mobility-alert-telus.site
Open in
urlscan Pro
162.241.15.213
Malicious Activity!
Public Scan
Submission: On October 31 via manual from CA
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 31st 2019. Valid for: a year.
This is the only time mobility-alert-telus.site was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telus (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 162.241.15.213 162.241.15.213 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer) | |
20 | 206.235.251.51 206.235.251.51 | 852 (ASN852) (ASN852 - TELUS Communications Inc.) | |
1 | 18.195.42.228 18.195.42.228 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
4 | 2406:da00:ff0... 2406:da00:ff00::3210:c12b | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
28 | 5 |
ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: 162-241-15-213.unifiedlayer.com
mobility-alert-telus.site |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
static.telus.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
telusquebec.com
www.telusquebec.com |
212 KB |
4 |
telus.com
static.telus.com |
214 KB |
1 |
ensighten.com
nexus.ensighten.com |
593 B |
1 |
mobility-alert-telus.site
mobility-alert-telus.site |
4 KB |
28 | 4 |
Domain | Requested by | |
---|---|---|
20 | www.telusquebec.com |
mobility-alert-telus.site
www.telusquebec.com |
4 | static.telus.com |
www.telusquebec.com
|
1 | nexus.ensighten.com |
www.telusquebec.com
|
1 | mobility-alert-telus.site | |
28 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.telusquebec.com |
www.telus.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mobility-alert-telus.site Sectigo RSA Domain Validation Secure Server CA |
2019-10-31 - 2020-10-31 |
a year | crt.sh |
telusquebec.com DigiCert SHA2 Secure Server CA |
2019-05-02 - 2020-05-02 |
a year | crt.sh |
nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2019-10-03 - 2020-10-02 |
a year | crt.sh |
static.telus.com DigiCert Global CA G2 |
2019-04-02 - 2020-04-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://mobility-alert-telus.site/tel/index.php
Frame ID: 5C0BDD2A2213985D1A3A966A0D393FAE
Requests: 28 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Backbone.js (JavaScript Frameworks) Expand
Detected patterns
- script /backbone.*\.js/i
Ensighten (Tag Managers) Expand
Detected patterns
- script /\/\/nexus\.ensighten\.com\//i
Select2 (JavaScript Libraries) Expand
Detected patterns
- script /select2(?:\.min|\.full)?\.js/i
Underscore.js (JavaScript Libraries) Expand
Detected patterns
- script /underscore.*\.js(?:\?ver=([\d.]+))?/i
- script /backbone.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /select2(?:\.min|\.full)?\.js/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Forgot?
Search URL Search Domain Scan URL
Title: Register
Search URL Search Domain Scan URL
Title: Terms of service
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.php
mobility-alert-telus.site/tel/ |
18 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.min.css
www.telusquebec.com/media/clue/css/ |
175 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
framework.css
www.telusquebec.com/media/clue/css/ |
65 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shared-registration.css
www.telusquebec.com/media/clue/css/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
espace-client.min.css
www.telusquebec.com/media/clue/css/ |
155 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.min-nosurvey.js
www.telusquebec.com/media/clue/js/ |
112 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bootstrap.js
www.telusquebec.com/media/clue/js/libs/ |
68 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
espace-client.js
www.telusquebec.com/media/clue/js/espaceclient/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
underscore.js
www.telusquebec.com/media/clue/js/libs/ |
44 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
init-js-config.js
www.telusquebec.com/media/clue/js/libs/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watch-has-changed.js
www.telusquebec.com/media/clue/js/libs/ |
2 KB 996 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form2js.js
www.telusquebec.com/media/clue/js/libs/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js2form.js
www.telusquebec.com/media/clue/js/libs/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
backbonejs-event.js
www.telusquebec.com/media/clue/js/libs/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
select2.js
www.telusquebec.com/media/clue/js/libs/ |
139 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-switch.js
www.telusquebec.com/media/clue/js/libs/ |
15 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.confirm.js
www.telusquebec.com/media/clue/js/libs/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
validation.js
www.telusquebec.com/media/clue/js/ |
13 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
language-management.js
www.telusquebec.com/media/clue/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TELUS-logo-en.svg
www.telusquebec.com/media/images/header/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TELUS-logo-white.svg
www.telusquebec.com/media/images/header/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
530dee22-e3c1-4e9f-bf62-c31d510d9656.woff
www.telusquebec.com/media/clue/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/telus/prod/ |
450 B 593 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff
static.telus.com/common/fonts/ |
48 KB 48 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4bff1fbb-b4bf-4d95-9c47-efcb14384e36.woff
static.telus.com/common/fonts/ |
73 KB 73 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
530dee22-e3c1-4e9f-bf62-c31d510d9656.woff
static.telus.com/common/fonts/ |
56 KB 57 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
telusdings-regular-webfont.woff
static.telus.com/common/fonts/ |
36 KB 36 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
688ab72b-4deb-4e15-a088-89166978d469.ttf
www.telusquebec.com/media/clue/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.telusquebec.com
- URL
- https://www.telusquebec.com/media/clue/fonts/530dee22-e3c1-4e9f-bf62-c31d510d9656.woff
- Domain
- www.telusquebec.com
- URL
- https://www.telusquebec.com/media/clue/fonts/688ab72b-4deb-4e15-a088-89166978d469.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telus (Telecommunication)36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| html5 object| Modernizr function| $ function| jQuery object| enquire function| picturefill object| ensBootstraps object| Bootstrapper function| _log object| _enslog function| _ object| App function| form2js function| js2form object| Backbone object| Select2 function| validate_email function| validate_password function| validate_password_empty function| validate_response function| validate_question_response function| validate_temp_password function| validate_field function| validate_password_ci function| validate_equality function| startLoadingBtn function| endLoadingBtn function| changeLanguage function| changeLangInPath function| changeLangInParam function| changeLangInCookie function| changeLangInPost function| removeLangSwitch object| currentHeight0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mobility-alert-telus.site
nexus.ensighten.com
static.telus.com
www.telusquebec.com
www.telusquebec.com
162.241.15.213
18.195.42.228
206.235.251.51
2406:da00:ff00::3210:c12b
186953b2ed4cb1e4fd7e88c108a6ade41de6d768dbbcd47521e063a7c787a06b
2a7ad6eea7fd3043d6f3f7f3e5a05736ce584460f42450fb4d6305799643434e
2f4cefd41fb2560b98d6ccfae2e7dc6d418809782b57b16936a3b2ed67bf95d8
381d32d9efc6ad4d3e1a49f4dd4bd52564c920ced792a34495548cab7a8ba9e7
382c30319f5c79a66c7aba94b69014498e57486602a3ebe040a6c0be8b19e5b6
4416e55bbdb00521bcf1dca06e6c274946eb2b94b2b6c845af1c166bec112f68
47593272e59aaeb5d5e88f6f453a8fe90569fbdbf54b6be214c733e2a1f4e92f
4791342327543c3f88fbd417ea92798d73248094f4362d574cc5c87b2462f8d6
4863e2460475892d520f9248e64b0ab32ae4aa3a5979326a698e170dd518c624
492c720328bc1aafbda586ea9ec0cf7681f7780ae431ea64b6feef66e40b81b4
54936e7b81e1a874673f4e1aa16d7984f8fd8f3e33e40cc9afec13951c4af7a6
57abb2dfff42008108ee3c16c9cb384d0ac2d531b3fd861f92d99e8c79adfd73
5a9ce4d93bc8fd30ad48503f5eefce9d741aec86f7edee7eb89a30137662f479
695bf6fb6738ad923cb6fd879333e606ac0c739e575c2201cc96b84e6f79240c
74e13f1db6967caaaf55799e033a0626233ee6256fae1305061f29496f14d986
7b5118b63a6e96ed4b87f66ea37811ecbce0119b6d97d1c0f721dc8472f3d3e1
7c98b68abc98ce458c1051051a845e64843fef81bc5ba01720aa7f3d6a7392e1
81c24416017e0b08ede73141e1cf645c6a6bb124901326e4a82e19a9b78f8765
8ceb37eb8fdd25fbf9510d13d0102f5229cde7bc39aa00a22e545140ee993d83
ab685f44b73185c730a23002b11ffaa0c893ca47ec95b7e5ef89e91e4e01ba6d
c6bcf31c8d65595d0143ac2130e70f2ed4aeb02db472554f567efab37440f230
cdf2be57c8db9cec8e640131822207488d2dee53b26fa11e3286f5883bb4ccb2
ec50990b9a0a24e769fcb5a4fadf0023f0b3935869a1a73569fe9c8267beb0af
ee8ba6b58a9c67d9f7148b31f90851767c45aeaa8c86fbf7e981ba255d39240b
f7af13c41d93232a02eb735972572c2e5276292d7c211e515651914355919007
fc2f1fe05f15ecc69521e4c1888f1a19f8bb46711c761ec11076ff236ebc3997