Submitted URL: https://is.gd/kwe3n9u9i
Effective URL: https://wandmidia.com/bell/bell/index.php
Submission: On April 18 via manual from US — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 29 HTTP transactions. The main IP is 162.241.60.229, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is wandmidia.com.
TLS certificate: Issued by R3 on April 13th 2022. Valid for: 3 months.
This is the only time wandmidia.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BCE-Bell (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
24 162.241.60.229 46606 (UNIFIEDLA...)
5 178.79.243.128 22822 (LLNW)
29 2
Apex Domain
Subdomains
Transfer
24 wandmidia.com
wandmidia.com
442 KB
5 llnwd.net
prdbellweb.hs.llnwd.net — Cisco Umbrella Rank: 940762
348 KB
1 is.gd
is.gd — Cisco Umbrella Rank: 55099
477 B
29 3
Domain Requested by
24 wandmidia.com wandmidia.com
5 prdbellweb.hs.llnwd.net wandmidia.com
1 is.gd 1 redirects
29 3

This site contains links to these domains. Also see Links.

Domain
www.bell.ca
support.bell.ca
business.bell.ca
bell.ca
www.bell.net
Subject Issuer Validity Valid
www.wandmidia.com
R3
2022-04-13 -
2022-07-12
3 months crt.sh
*.hs.llnwd.net
Sectigo RSA Organization Validation Secure Server CA
2021-04-07 -
2022-05-08
a year crt.sh

This page contains 1 frames:

Primary Page: https://wandmidia.com/bell/bell/index.php
Frame ID: 4F11823793D474EC949C3CA6F96276A7
Requests: 29 HTTP requests in this frame

Screenshot

Page Title

Log in to MyBell

Page URL History Show full URLs

  1. https://is.gd/kwe3n9u9i HTTP 301
    https://wandmidia.com/bell/ Page URL
  2. https://wandmidia.com/bell/bell/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

790 kB
Transfer

1681 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://is.gd/kwe3n9u9i HTTP 301
    https://wandmidia.com/bell/ Page URL
  2. https://wandmidia.com/bell/bell/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://is.gd/kwe3n9u9i HTTP 301
  • https://wandmidia.com/bell/

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
wandmidia.com/bell/
Redirect Chain
  • https://is.gd/kwe3n9u9i
  • https://wandmidia.com/bell/
126 B
220 B
Document
General
Full URL
https://wandmidia.com/bell/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
988ed47bd2feed583b05222cb8ffb3a5d23a544798daba2ac60226487851bd93

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
124
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 19:10:29 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
6fdfb3675eff91e9-FRA
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 19:10:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://wandmidia.com/bell/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6omkA1izLtpBm8%2FJMJQydDjQ6vNS19auk6WYzjtf18rdooxi%2F4BfSjyYZ1cPvvdSctu4zsZvJQvOn1qCjJ1CKozit2oDaXO0C3c51KvuXg8vYNiG%2BZkPdaW73opsOW161%2F8R"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request index.php
wandmidia.com/bell/bell/
74 KB
16 KB
Document
General
Full URL
https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
5da903d2ebd9e44462301dcaed36d2f255fbb59ff8838193feb7a56d8aa1eca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wandmidia.com/bell/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
16178
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 19:10:32 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
jquery-1.10.2.min897e.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/ids/js/
109 KB
44 KB
Script
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/ids/js/jquery-1.10.2.min897e.js?ver=201503250901
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
b3e63c4ec315ed13e0b37dc2f610f5ecbc0bacffd0b087218acc759a8f280c19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Wed, 25 Mar 2015 13:31:40 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
bell63c5.css
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/css/
530 KB
116 KB
Stylesheet
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell63c5.css?v=KWMHfim-FXrLpHIlJJtuYGqgV5uyFr_1Oy-knvCw0ss1&ver=00000000
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
1cad0c5bb505917be38547574af247d619547d81fe3a3497f8f2837258c2310f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Mon, 09 Mar 2020 04:59:58 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
belleddc.css
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/mybell/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/mybell/css/belleddc.css?v=azGaYwI8SRXgJvS99QbVVUShgJ93xdfucJK3fxCT60E1&ver=00000000
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
885d7ff1a9665e87b7be7322e23f41d27b75263f8b2c68dde45c5ec22aab7480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Mon, 09 Mar 2020 04:59:58 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1097
bellf98e.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/
100 KB
44 KB
Script
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/bellf98e.js?v=vkJeTCjQDbK6Tksw9ix_fVgtd31a5rr_n43vwMCQkF01&ver=00000000
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
19f6fb196888d9c007dfd35a30ea9b5e572b11e3311296960c9183383e4a143b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Mon, 09 Mar 2020 04:59:58 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
registrationFlow-login8880.css
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/mybell/css/page/
26 KB
8 KB
Stylesheet
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/mybell/css/page/registrationFlow-login8880.css?ver=202003090538
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
42f7a1af2bb884eef79470b860d7bff1e117f1e5f33d2fb155e69d5fc66a1938

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Sun, 09 Feb 2020 21:51:20 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
7948
registrationFlow-login65d5.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/mybell/js/
1002 B
458 B
Script
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/mybell/js/registrationFlow-login65d5.js?ver=201602291402
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
3c9ceb0468696f0712257c2609f7bec382a0e2d08b07fa5d21a51e9fe2638870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Mon, 29 Feb 2016 20:32:10 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
386
fonts8880.css
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/DCX/css/
2 KB
565 B
Stylesheet
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/DCX/css/fonts8880.css?ver=202003090538
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
3c7ca4acae314142bb67354282d6b55332cb79e1c3a27cd5b6d9125f1d69ff60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Sun, 07 Dec 2014 13:51:28 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
498
bell_custom_deprecatedbrowser_new8880.css
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/DCX/css/
1 KB
500 B
Stylesheet
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/DCX/css/bell_custom_deprecatedbrowser_new8880.css?ver=202003090538
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
85a01ecaf6de72e9eec841b78fe6ff100f9f8ebb5babde0f90426dffbc26ab3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Wed, 06 Jul 2016 18:31:14 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
445
bellea71.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/
368 KB
136 KB
Script
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/bellea71.js?v=UqF2RL8j_U2pdL0ie_4sDQmXXNQbLaDaUg5Lce4DYT81&ver=00000000
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
ffb81b066403ae723f4298630e392faded58b4998335991a0de6274fa75818c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Mon, 09 Mar 2020 04:59:58 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
mybell8611.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/
12 KB
4 KB
Script
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/mybell8611.js?v=CaWG4N5Kz4qgQJv4r5ILh0fIMHP63c4W1Cc5GUc8RlU1&ver=00000000
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
d00ef5f5ff992049bb675d419366257eff8560eae05178aa6d047dc9f56bfc6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Mon, 09 Mar 2020 04:59:58 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3691
Omniture8384.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/js/
20 KB
6 KB
Script
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/js/Omniture8384.js?ver=201604171611
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
e162f1f58dbf406684f9a865dd6b82a00cb6c36fd089d2be6897d6320b96b771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Sun, 17 Apr 2016 20:41:54 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5730
img_login_MyBell_spring_update5160.jpg
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Styles/images/
2 KB
2 KB
Image
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/Styles/images/img_login_MyBell_spring_update5160.jpg?ver=202001301323
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Thu, 23 Jan 2020 17:03:19 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
836
bell-icon-personb20b.png
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Styles/RSX/shop/img/
2 KB
2 KB
Image
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/Styles/RSX/shop/img/bell-icon-personb20b.png?ver=201511161503
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Thu, 23 Jan 2020 17:03:19 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
836
mybell-changing-plans-md5160.jpg
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/rsx/mybell/img/
2 KB
2 KB
Image
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/rsx/mybell/img/mybell-changing-plans-md5160.jpg?ver=202001301323
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Thu, 23 Jan 2020 17:03:19 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
836
entrust_seal4ad2.png
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/pfr/img/
8 KB
9 KB
Image
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/pfr/img/entrust_seal4ad2.png?ver=201406220823
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
4dc13e50e249b3654a85738c945beee2e7160b2210e31df9f5f26b2c089837c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
last-modified
Sun, 22 Jun 2014 14:53:08 GMT
server
Apache
accept-ranges
bytes
content-length
8609
content-type
image/png
s_code_bell14b6.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/resource/web/common/all_languages/all_regions/js/metrics/
0
0
Script
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/resource/web/common/all_languages/all_regions/js/metrics/s_code_bell14b6.js?v=23042015EH01&ver=201607271402
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Thu, 23 Jan 2020 17:03:19 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
836
ieDeprecatedBrowserJS754c.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/MYB/web/DCX/js/
7 KB
2 KB
Script
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/MYB/web/DCX/js/ieDeprecatedBrowserJS754c.js?ver=201707211503
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
cef697a926119ed2e9328e84e88e3a42b1987a64256c55066b37dc3f36883515

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Fri, 21 Jul 2017 19:33:22 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1991
oo_engine.min36c0.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/js/opinion_lab/
37 KB
15 KB
Script
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/js/opinion_lab/oo_engine.min36c0.js?ver=201604271428
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
e46a15ab15e3f7ef51a26465665b5123eddfb398dfeb0d208e77ce2280261c65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2016 18:58:10 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
15574
oo_conf_inlinead7b.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/js/opinion_lab/
1 KB
853 B
Script
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/js/opinion_lab/oo_conf_inlinead7b.js?ver=201610031730
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
af03614d99771e0f3786fda656e7020a7bb83ea098f7a29f78f8f3f0b10bd049

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Mon, 03 Oct 2016 22:00:30 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
798
inqChatLaunch10004127.js
wandmidia.com/bell/bell.inq.com/chatskins/launch/
0
0
Script
General
Full URL
https://wandmidia.com/bell/bell.inq.com/chatskins/launch/inqChatLaunch10004127.js
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Thu, 23 Jan 2020 17:03:19 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
836
bell-icon.woff
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/
23 KB
24 KB
Font
General
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/bell-icon.woff?ver=00000000
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell63c5.css?v=KWMHfim-FXrLpHIlJJtuYGqgV5uyFr_1Oy-knvCw0ss1&ver=00000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
407302e428fbdad65c7b34999f9b51aa918afb561950ff2b0ba5463ab60e5adc
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://wandmidia.com/
Origin
https://wandmidia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 19:10:33 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
67527
Connection
keep-alive
Content-Length
23228
X-XSS-Protection
1
Last-Modified
Wed, 23 Feb 2022 05:02:09 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Accept-Ranges
bytes
X-LLID
f45bfb660585d8af26449f4e209ab88b
Expires
Tue, 19 Apr 2022 00:25:06 GMT
bellslim_semibold-webfont.woff2
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/
19 KB
20 KB
Font
General
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/bellslim_semibold-webfont.woff2?ver=00000000
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell63c5.css?v=KWMHfim-FXrLpHIlJJtuYGqgV5uyFr_1Oy-knvCw0ss1&ver=00000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
41407c31a0d44bb952744a390decccd0a4ba5918e4ff89c860f2495d5ee7a7fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://wandmidia.com/
Origin
https://wandmidia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 19:10:33 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
14189
Connection
keep-alive
Content-Length
19348
X-XSS-Protection
1
Last-Modified
Sun, 19 Jan 2020 22:20:51 GMT
X-Generated-By
Q-C3-T01
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
ff9ddf8a53ed9d6f84b2a411ccc478e5
Expires
Tue, 19 Apr 2022 15:14:04 GMT
bellslim_medium-webfont.woff2
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/
19 KB
20 KB
Font
General
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/bellslim_medium-webfont.woff2?ver=00000000
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell63c5.css?v=KWMHfim-FXrLpHIlJJtuYGqgV5uyFr_1Oy-knvCw0ss1&ver=00000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
e36f3860d6fe12df58872c55cf1fb78b7a3fe86d9a27591bfda5d8ceb34a31f3
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.virginplus.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://wandmidia.com/
Origin
https://wandmidia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 19:10:33 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
15166
Connection
keep-alive
Content-Length
19880
X-XSS-Protection
1
Last-Modified
Sun, 19 Jan 2020 22:20:51 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.virginplus.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca
Accept-Ranges
bytes
X-LLID
8f0748f7ab16567d5e084e6a2a83bb37
Expires
Tue, 19 Apr 2022 14:57:47 GMT
img_login_MyBell_spring_update.jpg
wandmidia.com/bell/bell/Styles/images/
12 KB
12 KB
Image
General
Full URL
https://wandmidia.com/bell/bell/Styles/images/img_login_MyBell_spring_update.jpg
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/bell/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
990b97cae1816d8493aa0eac62bbd35b6aee07565fc98cb5a0df8bcc36258525
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wandmidia.com/bell/bell/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Mar 2020 12:10:22 GMT
server
Apache
content-type
image/jpeg
accept-ranges
bytes
content-length
12057
x-xss-protection
1; mode=block
bellslim_regular-webfont5e66.woff2
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/
19 KB
19 KB
Font
General
Full URL
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/bellslim_regular-webfont5e66.woff2?ver=00000000
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell63c5.css?v=KWMHfim-FXrLpHIlJJtuYGqgV5uyFr_1Oy-knvCw0ss1&ver=00000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-60-229.unifiedlayer.com
Software
Apache /
Resource Hash
3e4d8f00673f6a80b26a8565f9931374e1e9171553b078261a67772af7511629

Request headers

Referer
https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell63c5.css?v=KWMHfim-FXrLpHIlJJtuYGqgV5uyFr_1Oy-knvCw0ss1&ver=00000000
Origin
https://wandmidia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:10:33 GMT
last-modified
Mon, 20 Jan 2020 04:50:50 GMT
server
Apache
accept-ranges
bytes
content-length
19412
content-type
font/woff2
bell-icon-outline.woff
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/
270 KB
272 KB
Font
General
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/bell-icon-outline.woff?ver=00000000
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell63c5.css?v=KWMHfim-FXrLpHIlJJtuYGqgV5uyFr_1Oy-knvCw0ss1&ver=00000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
9b99b747bb3a0b0d62ee203263fbffee81a7524169a927c10b0318d511563559
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://wandmidia.com/
Origin
https://wandmidia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 19:10:33 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
84588
Connection
keep-alive
Content-Length
276560
X-XSS-Protection
1
Last-Modified
Thu, 07 Apr 2022 19:01:23 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Accept-Ranges
bytes
X-LLID
46864d55813cfb79a64a437d0c61ffd7
Expires
Mon, 18 Apr 2022 19:40:45 GMT
bellslim_black-webfont.woff2
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/
11 KB
12 KB
Font
General
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/bellslim_black-webfont.woff2?ver=00000000
Requested by
Host: wandmidia.com
URL: https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell63c5.css?v=KWMHfim-FXrLpHIlJJtuYGqgV5uyFr_1Oy-knvCw0ss1&ver=00000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
fe9e041b5ae5802ca35044060f054fe65ff2371f02ffaf1d897ec59152f7c2b0
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://wandmidia.com/
Origin
https://wandmidia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 19:10:33 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
14189
Connection
keep-alive
Content-Length
11668
X-XSS-Protection
1
Last-Modified
Sun, 24 Feb 2019 17:02:07 GMT
X-Generated-By
Q-C3-T06
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
07a3878a4e310957084de80142697694
Expires
Tue, 19 Apr 2022 15:14:04 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BCE-Bell (Telecommunication)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| jQRSX object| html5 object| Modernizr function| yepnope function| maskUnmaskPws object| DeviceAtlas object| BELL function| Waypoint function| Hammer object| Placeholders function| PassValuesToOmnitureVariables function| TrackVariables function| SendJSVariablesToOmniture function| PassValuesToOmnitureVariablesNew function| TrackVariablesNew function| SendJSVariablesToOmnitureNew function| SetUsagePageNames function| RemoveHtmlTags function| RemoveSepecialCharacters function| SetePostMobilityUsagePageNames function| getErrorVariablesFromJsonErrors function| getMessagesVariablesFromJson function| ParseErrorsJsonFromResponse function| ParseMessagesJsonFromResponse function| getAPTValue function| getClientDate function| getClientTime function| formatMsg function| formatMsgFirst100 function| queryJson function| queryJsonErrors function| FormatLightBoxContent function| Formatted_Omniture_LBContent function| Omniture_LBContent function| Omniture_LBTitleAndContent function| Omniture_LBContent_ErrorTracking function| PassAjaxErrorsToOmniture function| addOmnitureValidationError object| MessageCatgEnumJS function| IsBrowserMessageClosedByUser function| IsNonIEBrowserMessageClosedByUser function| IsBrowserUpgradedByUser function| IsLearnMoreClickedByUser function| IsCompatibilityBrowserMessageClosedByUser function| setCookie function| getCookieValue function| addListener function| handleOldBrowserDetection number| safeInqReinitchatCount function| safeInqReinitchat function| success

2 Cookies

Domain/Path Name / Value
wandmidia.com/ Name: PHPSESSID
Value: 1def802640875a46416969be43f84af0
wandmidia.com/ Name: DAPROPS
Value: "sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdeviceAspectRatio:1600/1200|sscreenWidthHeight:1600/1200|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0|srendererRef:01859640861|bE:0"

5 Console Messages

Source Level URL
Text
network error URL: https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/resource/web/common/all_languages/all_regions/js/metrics/s_code_bell14b6.js?v=23042015EH01&ver=201607271402
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://wandmidia.com/bell/bell.inq.com/chatskins/launch/inqChatLaunch10004127.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/rsx/mybell/img/mybell-changing-plans-md5160.jpg?ver=202001301323
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/Styles/RSX/shop/img/bell-icon-personb20b.png?ver=201511161503
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://wandmidia.com/bell/prdbellweb.hs.llnwd.net/Styles/images/img_login_MyBell_spring_update5160.jpg?ver=202001301323
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

is.gd
prdbellweb.hs.llnwd.net
wandmidia.com
162.241.60.229
178.79.243.128
2606:4700:20::ac43:5384
19f6fb196888d9c007dfd35a30ea9b5e572b11e3311296960c9183383e4a143b
1cad0c5bb505917be38547574af247d619547d81fe3a3497f8f2837258c2310f
3c7ca4acae314142bb67354282d6b55332cb79e1c3a27cd5b6d9125f1d69ff60
3c9ceb0468696f0712257c2609f7bec382a0e2d08b07fa5d21a51e9fe2638870
3e4d8f00673f6a80b26a8565f9931374e1e9171553b078261a67772af7511629
407302e428fbdad65c7b34999f9b51aa918afb561950ff2b0ba5463ab60e5adc
41407c31a0d44bb952744a390decccd0a4ba5918e4ff89c860f2495d5ee7a7fe
42f7a1af2bb884eef79470b860d7bff1e117f1e5f33d2fb155e69d5fc66a1938
4dc13e50e249b3654a85738c945beee2e7160b2210e31df9f5f26b2c089837c9
5da903d2ebd9e44462301dcaed36d2f255fbb59ff8838193feb7a56d8aa1eca6
85a01ecaf6de72e9eec841b78fe6ff100f9f8ebb5babde0f90426dffbc26ab3d
885d7ff1a9665e87b7be7322e23f41d27b75263f8b2c68dde45c5ec22aab7480
988ed47bd2feed583b05222cb8ffb3a5d23a544798daba2ac60226487851bd93
990b97cae1816d8493aa0eac62bbd35b6aee07565fc98cb5a0df8bcc36258525
9b99b747bb3a0b0d62ee203263fbffee81a7524169a927c10b0318d511563559
af03614d99771e0f3786fda656e7020a7bb83ea098f7a29f78f8f3f0b10bd049
b3e63c4ec315ed13e0b37dc2f610f5ecbc0bacffd0b087218acc759a8f280c19
c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5
cef697a926119ed2e9328e84e88e3a42b1987a64256c55066b37dc3f36883515
d00ef5f5ff992049bb675d419366257eff8560eae05178aa6d047dc9f56bfc6a
e162f1f58dbf406684f9a865dd6b82a00cb6c36fd089d2be6897d6320b96b771
e36f3860d6fe12df58872c55cf1fb78b7a3fe86d9a27591bfda5d8ceb34a31f3
e46a15ab15e3f7ef51a26465665b5123eddfb398dfeb0d208e77ce2280261c65
fe9e041b5ae5802ca35044060f054fe65ff2371f02ffaf1d897ec59152f7c2b0
ffb81b066403ae723f4298630e392faded58b4998335991a0de6274fa75818c2