www.sanca.fr
Open in
urlscan Pro
213.32.58.189
Malicious Activity!
Public Scan
Submission: On October 27 via api from QA
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 30th 2020. Valid for: 3 months.
This is the only time www.sanca.fr was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BT (Telecommunication)Domain & IP information
ASN22822 (LLNW, US)
PTR: https-68-142-68-29.any.llnw.net
img01.bt.co.uk | |
home.bt.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-49-247.eu-west-1.compute.amazonaws.com
dpm.demdex.net | |
britishtelecom.demdex.net |
ASN15169 (GOOGLE, US)
www.googletagservices.com | |
googleads.g.doubleclick.net | |
adservice.google.de | |
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net
www.googleadservices.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
smetrics.bt.com |
ASN15169 (GOOGLE, US)
825711ff9cafd96af736cce6da181fb4.safeframe.googlesyndication.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
bt.co.uk
img01.bt.co.uk |
274 KB |
7 |
doubleclick.net
securepubads.g.doubleclick.net googleads.g.doubleclick.net |
102 KB |
5 |
googlesyndication.com
825711ff9cafd96af736cce6da181fb4.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com |
14 KB |
5 |
adobedtm.com
assets.adobedtm.com |
64 KB |
4 |
bt.com
assets.bt.com home.bt.com smetrics.bt.com |
5 KB |
3 |
google.de
www.google.de adservice.google.de |
1 KB |
3 |
google.com
www.google.com adservice.google.com |
506 B |
3 |
demdex.net
dpm.demdex.net britishtelecom.demdex.net |
2 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net |
554 B |
1 |
googleadservices.com
www.googleadservices.com |
12 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
37 KB |
1 |
google-analytics.com
www.google-analytics.com |
18 KB |
1 |
googletagservices.com
www.googletagservices.com |
18 KB |
1 |
sanca.fr
www.sanca.fr |
31 KB |
58 | 14 |
Domain | Requested by | |
---|---|---|
23 | img01.bt.co.uk |
www.sanca.fr
img01.bt.co.uk |
5 | securepubads.g.doubleclick.net |
www.googletagservices.com
securepubads.g.doubleclick.net |
5 | assets.adobedtm.com |
www.sanca.fr
assets.adobedtm.com |
2 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
2 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
|
2 | www.google.de |
www.sanca.fr
|
2 | www.google.com |
www.sanca.fr
|
2 | googleads.g.doubleclick.net |
www.googleadservices.com
|
2 | smetrics.bt.com |
assets.adobedtm.com
www.sanca.fr |
2 | dpm.demdex.net |
assets.adobedtm.com
www.sanca.fr |
1 | 825711ff9cafd96af736cce6da181fb4.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.de |
securepubads.g.doubleclick.net
|
1 | cm.everesttech.net | 1 redirects |
1 | britishtelecom.demdex.net |
assets.adobedtm.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
assets.adobedtm.com
|
1 | www.google-analytics.com |
www.sanca.fr
|
1 | home.bt.com |
img01.bt.co.uk
|
1 | www.googletagservices.com |
www.sanca.fr
|
1 | assets.bt.com |
img01.bt.co.uk
|
1 | www.sanca.fr | |
58 | 22 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sanca.fr cPanel, Inc. Certification Authority |
2020-08-30 - 2020-11-28 |
3 months | crt.sh |
www.bt.com GeoTrust EV RSA CA 2018 |
2020-09-30 - 2021-10-05 |
a year | crt.sh |
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA |
2019-10-22 - 2021-10-01 |
2 years | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
smetrics.bt.com DigiCert SHA2 High Assurance Server CA |
2019-11-26 - 2021-03-03 |
a year | crt.sh |
www.google.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.google.de GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.sanca.fr/ajsas/Btold/b24a6fa62527998d8d3a1e29f5a363f3/log.html?cmd=_login-submit&dispatch=2b0eb0b15e2d725b9c1e33420bfb5cd4039d259b20879878c5e45a39501ad6d124a71318
Frame ID: 0BDA65FE47F64830F740A0C93FB5A781
Requests: 57 HTTP requests in this frame
Frame:
https://britishtelecom.demdex.net/dest5.html?d_nsid=0
Frame ID: D2EF83CBF41DB0472172F05E9C54750D
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: 2E497A8A9FF646885EDBA8BF7BFDAA9B
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Adobe DTM (Tag Managers) Expand
Detected patterns
- script /\/\/assets.adobedtm.com\//i
DoubleClick for Publishers (DFP) (Advertising Networks) Expand
Detected patterns
- script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
SiteCatalyst (Analytics) Expand
Detected patterns
- script /\/s[_-]code.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
41 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Find out more
Search URL Search Domain Scan URL
Title: visit MyBT
Search URL Search Domain Scan URL
Title: Find out more here.
Search URL Search Domain Scan URL
Title: MyBT
Search URL Search Domain Scan URL
Title: Visit our help page
Search URL Search Domain Scan URL
Title: visit My BT
Search URL Search Domain Scan URL
Title: Go back to BT.com >
Search URL Search Domain Scan URL
Title: www.yahoo.co.uk
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Title: Continue
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Title: password?
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: Email security
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: www.bt.com/secure
Search URL Search Domain Scan URL
Title: For business and public sector
Search URL Search Domain Scan URL
Title: For global business
Search URL Search Domain Scan URL
Title: BT Group
Search URL Search Domain Scan URL
Title: Wifi
Search URL Search Domain Scan URL
Title: BT Ireland
Search URL Search Domain Scan URL
Title: BT Shop
Search URL Search Domain Scan URL
Title: Business Direct
Search URL Search Domain Scan URL
Title: Openreach
Search URL Search Domain Scan URL
Title: The Phone Book
Search URL Search Domain Scan URL
Title: BT Wholesale
Search URL Search Domain Scan URL
Title: BT Redcare
Search URL Search Domain Scan URL
Title: Contact BT
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Codes of practice
Search URL Search Domain Scan URL
Title: Broadband Universal Service
Search URL Search Domain Scan URL
Title: Make a complaint
Search URL Search Domain Scan URL
Title: T&Cs
Search URL Search Domain Scan URL
Title: Modern Slavery Statement
Search URL Search Domain Scan URL
Title: BT Including You - helping you communicate
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 37- https://cm.everesttech.net/cm/dd?d_uuid=72475796485872228820158069316777399797 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=X5eJogAABlnrIi3-
58 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
log.html
www.sanca.fr/ajsas/Btold/b24a6fa62527998d8d3a1e29f5a363f3/ |
30 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common-reset.css
img01.bt.co.uk/s/assets/300817/css/ |
65 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.css
img01.bt.co.uk/s/assets/300817/css/ |
181 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aref.min.js
img01.bt.co.uk/s/assets/300817/js/ |
460 B 654 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satelliteLib-c3690ba362f19cd7b30e93b2322a2215d7988dd2.js
assets.adobedtm.com/30f1e21a9faf6694a4a570ef4bf0b87126ec4eff/ |
156 KB 47 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr_jquery_cookies.js
img01.bt.co.uk/s/assets/300817/js/ |
107 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mbox.js
img01.bt.co.uk/s/assets/300817/js/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dantegh.api-1.1.js
img01.bt.co.uk/s/assets/300817/js/ |
47 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BT_logo.png
img01.bt.co.uk/s/assets/300817/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dantegf.api-1.0.js
img01.bt.co.uk/s/assets/300817/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Base64.min.js
img01.bt.co.uk/s/assets/300817/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sha256.js
img01.bt.co.uk/s/assets/300817/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
img01.bt.co.uk/s/assets/300817/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5baccf3664746d56bd0041cc.js
assets.adobedtm.com/30f1e21a9faf6694a4a570ef4bf0b87126ec4eff/scripts/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 KB 42 KB |
Font
font/truetype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
override.css
assets.bt.com/v1/btcomd/assets/css/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
51 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajaxapic
home.bt.com/ |
3 KB 1 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responsive-footer.css
img01.bt.co.uk/s/assets/220620/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020102201.js
securepubads.g.doubleclick.net/gpt/ |
274 KB 97 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emailloginv.js
img01.bt.co.uk/s/assets/300817/js/ |
27 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
94 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s-code-contents-1898be9077ea4d02a9b84d4cc5f422064cbedccb.js
assets.adobedtm.com/30f1e21a9faf6694a4a570ef4bf0b87126ec4eff/ |
36 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5bfc2c7f64746d516c006b26.js
assets.adobedtm.com/30f1e21a9faf6694a4a570ef4bf0b87126ec4eff/scripts/ |
121 B 387 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5bfd0df964746d019e00dd1f.js
assets.adobedtm.com/30f1e21a9faf6694a4a570ef4bf0b87126ec4eff/scripts/ |
232 B 452 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
30 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responsive-footer.min.js
img01.bt.co.uk/s/assets/220620/js/ |
970 B 863 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-footer2018.svg
img01.bt.co.uk/s/assets/220620/images/logo/ |
1 KB 944 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg_graybutton.png
img01.bt.co.uk/s/assets/300817/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logintextboxbg.png
img01.bt.co.uk/s/assets/300817/images/ |
966 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LoginButtonBg.png
img01.bt.co.uk/s/assets/300817/images/ |
211 B 481 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons-sprite-8bit.png
img01.bt.co.uk/s/assets/300817/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BTFont_Rg.woff
img01.bt.co.uk/s/assets/220620/fonts/bt/ |
58 KB 58 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bttvicons.woff
img01.bt.co.uk/s/assets/220620/fonts/bt/ |
8 KB 8 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
dest5.html
britishtelecom.demdex.net/ Frame D2EF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
smetrics.bt.com/ |
48 B 504 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=X5eJogAABlnrIi3-
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1022810150/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1022810150/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1022810150/ |
42 B 153 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1022810150/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1022810150/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1022810150/ |
42 B 153 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 832 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 246 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ads
securepubads.g.doubleclick.net/gampad/ |
413 B 393 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
825711ff9cafd96af736cce6da181fb4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ads
securepubads.g.doubleclick.net/gampad/ |
403 B 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ads
securepubads.g.doubleclick.net/gampad/ |
423 B 421 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ads
securepubads.g.doubleclick.net/gampad/ |
418 B 392 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s63061706630266
smetrics.bt.com/b/ss/btcom/1/JS-2.17.0-D7QN/ |
43 B 222 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.9.2.custom.min.js
img01.bt.co.uk/s/assets/300817/js/ |
171 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bt.cookies.js
img01.bt.co.uk/s/assets/300817/globalheader/ |
0 259 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
8 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame 2E49 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 223 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BT (Telecommunication)134 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| e object| adobe function| Visitor object| _satellite object| s_c_il number| s_c_in object| btCookiesAPI object| Modernizr object| html5 function| yepnope function| $ function| jQuery string| mboxCopyright number| mboxVersion object| mboxFactories object| mboxFactoryDefault function| mboxLoadSCPlugin function| openPopup function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxFactory function| mboxSignaler function| mboxList function| mboxLocatorDefault function| mboxLocatorNode function| mboxCreate function| mboxDefine function| mboxUpdate function| mbox function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxSetCookie function| mboxGetCookie function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth function| mboxScPluginFetcher function| getInternetExplorerVersion boolean| jQueryScriptOutputted undefined| searchStatusVal object| DanteGH object| Encoder object| user function| jqdgh string| static_root string| s_pageName object| omni object| funccmd boolean| sportpage object| ads object| googletag string| loginpagetype object| emailConfig string| btapps_logout string| signinSecureHost string| ua boolean| browser object| DanteGF object| FooterEncoder object| portalcookie function| jqdgf object| footerconfig undefined| loadgf string| h object| _exhaust object| ggeac object| google_js_reporting_queue object| Base64 object| CryptoJS string| lvtcookie object| newEmailScript object| bt object| lbi function| downloadJSAtOnload string| s_account string| suiteId string| urlToSend function| decodeURL function| safeUrl string| GoogleAnalyticsObject function| ga number| j function| gtag object| dataLayer string| visitor_browsing_behaviour object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| google_tag_manager string| rebrandLogo string| oldlogo string| newlogo object| btEmailLogin function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| slottag object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| s_i_btcom function| DP_jQuery_1603766691038 object| GoogleGcLKhOms object| google_image_requests6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: dextp Value: 1123-1-1603766690943 |
|
.sanca.fr/ | Name: AMCV_0AA54673527831890A490D45%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18563%7CMCMID%7C75011273544116848471061824665379342712%7CMCAAMLH-1604371490%7C6%7CMCAAMB-1604371490%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1603773890s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18570%7CvVersion%7C4.4.0 |
|
.sanca.fr/ | Name: s_cc Value: true |
|
.demdex.net/ | Name: demdex Value: 72475796485872228820158069316777399797 |
|
.sanca.fr/ | Name: AMCVS_0AA54673527831890A490D45%40AdobeOrg Value: 1 |
|
.www.sanca.fr/ | Name: mbox Value: check#true#1603766751|session#1603766690396-835010#1603768551 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
825711ff9cafd96af736cce6da181fb4.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
assets.adobedtm.com
assets.bt.com
britishtelecom.demdex.net
cm.everesttech.net
dpm.demdex.net
googleads.g.doubleclick.net
home.bt.com
img01.bt.co.uk
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
smetrics.bt.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.sanca.fr
15.237.136.106
172.217.21.226
178.79.227.144
213.32.58.189
216.58.208.34
2a00:1450:4001:800::2002
2a00:1450:4001:806::2008
2a00:1450:4001:809::2001
2a00:1450:4001:809::200e
2a00:1450:4001:814::2003
2a00:1450:4001:815::2002
2a00:1450:4001:816::2001
2a00:1450:4001:819::2004
2a00:1450:4001:821::2002
2a02:26f0:6c00:299::1e80
34.248.49.247
66.117.28.86
68.142.68.29
0252517c90653f6614634fb2d48621d2d89024325085bb2428479598d3437adf
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0734d579b3f2820ba5a0eb1548fd1111a236a5518c39d85b9d0e210ea8840ca5
07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1
0b0e972443b3407a1067ab2d5c7ccd7f497e57b9dc8fe44f295249e64bd1b942
0bf5c3809b354d5683b9dd9a60be94cc3a6bd83a64655a4a88c4db7aac2bca7a
0ecb3475cf4c9e77ea32ee5b3dc7f82089279f449b15c0a1abf5c5231839d5a7
1377d1117ed253cbd2efb57e5d0567fb4bffdfa48fd258d241670b516e174d00
137f0da5d43b923edd1136cdca5dbe47da604f0165e75a85a37d451417307618
25ee49dde888e63943e86567ba1e980264c43c9d0c1dace192f40e3c70f14b1c
2b1930ba4a2e3f401d744fc3d55c2464a79736bfbc0f0875d98dca864b16449f
2b7d2f9d7a387dbbac27ca9a29ffd0122f558d0c75f02dbd44721ab64f1e86f0
2da7696abfdf3b28530e953a8d1d3b1f48309384094ba862de869fa4bcf3aae7
3a02e3952b63d0981e3020955b24d6182dd15f0ea8d6f07b41279b517a206b90
3ab188d6cbe03d181c10ede40d6292456677fd5fa6be9edd2b2f86649a223732
3b08992554ee957c4fa7e6f2a2a743bf222c14e3b641dbd36cb7a8998741a55d
496fddf37be40e82cd1a635641996f17cef3f316c0e883dc7e3498c6cfd7d5fc
54c73d5d65f3c8cb79e7016b07f3c49b02986eb1d6b9798bf85eb160ae787e74
5fec331e4a79b49d22b0c9dc7ea1db7f7b9daac7b405a1465b764d563a24b0c0
60508a28fdcc91e651bcfd814751959b01c593aa0069c4e63c3a653ce3b4d03a
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
64bedd57e310d3b3fe9958f126eb0f9f41dda092421a363b26ea4bb49c648a90
6699e4326deeeae9da76e69255b0a7c6099cf7caab76cadc7b09e0f19c13cf81
670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42
6a3a6e54c38776a066651e1f816154a8ae7fcb6311a1c862bf069b2036d2eb40
6c15da6e07c5e0c79941d5f3e5e5839e1b1d87d3f03badceb337e88bbe78609f
6f7c82862519e526ebb34df4ef6c15ac6cb55a732f3bc162ddd46ef1a5db3576
7583bdd341399e600785dab65ac725a95dced3b0054ed8ca9b8d69fbde04def8
7716c01c27d879b69a125969043fbdda146ee898fc69abc17ed83bc27c1b1e78
9ccb61031667dbac3cdba7043e98c6db961e044679dc28b81eb11031dd4ce45f
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2ea72aac1d255823b18f4e67a137511ba739e11b3d8267bdfe6ea63c43abb7d
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
acb6a1382ae869072f94fdbe0a4dad1b52f44410bb3e0e1dc8a40cacfc68a85e
af6d3249eaba1f625e5af9de0ff274223e82d58e967bda035518e98164eb06d7
b718a2fddbd618d866710240c50d97999befd26bcca4261fe94bc0aa6e15b394
c417c67e247cfa8674f7e1818818d315072f8a51d97768f19c21f3663bc12892
c471c762b4eb8ce3aac5aec2b1aac9bf9e8ccb8d2fe84d74c940e9ad2c5bc168
c5f82b0a249afe838c24e127133a8706da913f49cd63a6e58629b7aabda6c3d6
d1a596f14425ca6825185ffefef827af5e7958ef109eeb0bcc66dafbcd19131f
d4a986c22ae001e743c50f59d647eabba306e35899b7aec56992e37833bd7015
df32de5a0f701ff09a08264784fb56022000a81ae73f4944bb7b7c74d4f73fd4
e1ce16091cab7c6fdc596fc5e9b5dd25639c11666ab575ba71948bfa78be182a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef203c78f49eb32821e0c6ce993bb2d35a0c58fe770fe5ccbcfe5585a01e2ba4
f4157b900b00581b98a0c9a80ace8cd23f5d010e8abf1c56f3f143872f546e4f
fb4f69078c24ab4a77db8c99fd19f05ead8878306c9e79b08656feb9ebcc328e
fd0d734550d7944775dc7256567ac8b9b7433ea548f99c67bfd9b658c0ee4d09
fdfd68d01a7fd121ed8186178d6b5e271edd1f1470d262ee8b3226f6fa32f1ad