 27 Jun 2023 19:34:16 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
x-amz-server-side-encryption
AES256
etag
W/"8a464122e737654e5524f738fc216c5c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
Qr8Z4kXMwYHcBBNV9TBLhb3rJfUUZg9kbgb-i07b91_-7sojkOoWCA==
prum.min.js
rum-static.pingdom.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum-static.pingdom.net/prum.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3768 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d5cfe14d65accc4bd1df0d7c3bb65be70d0f4e94a5f9d40465343a2807548ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:04:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 06:22:29 GMT
server
cloudflare
age
3303
etag
W/"63490025-1849"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
7eee7e1f3dde361d-FRA
utag.8.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.8.js?utv=ut4.49.202306271933
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:c800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eac33e70800aa278366b7975e0bc5b1f24df69515e93c9f38e020b4eec6c651e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
IFvHJ_CeHIj.TDG25ZGP7O7bbzzrIamx
content-encoding
br
via
1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
date
Sun, 30 Jul 2023 15:04:12 GMT
last-modified
Tue, 27 Jun 2023 19:34:14 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
x-amz-server-side-encryption
AES256
etag
W/"1cdf0fc0e2f46346aefc1b7411e4a9f1"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
s3bL2r9BXSKEqLHEBGiFFkpZ81mXn3mWwo4w7N0XfGvLsAymlflwbw==
utag.9.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.9.js?utv=ut4.49.202106031942
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:c800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f555e834f9f2d48fbea5e8ee4f715a5770247fde85842cc9c2c58e3bc7b7196d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
RfSwAnjM9E36ufyDzBhBfELMAJS.vuvv
content-encoding
br
via
1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
date
Sun, 30 Jul 2023 15:04:12 GMT
last-modified
Tue, 27 Jun 2023 19:34:14 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
x-amz-server-side-encryption
AES256
etag
W/"362a1855f40a174487c7c96ad3a01b82"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
50WAUfQOprZUwxJoV2L804y0BK9tYfTGStpCkOJvWv3DTimj-uzmmw==
utag.12.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		168 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.12.js?utv=ut4.49.202204081634
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:c800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92c7a8f8354bccbe2dc2f69226644a5e0dfe9d56c1595d4f985d601266997c73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
pHFC.4N2XfjZzo.RLMPInDN5xr9ihn40
content-encoding
br
via
1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
date
Sun, 30 Jul 2023 15:04:12 GMT
last-modified
Tue, 27 Jun 2023 19:34:16 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
x-amz-server-side-encryption
AES256
etag
W/"ac2cbfb86f79f2c0fa08cd6443da1618"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
H8pVCFdYLfV2qzWwRAwJYDvsXR7NkksdQv6W_H1c9acDbgFYKuHRjg==
utag.14.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.14.js?utv=ut4.49.201812042013
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:c800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b87d54252c81a1af4c14ca33ada842fe089a6f5b06c3686f76256821429951fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
v7HikWS9tqInlNlNm0_5F.Bu2x1XKWBn
content-encoding
br
via
1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
date
Sun, 30 Jul 2023 15:04:12 GMT
last-modified
Tue, 27 Jun 2023 19:34:16 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
x-amz-server-side-encryption
AES256
etag
W/"7de1d5df501998c726055631f6d8c588"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
Q66DJd69vdkuJ_m21gyVBJm5lABYkqfqY3frtNZRd4pguEqxAF4uyw==
utag.44.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.44.js?utv=ut4.49.202207131610
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:c800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5f32e048090aae63735f826706691a8942d831a357ba0d09673c5b51e3a7a6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
Y2pfQ_vLCq6LH4R6fEqQXNoar.qfsxrY
content-encoding
br
via
1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
date
Sun, 30 Jul 2023 15:04:12 GMT
last-modified
Tue, 27 Jun 2023 19:34:15 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
x-amz-server-side-encryption
AES256
etag
W/"dd5b2b9fd2f2c4d7064c8625e5912e31"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
fU6cKSFR185sSnE7ZOmpuSTKpjycoNS6O7HGQRgbqiyHt4rbOPhiYQ==
utag.53.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.53.js?utv=ut4.49.202007131726
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:c800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1de3ff016fd3005633215ccbca318e5a48bc7b8e429155d7c6d71a9ea5676ef9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
T50NItPogtM00NPfm.jqUD850r955XuL
content-encoding
br
via
1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
date
Sun, 30 Jul 2023 15:04:12 GMT
last-modified
Tue, 27 Jun 2023 19:34:15 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
x-amz-server-side-encryption
AES256
etag
W/"85874a9abb8dafb08e3d48549de0bdfe"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
iN1YM2_bNP4NEPlbAZWtu0CttNt-W-9I89jGClQVXVREY2QowLQMRQ==
utag.57.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.57.js?utv=ut4.49.202306271933
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:c800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
377addddfee30412d0a75ec3339347bd69752347782a296a4e77d95c33520c8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
qz_u5pq9JNUTH_nsKUZoktY6FXvwDR04
content-encoding
br
via
1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
date
Sun, 30 Jul 2023 15:04:12 GMT
last-modified
Tue, 27 Jun 2023 19:34:14 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
x-amz-server-side-encryption
AES256
etag
W/"225d25c3bba906fb9eabcab6ad4b2ae7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
EE3sOQ-jT7deLurXabmLWk7n3O8fd2BLXbNZMU9SrlyBuhJ-0266AA==
b829dc86-7600-47e9-8cf6-4eb0c3528c7a.js
t.contentsquare.net/uxa/ 		338 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.contentsquare.net/uxa/b829dc86-7600-47e9-8cf6-4eb0c3528c7a.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-76.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a40778ec508e21f8687b6b93b6d75c1c698af0922fc49d03daa0d6baf7eeb85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:04:11 GMT
content-encoding
br
via
1.1 3ddbbcaacc1ba68ddfab04ef45c3ca98.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
75341
last-modified
Tue, 25 Jul 2023 14:51:13 GMT
server
AmazonS3
etag
"0b4503b9bea5431d275a2d40f5951f07"
vary
Accept-Encoding, Origin
content-type
application/javascript;charset=utf-8
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
nFJZkFjl2-Q0NoYn3qsbXoOAxZmUrYNcIc1xDDXOjXltFO_3M7pKuQ==
adrum-latest.js
cdn.appdynamics.com/adrum/ 		111 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-latest.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.52.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-52-23.cdg50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
a6a1420f8ab5ad1b3760099a446859f6e47b713df0331aa53ed8f3562a2722e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 06:01:39 GMT
content-encoding
gzip
via
1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
2278952
x-cache
Hit from cloudfront
last-modified
Thu, 29 Jun 2023 15:00:06 GMT
server
nginx/1.16.1
etag
W/"649d9c76-1ba86"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
AUk_AryERaSa48fYKQAUfZWm-lCE3hCpdxBcytFfXnfQ_Xjf2JVDRw==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Jul 2023 13:44:24 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4787
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 30 Jul 2023 15:44:24 GMT
i.gif
datacloud.tealiumiq.com/shaw/main/2/ 		43 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datacloud.tealiumiq.com/shaw/main/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.44.js?utv=ut4.49.202207131610
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.160.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-160-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://92.119.159.3/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryNfSU4pV2c46pfBOK

Response headers

date
Sun, 30 Jul 2023 15:04:11 GMT
x-serverid
uconnect_i-07be21be015dc0884
x-tid
0189a7540f4800329df0045132ca03074001506c00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
shaw:main:2:datacloud
x-region
eu-central-1
content-length
43
pragma
no-cache
x-did
0189a7540f4800329df0045132ca03074001506c00b08
vary
Origin
content-type
image/gif
access-control-allow-origin
https://92.119.159.3
x-ulver
15a91d1b3b2314d52bfe9b22c635c18188e84a03-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
d0d504ed-b685-4391-9260-c6e9addf687f
expires
Sun, 30 Jul 2023 15:04:11 GMT
id
dpm.demdex.net/ 		752 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5F34123F5245B4A70A490D45%40AdobeOrg&d_nsid=0&ts=1690729451795
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.199.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-199-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
72c5e480ecf8ba2d547510a35f10676ccd1ac0585552ba2b0e37da6e735cbe03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://92.119.159.3/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v050-086da38e5.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
h3eGDa+4Sts=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://92.119.159.3
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
483
Expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=shaw/uts-shaw-myaccount/202306271933&cb=1690729451801
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:c800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Sun, 30 Jul 2023 14:57:04 GMT
via
1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
age
455
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
Bq5zsPYiwFVQabAcbo6tMGgAhzxPOWElYBSeocicJUScOSFMKGe2Jg==
/
zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_eEBGNDcL8eo8iX3&Q_LOC=https%3A%2F%2F92.119.159.3%2F
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e45bdd03101b93ae591fb7be6ed0b2b1e3e4d17839b3d5125aadd96c3cb5799
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:04:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
463037
cf-polished
origSize=9073
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"2371-uqtvlvg7EEVf5Auvk6lIeKkvCqU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7eee7e231eea0414-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
adrum-ext.bf71fe39e20d2aa8ad53d37ab6377745.js
cdn.appdynamics.com/ 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.bf71fe39e20d2aa8ad53d37ab6377745.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.52.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-52-23.cdg50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
c467bda1165bf9045b308d280d552bce7c33d99d5a6c341d6093956a8b1da2a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 12:03:30 GMT
content-encoding
gzip
via
1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
1134041
x-cache
Hit from cloudfront
last-modified
Tue, 27 Jun 2023 21:01:36 GMT
server
nginx/1.16.1
etag
W/"649b4e30-d381"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ImsNG7dlzO4EKFKxjbVCrL0MTnblaEFdP7_AuNqojjFaCLKbO4teOg==
beacon.gif
rum-collector-2.pingdom.net/img/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=53ce90f5abe53d1f69f80a08&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=120&cE=238&dLE=120&dLS=120&fS=119&hS=177&rE=-1&rS=-1&reS=239&resS=339&resE=339&uEE=-1&uES=-1&dL=342&dI=1753&dCLES=1753&dCLEE=1753&dC=2847&lES=2847&lEE=2849&s=nt&title=Shaw%20-%20Update%20Billing%20Information&path=https%3A%2F%2F92.119.159.3%2F&ref=&sId=r8bxnmk1&sST=1690729451&sIS=1&rV=0&v=1.4.1
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.126.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-126-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 30 Jul 2023 15:04:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
dest5.html
shaw.demdex.net/ Frame CB71 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shaw.demdex.net/dest5.html?d_nsid=0
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.199.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-199-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://92.119.159.3/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v050-0f5aebd0f.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
qKyETkWaQ/M=
content-encoding
gzip
date
Sun, 30 Jul 2023 15:04:12 GMT
last-modified
Wed, 28 Jun 2023 13:20:50 GMT
vary
accept-encoding
ibs:dpid=411&dpuuid=ZMZ77AAAADpAYgOJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=45748711066693330533007889125797282162
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZMZ77AAAADpAYgOJ
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZMZ77AAAADpAYgOJ
Protocol
HTTP/1.1
Server
54.154.199.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-199-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-0430d195e.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
XppnSZ38Si0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZMZ77AAAADpAYgOJ
Date
Sun, 30 Jul 2023 15:04:12 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s92670349668662
shawtelevision.112.2o7.net/b/ss/shawutsdevelopment/1/JS-2.22.3/ 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shawtelevision.112.2o7.net/b/ss/shawutsdevelopment/1/JS-2.22.3/s92670349668662?AQB=1&ndh=1&pf=1&t=30%2F6%2F2023%2015%3A4%3A11%200%200&sdid=6C5EAA046836EBCA-17EEE8DFC2FF2325&mid=45510277537812929053020615247926060070&aamlh=6&ce=UTF-8&ns=Shaw&cdp=4&pageName=login%7Cmyacct-cable-web&g=https%3A%2F%2F92.119.159.3%2F&cc=cad&ch=myacct-cable-web&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=login%7Cmyacct-cable-web&v1=login%7Cmyacct-cable-web&c2=myacct-cable-web&v2=myacct-cable-web&c4=New&v4=New&c5=15&v5=15&c8=my%20account%20web%20signin&v8=my%20account%20web%20signin&c9=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F115.0.5790.110%20Safari%2F537.36&v9=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F115.0.5790.110%20Safari%2F537.36&c10=https%3A%2F%2F92.119.159.3%2F&v10=https%3A%2F%2F92.119.159.3%2F&c11=2.22.3&v11=2.22.3&v13=45510277537812929053020615247926060070&c14=english&v14=english&c16=%7Cundefined%7Cundefined&c17=1&c19=logged-out&v19=logged-out&c22=desktop&v25=0189a7540f4800329df0045132ca03074001506c00b08%7C1690729451336&v63=0.5976737178110523_1690729451799&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5F34123F5245B4A70A490D45%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.135 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-135.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jul 2023 15:04:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jul 2023 15:04:12 GMT
server
jag
etag
3630813853066362880-4619875383469720114
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 29 Jul 2023 15:04:12 GMT
12.ab92b717dec244c92313.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.ab92b717dec244c92313.chunk.js?Q_CLIENTVERSION=1.95.0&Q_CLIENTTYPE=web&Q_BRANDID=92.119.159.3
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa2b97a967263d27c2f5591098fdae938891217f7288d1bf03b800963c3d270
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92.119.159.3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:04:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
507355
cf-polished
origSize=70533
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 29 Jun 2023 19:16:39 GMT
cf-bgj
minify
server
cloudflare
etag
W/"11385-18908960dd8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7eee7e236f590414-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		57 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_eEBGNDcL8eo8iX3&Q_CLIENTVERSION=1.95.0&Q_CLIENTTYPE=web
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
191c90e801eda262d5d782185a06b18569d22fa74974b8e907900f3a32543ff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://92.119.159.3/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 30 Jul 2023 15:04:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://92.119.159.3
cache-control
must-revalidate, max-age=300
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
f0c57bcdf2343d7a
cf-ray
7eee7e23bfe00414-FRA
timing-allow-origin
*
pixel.gif
load77.exelator.com/ Frame CB71
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=45748711066693330533007889125797282162
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=45748711066693330533007889125797282162&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Protocol
H2
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shaw.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 30 Jul 2023 15:04:12 GMT
x-cache
HIT
x-77-cache
HIT
x-age
178619
x-accel-date
1690550833
content-length
43
x-77-nzt
AZySIYswCjL/u7kCAA
x-accel-expires
@1691587633
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
etag
"59f0c3fc-2b"
x-77-nzt-ray
cf878727bb5cf515ec7bc6640349ef19
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes

Redirect headers

date
Sun, 30 Jul 2023 15:04:12 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
ibs:dpid=771&dpuuid=CAESEE16smsFKB1VweZroZugmzo&google_cver=1
dpm.demdex.net/ Frame CB71
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDU3NDg3MTEwNjY2OTMzMzA1MzMwMDc4ODkxMjU3OTcyODIxNjI=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDU3NDg3MTEwNjY2OTMzMzA1MzMwMDc4ODkxMjU3OTcyODIxNjI=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEE16smsFKB1VweZroZugmzo&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEE16smsFKB1VweZroZugmzo&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
54.154.199.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-199-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shaw.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-086da38e5.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ZT1M6GT4Qf8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sun, 30 Jul 2023 15:04:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEE16smsFKB1VweZroZugmzo&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/APP_KEY_NOT_SET/ 		0
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/APP_KEY_NOT_SET/adrum
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.bf71fe39e20d2aa8ad53d37ab6377745.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.128.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-128-255.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://92.119.159.3/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Jul 2023 15:04:15 GMT
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
access-control-allow-headers
origin, content-type, accept
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
signin.shaw.ca
URL
https://signin.shaw.ca/assets/fonts/TedNext-SemiBold.woff2
Domain
signin.shaw.ca
URL
https://signin.shaw.ca/assets/fonts/TedNext-Regular.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Shaw (Telecommunication)

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| checkform function| $ function| jQuery string| siteName string| pageCode string| utag_url object| utag_data function| modifyLinksForDirect function| openChatWindow function| openEmailWindow function| openDirectChatWindow function| openDirectChatWindowFr function| openDirectEmailWindow function| openDirectEmailWindowFr function| closeNav function| signInClicked function| openHelp function| openVodRegister function| openVodLearnMore function| openVodForgot function| openTveLearnMore function| openAkamaiEnGetStartedNowClick function| openAkamaiFrGetStartedNowClick function| openAkamaiCreateShawIdClick function| openAkamaiForgetShawIdClick function| akamaiUnderlineActiveSlide function| openModal function| checkButtonEnable function| getParameterByName function| setAnalyticsCallData function| detectDevice function| isBrowserSupported object| errMsg boolean| utag_condload object| utag function| loadLibrary object| _prum function| get_url_param function| geoip function| order_total function| order_id function| order_currency function| rgu_count function| product_names function| product_order_types function| lead_form_name function| lead_form_name_clean function| eoid function| is_thanks boolean| __tealium_twc_switch function| get_geo function| aid_prioritize function| cid_prioritize function| tealium_enrichment object| deviceDetector function| clickTrackEvent string| ClickTalePIISelector function| translate_id object| qualified_audiences object| sorted_audience object| priotized_audience_list object| qualified_contentid object| sorted_contentid object| priotized_contentid_list object| adobe function| Visitor object| _uxa string| ZN_eEBGNDcL8eo8iX3_ed string| ZN_eEBGNDcL8eo8iX3_sampleRate string| ZN_eEBGNDcL8eo8iX3_url undefined| sobject function| MediaHeartbeat function| MediaHeartbeatConfig function| MediaHeartbeatDelegate function| TealiumMediaHeartbeatDelegate object| ADB number| c object| CS_CONF object| CS_INTEGRATIONS_CONF object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen object| csquerySelector object| csquerySelectorAll function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| UXAnalytics string| GoogleAnalyticsObject function| ga object| s function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in number| s_objectID number| s_giq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ADRUM number| adrum-start-time object| s_Obj function| s_PPVevent object| eventListenerMap number| s_PPVt object| s_i_shawutsdevelopment object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.95.0

17 Cookies

Domain/Path Name / Value
.tealiumiq.com/ Name: TAPID
Value: shaw/main>0189a7540f4800329df0045132ca03074001506c00b08|
.demdex.net/ Name: demdex
Value: 45748711066693330533007889125797282162
92.119.159.3/ Name: AMCVS_5F34123F5245B4A70A490D45%40AdobeOrg
Value: 1
92.119.159.3/ Name: p_url
Value: https%3A%2F%2F92.119.159.3%2F
92.119.159.3/ Name: s_nr
Value: 1690729451985-New
92.119.159.3/ Name: gpv
Value: login%7Cmyacct-cable-web
92.119.159.3/ Name: s_ppvl
Value: %5B%5BB%5D%5D
92.119.159.3/ Name: s_depth
Value: 1
92.119.159.3/ Name: s_cc
Value: true
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZMZ77AAAADpAYgOJ
.dpm.demdex.net/ Name: dpm
Value: 45748711066693330533007889125797282162
92.119.159.3/ Name: AMCV_5F34123F5245B4A70A490D45%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19569%7CMCMID%7C45510277537812929053020615247926060070%7CMCAAMLH-1691334251%7C6%7CMCAAMB-1691334251%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1690736651s%7CNONE%7CMCSYNCSOP%7C411-19576%7CvVersion%7C5.2.0
.demdex.net/ Name: dextp
Value: 3-1-1690729452205|771-1-1690729452306
92.119.159.3/ Name: s_ppv
Value: login%257Cmyacct-cable-web%2C100%2C100%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CL
.exelator.com/ Name: EE
Value: "cbd0050f874b907b313f57ca1ca9c7f8"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSE5KcXAwNQgzcLcJMnSwDzJ2NA4zdQ8OdEwOdEy2TzNYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQdEl%252BUWb6IhfXxUUpaQyLSopPBR%252B5vAoAsCQrAw%253D%253D"
.doubleclick.net/ Name: IDE
Value: AHWqTUmYc3FwiBeienOUW_TJJ4AQQJszx5zcZ4KcC_oc00qpLhyedE6jXmm48O5ISFU

5 Console Messages

Source Level URL
Text
network error URL: https://signin.shaw.ca/assets/js/bootstrap.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://92.119.159.3/
Message:
Access to font at 'https://signin.shaw.ca/assets/fonts/TedNext-Regular.woff2' from origin 'https://92.119.159.3' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://signin.shaw.ca/assets/fonts/TedNext-Regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://92.119.159.3/
Message:
Access to font at 'https://signin.shaw.ca/assets/fonts/TedNext-SemiBold.woff2' from origin 'https://92.119.159.3' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://signin.shaw.ca/assets/fonts/TedNext-SemiBold.woff2
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.appdynamics.com
cm.everesttech.net
cm.g.doubleclick.net
col.eum-appdynamics.com
datacloud.tealiumiq.com
dpm.demdex.net
load77.exelator.com
loadm.exelator.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
shaw.demdex.net
shawtelevision.112.2o7.net
signin.shaw.ca
siteintercept.qualtrics.com
t.contentsquare.net
tags.tiqcdn.com
www.google-analytics.com
zneebgndcl8eo8ix3-shaw.siteintercept.qualtrics.com
signin.shaw.ca
104.17.208.240
142.250.186.34
18.164.52.23
18.66.192.76
184.30.131.195
2600:9000:20c3:c800:7:2bfb:7c00:93a1
2606:4700:10::6816:3768
2a00:1450:4001:811::200e
2a02:6ea0:c700::18
34.254.143.3
52.208.181.207
52.215.126.166
52.26.128.255
52.59.160.246
54.154.199.42
63.140.62.135
92.119.159.3
191c90e801eda262d5d782185a06b18569d22fa74974b8e907900f3a32543ff9
1aa2b97a967263d27c2f5591098fdae938891217f7288d1bf03b800963c3d270
1d5cfe14d65accc4bd1df0d7c3bb65be70d0f4e94a5f9d40465343a2807548ae
1de3ff016fd3005633215ccbca318e5a48bc7b8e429155d7c6d71a9ea5676ef9
2a40778ec508e21f8687b6b93b6d75c1c698af0922fc49d03daa0d6baf7eeb85
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ffe70f7c5b6465f6b2638b21e019226099d6f065fdff4d0f7a8762e83644d38
377addddfee30412d0a75ec3339347bd69752347782a296a4e77d95c33520c8c
3ffa650c99d2ab1f576f34e4db663f8ef8d962b28f53c3b0db0f85c50db533d8
6014d9f259183e2191d47425d562172ca5c2237ee1d4846e7664ea1c02a99946
614d39f4274ca8032f469c43df74c5af86bd4253c9f52108a18525d112420e0b
6e45bdd03101b93ae591fb7be6ed0b2b1e3e4d17839b3d5125aadd96c3cb5799
72c5e480ecf8ba2d547510a35f10676ccd1ac0585552ba2b0e37da6e735cbe03
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d8ad769314517452cbe37ac8ab7a641ed0b051308d0d77c2c8a30c5bcd1556a
8122789605535d11db8df7637f82781735476bcb1d291c78b605985d4157dfae
92c7a8f8354bccbe2dc2f69226644a5e0dfe9d56c1595d4f985d601266997c73
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a6a1420f8ab5ad1b3760099a446859f6e47b713df0331aa53ed8f3562a2722e1
b23e4e5b5ff1cc0bba8d21f685b90f5a3a2825c9a19b821ca7f2e22da615fef1
b5f32e048090aae63735f826706691a8942d831a357ba0d09673c5b51e3a7a6c
b87d54252c81a1af4c14ca33ada842fe089a6f5b06c3686f76256821429951fe
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c467bda1165bf9045b308d280d552bce7c33d99d5a6c341d6093956a8b1da2a5
d6200a45ac6b2de144501a150b364c772c5c3f8c1be7a70bb47441b9189b8989
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eac33e70800aa278366b7975e0bc5b1f24df69515e93c9f38e020b4eec6c651e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cfc78c02d85921044543f4fafcf55adc7de2c70c9a3bd958a84240d1385899
f555e834f9f2d48fbea5e8ee4f715a5770247fde85842cc9c2c58e3bc7b7196d