telushelpdesk.net
Open in
urlscan Pro
199.33.112.226
Malicious Activity!
Public Scan
Submission: On October 25 via manual from US
Summary
This is the only time telushelpdesk.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telus (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 199.33.112.226 199.33.112.226 | 23498 (CDSI) (CDSI - COGECODATA) | |
7 | 144.161.200.106 144.161.200.106 | 797 (AMERITECH-AS) (AMERITECH-AS - AT&T Services) | |
1 | 152.70.24.21 152.70.24.21 | 393676 (ZENEDGE) (ZENEDGE - Oracle Corporation) | |
9 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
att.net
opus.att.net |
13 KB |
1 |
telus.com
partnerauth.telus.com |
3 KB |
1 |
telushelpdesk.net
telushelpdesk.net |
2 KB |
9 | 3 |
Domain | Requested by | |
---|---|---|
7 | opus.att.net |
telushelpdesk.net
|
1 | partnerauth.telus.com |
telushelpdesk.net
|
1 | telushelpdesk.net | |
9 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
opus.att.net DigiCert SHA2 Secure Server CA |
2018-07-16 - 2020-07-16 |
2 years | crt.sh |
partnerauth.telus.com DigiCert SHA2 Secure Server CA |
2019-04-25 - 2020-04-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://telushelpdesk.net/
Frame ID: 34AC9E73CC17BB2DEAD921D6552F4FAC
Requests: 9 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
telushelpdesk.net/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
opus.att.net/opus/newlnf/common/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telusmobility_logo.gif
partnerauth.telus.com/openam/images/en/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
buttons.css
opus.att.net/opus/newlnf/common/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_box.gif
opus.att.net/opus/newlnf/common/images/login/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_hdrRight.gif
opus.att.net/opus/newlnf/common/images/login/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_hdrLeft.gif
opus.att.net/opus/newlnf/common/images/login/ |
884 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_orange_left.gif
opus.att.net/opus/newlnf/common/images/btn/ |
394 B 636 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_orange_right.gif
opus.att.net/opus/newlnf/common/images/btn/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telus (Telecommunication)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
opus.att.net
partnerauth.telus.com
telushelpdesk.net
144.161.200.106
152.70.24.21
199.33.112.226
46ba56c15f0971a5a0853079cb584bf89aa18f4679d4aa971f4d70b5347f333c
55932e53eb5ffa215bbb192d67f82f99c364077d59b090d3be9463601af9040a
684a7fbf6aade434db61528ea38da5605c50ae361ce650291f03fccd7eb76799
7b5d643e0bd4d6d012ce9ee12b90376ab42b5ee9f07fd1f2c918185768d88862
964b84ec9e395a1036983047510d5ce3ab4577597bbfa4f41037cc3f69718122
a4741fb4151188eaa747eaa9a8a7116d63358fd953f0c013af1749cb3cfbf176
a80aa647835daff153b7c9743c1740de76611f41b60c8c8a10cc2e00e6631a7d
f66938aa3ce5a8b3988fa3e433c70de530c7a50fea10f276654b25b3174569ba
fa5436f6541f9f66aba15e61bad0e69d9e11b8e76b3b82fe79acb0be76022071