urlscan.io logo urlscan.io
SecurityTrails logo

www.ordertelus.ca Open in urlscan Pro
76.76.21.21  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.ordertelus.ca/
Submission: On July 11 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 9 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is www.ordertelus.ca.
TLS certificate: Issued by R11 on July 11th 2024. Valid for: 3 months.
This is the only time www.ordertelus.ca was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telus (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
4 76.76.21.21 16509 (AMAZON-02)
4 2600:9000:24f... 16509 (AMAZON-02)
1 172.66.0.98 13335 (CLOUDFLAR...)
9 3
Apex Domain
Subdomains		 Transfer
4 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 4936
13 KB
4 ordertelus.ca
www.ordertelus.ca
70 KB
1 telus.com
www.telus.com — Cisco Umbrella Rank: 348718
49 KB
9 3
Domain Requested by
4 images.ctfassets.net
4 www.ordertelus.ca www.ordertelus.ca
1 www.telus.com
9 3

This site contains no links.

Subject Issuer Validity Valid
www.ordertelus.ca
R11		 2024-07-11 -
2024-10-09		 3 months crt.sh
images.ctfassets.net
Amazon RSA 2048 M02		 2023-12-19 -
2025-01-16		 a year crt.sh
www.telus.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-13 -
2024-11-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.ordertelus.ca/
Frame ID: B810957C233761C8C09DCEEA02422E83
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Telus

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

Page Statistics

9
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

132 kB
Transfer

289 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ordertelus.ca/ 		458 B
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ordertelus.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
2742ba4e3cf4d66d852f152b9bb7d1a117c4961614747012d2a603ba84804a0e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
655
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-length
458
content-type
text/html; charset=utf-8
date
Thu, 11 Jul 2024 13:04:08 GMT
etag
"0dc2b1c6fd56c50078b76095dbf87604"
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
x-vercel-id
cle1::4kmxp-1720703048405-c0935b85af39
index-BNwRKWxc.js
www.ordertelus.ca/assets/ 		191 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ordertelus.ca/assets/index-BNwRKWxc.js
Requested by
Host: www.ordertelus.ca
URL: https://www.ordertelus.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
75d7659648ad18659575b671754ea2d61bbd58475d96609990a08055815c1819
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.ordertelus.ca/
Origin
https://www.ordertelus.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 13:04:08 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
cle1::djxnw-1720703048556-ba12637fe3b8
age
650
etag
W/"d9ba6dcbd33e9b14d2c09017b801f06d"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="index-BNwRKWxc.js"
index-B6fvq8oH.css
www.ordertelus.ca/assets/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ordertelus.ca/assets/index-B6fvq8oH.css
Requested by
Host: www.ordertelus.ca
URL: https://www.ordertelus.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ee0b576f4154e22d39230c18c74cc24a58d169f00e2b3144280d3fa756676c8d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.ordertelus.ca/
Origin
https://www.ordertelus.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 13:04:08 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
cle1::bz9jh-1720703048555-e4553d497cd2
age
650
etag
W/"8335f74263a929acf034748f3c5ee715"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="index-B6fvq8oH.css"
Logo_TELUS.svg
images.ctfassets.net/fikanzmkdlqn/3yUnySNpS8IS4CeyUeWgeg/5bcfa9c592acfe591f26d85f6820fa5f/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fikanzmkdlqn/3yUnySNpS8IS4CeyUeWgeg/5bcfa9c592acfe591f26d85f6820fa5f/Logo_TELUS.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:9000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
cbe1b0f1185a0b862a1e9ed248098ff59f79de8c00cd0ea2dd873023e704d3f4

Request headers

Referer
https://www.ordertelus.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 06:14:24 GMT
content-encoding
gzip
via
1.1 44dd03c6d93a5b4e66aa5cea227acbb2.cloudfront.net (CloudFront)
last-modified
Fri, 29 Jun 2018 18:30:42 GMT
server
Contentful Images API
x-amz-cf-pop
IAD55-P3
age
24594
etag
W/"e9c94438527401f924b1e32cbd9fdea9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
irEOdLbGJTfJGsOIWdP_zfMocXH3iAnO1IJuh870Ob-ikoq4ah19vQ==
phone_grey_en.png
www.telus.com/telus-login/static/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telus.com/telus-login/static/phone_grey_en.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4b298feb813d207c6b9eaa95813d242be0dcd69dd93f3d012ffe2e7fbd6519e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ordertelus.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 13:04:09 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 google, 1.1 google
age
6234169
traceresponse
00-3f17e193183d78d425025455b4759062-1472b151dd349728-01
x-dns-prefetch-control
off
server-timing
dtSInfo;desc="0", dtRpid;desc="-227014312"
content-length
49476
x-xss-protection
1; mode=block
last-modified
Wed, 13 Mar 2024 23:26:58 GMT
x-dt-tracestate
e55dff21-838840e3@dt
server
cloudflare
etag
W/"c144-18e3a23f1d0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a18ff685817ac1b-YYZ
expires
Fri, 11 Jul 2025 13:04:09 GMT
Download_on_the_App_Store_Badge-2.svg
images.ctfassets.net/fikanzmkdlqn/63wh5ooIuS1xgB8xAHwvQz/d1a390b7c4b88e14941c305e0b2b80ab/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fikanzmkdlqn/63wh5ooIuS1xgB8xAHwvQz/d1a390b7c4b88e14941c305e0b2b80ab/Download_on_the_App_Store_Badge-2.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:9000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5bb3ee539bf3f0c7583a4228ab4594dc2f7cb3ba57baa83082a6ac82b2e70f7b

Request headers

Referer
https://www.ordertelus.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 08:15:19 GMT
content-encoding
gzip
via
1.1 44dd03c6d93a5b4e66aa5cea227acbb2.cloudfront.net (CloudFront)
last-modified
Wed, 08 Dec 2021 15:57:40 GMT
server
Contentful Images API
x-amz-cf-pop
IAD55-P3
age
17330
etag
W/"3ce2bff094273a977907d5a9df0ed4b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
ZlB9zBxZhvkqPrY-nAVcmw37W3HAmXLNAPGylAtpFKQWB3zytQqATQ==
google-play-badge.svg
images.ctfassets.net/fikanzmkdlqn/0oRZngdLGyvTYwGZPBxFD/e19a15c77ae3604400033a24c60d4336/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fikanzmkdlqn/0oRZngdLGyvTYwGZPBxFD/e19a15c77ae3604400033a24c60d4336/google-play-badge.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:9000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
089357ed2af64609f30dfdeaf6ad88944a3f1e9e80b25f29935e7c4c209e8596

Request headers

Referer
https://www.ordertelus.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 06:58:23 GMT
content-encoding
gzip
via
1.1 44dd03c6d93a5b4e66aa5cea227acbb2.cloudfront.net (CloudFront)
last-modified
Wed, 08 Dec 2021 15:58:27 GMT
server
Contentful Images API
x-amz-cf-pop
IAD55-P3
age
21946
etag
W/"bc52f260f66d68036155b48cf4c8993e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
NVovBLa_4LL-vVRunxIfy2dSEbDhO1SJZ8WFY3PQsvGeRgDwc7cIGA==
TELUS_LMTFF_EN_Hor_2021_Digital_RGB__2_.svg
images.ctfassets.net/fikanzmkdlqn/3loH0T0nylM0oqQ5CCbfWa/5c6adb84324374887c8ee92c81f0604a/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fikanzmkdlqn/3loH0T0nylM0oqQ5CCbfWa/5c6adb84324374887c8ee92c81f0604a/TELUS_LMTFF_EN_Hor_2021_Digital_RGB__2_.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:9000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5b3194a6213f6e735c512acb4affa0045860aa6d4c1d973c75231c41c3e4e54e

Request headers

Referer
https://www.ordertelus.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 09:37:19 GMT
content-encoding
gzip
via
1.1 44dd03c6d93a5b4e66aa5cea227acbb2.cloudfront.net (CloudFront)
last-modified
Wed, 11 Oct 2023 15:29:39 GMT
server
Contentful Images API
x-amz-cf-pop
IAD55-P3
age
12410
etag
W/"f30299ad4596a5b6d20bc7a5ed184794"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
w0GCnEhbGc7o1nqnjgRn5jzg-p9E3UebPtTPSwGz1rb0QRP3ONohSQ==
Logo_TELUS.svg
www.ordertelus.ca/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ordertelus.ca/Logo_TELUS.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
cbe1b0f1185a0b862a1e9ed248098ff59f79de8c00cd0ea2dd873023e704d3f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.ordertelus.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 13:04:08 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
cle1::5l94z-1720703048762-d0ef003a7072
age
574
etag
W/"e9c94438527401f924b1e32cbd9fdea9"
x-vercel-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="Logo_TELUS.svg"

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telus (Telecommunication)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __reactRouterVersion

2 Cookies

Domain/Path Name / Value
.telus.com/ Name: __cf_bm
Value: 0.8e9LShPwCXXE4YHvqANrQT9tFhpWm.8P_nACPqhqk-1720703049-1.0.1.1-I.gJx_7BvFtdRvdUdvQ95p72GsJRQpbEpJCZjBADbqwSLf9eKONOGmjbAr9SVcMuEdBtQNFqUvQBwrhIsXPA6RnwOjoRIyvR0pXoucjBgPo
.telus.com/ Name: _cfuvid
Value: Pc_wJjUH_MXHihTMtcXymzv.lnFup1Cbp3A4IW7Nr_c-1720703049037-0.0.1.1-604800000

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://www.ordertelus.ca/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000