telus-help.org Open in urlscan Pro
2606:4700:30::681b:adc0 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://telus-help.org/
Submission: On November 26 via automatic, source certstream-suspicious (November 26th 2019, 7:33:43 pm UTC)

Summary HTTP 12 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2606:4700:30::681b:adc0, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is telus-help.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 26th 2019. Valid for: 10 months.

This is the only time telus-help.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telus (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:30:... 2606:4700:30::681b:adc0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	152.70.24.16 152.70.24.16	393676 (ZENEDGE) (ZENEDGE - Oracle Corporation)
1	2600:9000:20e... 2600:9000:20eb:2c00:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
12	3

4 2606:4700:30::681b:adc0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

telus-help.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 152.70.24.16 (United States)

ASN393676 (ZENEDGE - Oracle Corporation, US)

partnerauth.telus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:2c00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	telus.com partnerauth.telus.com	35 KB
4	telus-help.org telus-help.org	2 KB
1	ctfassets.net images.ctfassets.net	1 KB
12	3

	Domain	Requested by
7	partnerauth.telus.com	telus-help.org
4	telus-help.org	telus-help.org
1	images.ctfassets.net	telus-help.org
12	3

This site contains links to these domains. Also see Links.

Domain
secure.telusmobility.com
www.telus.com
www.telusmobility.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-26` - `2020-10-09`	10 months	crt.sh
partnerauth.telus.com DigiCert SHA2 Secure Server CA	`2019-04-25` - `2020-04-25`	a year	crt.sh
images.contentful.com Amazon	`2019-04-06` - `2020-05-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://telus-help.org/
Frame ID: 63D37C67C02C38E532F168B7E3108985
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Contentful (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+(?:https?:)?\/\/(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

38 kB
Transfer

42 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.telusmobility.com/partners/im_preauth/validatePartner.jsp?language=EN
Title:

Search URL Search Domain Scan URL

URL: https://secure.telusmobility.com/partners/forgotPassword.jsp?language=EN
Title:

Search URL Search Domain Scan URL

URL: https://secure.telusmobility.com/partners/securecontent/english/info/login_troubles.jsp
Title:

Search URL Search Domain Scan URL

URL: https://www.telus.com/
Title: telus.com

Search URL Search Domain Scan URL

URL: https://www.telusmobility.com/
Title: telusmobility.com

Search URL Search Domain Scan URL

URL: https://secure.telusmobility.com/partners/securecontent/english/info/browser_req.jsp
Title: browser requirements

Search URL Search Domain Scan URL

URL: https://secure.telusmobility.com/partners/termsAndConditions.jsp?language=EN
Title: terms and conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response telus-help.org/	5 KB 2 KB	120ms 65ms	Document text/html	2606:4700:30::681b:adc0 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://telus-help.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:adc0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.3.3 Resource Hash `cca84868f403650e637e6e51405e2d93a768028f8f0a1a83f5074b524046752c` Request headers :method GET :authority telus-help.org :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 date Tue, 26 Nov 2019 19:33:10 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d0ea09b283a50a4c286f52ccea9db21f51574796790; expires=Thu, 26-Dec-19 19:33:10 GMT; path=/; domain=.telus-help.org; HttpOnly x-powered-by PHP/5.3.3 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 53be4ae7580c59ee-VIE content-encoding br
GET H2	200	otp-custom.css partnerauth.telus.com/openam/css/	3 KB 1 KB	15832ms 192ms	Stylesheet text/css	152.70.24.16 Oracle Corporation
General Check archive.org Show headers Download Go to Full URL https://partnerauth.telus.com/openam/css/otp-custom.css Requested by Host: telus-help.org URL: https://telus-help.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 152.70.24.16 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US), Reverse DNS Software ZENEDGE / Servlet/3.0 JSP/2.2 Resource Hash `3fbd169a4a1da85fcf033b201f953e50749ebc0c9cb890b20556bbae0892c356` Request headers Referer https://telus-help.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-zen-fury baed1f67a10c24661c37e37670b3735257dbb23f date Tue, 26 Nov 2019 19:33:26 GMT content-encoding gzip last-modified Sun, 20 Oct 2019 19:16:48 GMT server ZENEDGE x-powered-by Servlet/3.0 JSP/2.2 x-cache-status NOTCACHED content-type text/css status 200 x-cdn Served-By-Zenedge
GET H2	404	chk_submit.js telus-help.org/openam/js/	0 0	75ms 73ms	Script text/html	2606:4700:30::681b:adc0 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://telus-help.org/openam/js/chk_submit.js Requested by Host: telus-help.org URL: https://telus-help.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:adc0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://telus-help.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 26 Nov 2019 19:33:11 GMT content-encoding br cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 53be4ae7c88559ee-VIE
GET H2	404	auth.js telus-help.org/openam/js/	0 0	76ms 74ms	Script text/html	2606:4700:30::681b:adc0 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://telus-help.org/openam/js/auth.js Requested by Host: telus-help.org URL: https://telus-help.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:adc0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://telus-help.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 26 Nov 2019 19:33:11 GMT content-encoding br cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 53be4ae7c88659ee-VIE
GET H2	200	Logo_TELUS.svg images.ctfassets.net/fikanzmkdlqn/3yUnySNpS8IS4CeyUeWgeg/5bcfa9c592acfe591f26d85f6820fa5f/	2 KB 1 KB	71ms 17ms	Image image/svg+xml	2600:9000:20eb:2c00:12:94b3:c380:93a1 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/fikanzmkdlqn/3yUnySNpS8IS4CeyUeWgeg/5bcfa9c592acfe591f26d85f6820fa5f/Logo_TELUS.svg Requested by Host: telus-help.org URL: https://telus-help.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20eb:2c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software Contentful Images API / Resource Hash `cbe1b0f1185a0b862a1e9ed248098ff59f79de8c00cd0ea2dd873023e704d3f4` Request headers Referer https://telus-help.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 21 Sep 2019 20:48:41 GMT content-encoding gzip server Contentful Images API age 2825298 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml status 200 cache-control max-age=31536000 x-amz-cf-pop FRA2-C1 access-control-allow-origin * x-amz-cf-id nr3E91KS3ynD6Aa8g57GPkRvJDSwaZxZqd4ygkd9_YTJ-lczGaqPhA== via 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
GET H2	200	reg_now.gif partnerauth.telus.com/openam/images/en/	1 KB 2 KB	15879ms 239ms	Image image/gif	152.70.24.16 Oracle Corporation
General Check archive.org Show headers Download Go to Show image Full URL https://partnerauth.telus.com/openam/images/en/reg_now.gif Requested by Host: telus-help.org URL: https://telus-help.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 152.70.24.16 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US), Reverse DNS Software ZENEDGE / Servlet/3.0 JSP/2.2 Resource Hash `0408fb555c0cc8d3186197945bf229feac943c17f66e85bc3eb4388dac618b28` Request headers Referer https://telus-help.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-zen-fury baed1f67a10c24661c37e37670b3735257dbb23f date Tue, 26 Nov 2019 19:33:26 GMT last-modified Sun, 20 Oct 2019 19:16:48 GMT server ZENEDGE x-powered-by Servlet/3.0 JSP/2.2 x-cache-status NOTCACHED content-type image/gif status 200 accept-ranges bytes content-length 1382 x-cdn Served-By-Zenedge
GET H2	200	forgot_password.gif partnerauth.telus.com/openam/images/en/	898 B 1 KB	15804ms 239ms	Image image/gif	152.70.24.16 Oracle Corporation
General Check archive.org Show headers Download Go to Show image Full URL https://partnerauth.telus.com/openam/images/en/forgot_password.gif Requested by Host: telus-help.org URL: https://telus-help.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 152.70.24.16 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US), Reverse DNS Software ZENEDGE / Servlet/3.0 JSP/2.2 Resource Hash `2b0df1fe361f8d973e2853ed4eaef1d6329f89ba0e13e6b700804ef2f857fa76` Request headers Referer https://telus-help.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-zen-fury baed1f67a10c24661c37e37670b3735257dbb23f date Tue, 26 Nov 2019 19:33:26 GMT last-modified Sun, 20 Oct 2019 19:16:48 GMT server ZENEDGE x-powered-by Servlet/3.0 JSP/2.2 x-cache-status NOTCACHED content-type image/gif status 200 accept-ranges bytes content-length 898 x-cdn Served-By-Zenedge
GET H2	200	trouble_.gif partnerauth.telus.com/openam/images/en/	719 B 973 B	144ms 144ms	Image image/gif	152.70.24.16 Oracle Corporation
General Check archive.org Show headers Download Go to Show image Full URL https://partnerauth.telus.com/openam/images/en/trouble_.gif Requested by Host: telus-help.org URL: https://telus-help.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 152.70.24.16 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US), Reverse DNS Software ZENEDGE / Servlet/3.0 JSP/2.2 Resource Hash `48e5a6525aff2609146548798f5be10caebe42880e328988f560c5a2011e03c0` Request headers Referer https://telus-help.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-zen-fury baed1f67a10c24661c37e37670b3735257dbb23f date Tue, 26 Nov 2019 19:33:26 GMT last-modified Sun, 20 Oct 2019 19:16:48 GMT server ZENEDGE x-powered-by Servlet/3.0 JSP/2.2 x-cache-status NOTCACHED content-type image/gif status 200 accept-ranges bytes content-length 719 x-cdn Served-By-Zenedge
GET H2	200	mobile.css partnerauth.telus.com/openam/css/	348 B 508 B	147ms 146ms	Stylesheet text/css	152.70.24.16 Oracle Corporation
General Check archive.org Show headers Download Go to Full URL https://partnerauth.telus.com/openam/css/mobile.css Requested by Host: telus-help.org URL: https://telus-help.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 152.70.24.16 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US), Reverse DNS Software ZENEDGE / Servlet/3.0 JSP/2.2 Resource Hash `e9fc4db606a5a5f273e62d608c94f076a8580a3548ee1ab3631569cdd80f0350` Request headers Referer https://telus-help.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-zen-fury baed1f67a10c24661c37e37670b3735257dbb23f date Tue, 26 Nov 2019 19:33:26 GMT content-encoding gzip last-modified Sun, 20 Oct 2019 19:16:48 GMT server ZENEDGE x-powered-by Servlet/3.0 JSP/2.2 x-cache-status NOTCACHED content-type text/css status 200 x-cdn Served-By-Zenedge
GET H2	404	auth.js telus-help.org/openam/js/	0 0	17ms 16ms	Script text/html	2606:4700:30::681b:adc0 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://telus-help.org/openam/js/auth.js Requested by Host: telus-help.org URL: https://telus-help.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:adc0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://telus-help.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 26 Nov 2019 19:33:26 GMT content-encoding br cf-cache-status HIT server cloudflare age 15 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 53be4b4baad659ee-VIE
GET H2	200	flower.jpg partnerauth.telus.com/openam/images/en/	8 KB 8 KB	150ms 150ms	Image image/jpeg	152.70.24.16 Oracle Corporation
General Check archive.org Show headers Download Go to Show image Full URL https://partnerauth.telus.com/openam/images/en/flower.jpg Requested by Host: telus-help.org URL: https://telus-help.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 152.70.24.16 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US), Reverse DNS Software ZENEDGE / Servlet/3.0 JSP/2.2 Resource Hash `2653f087eea887b9bf71cc242744f62f9bc7c7b39784700848ed57b72c38f01e` Request headers Referer https://partnerauth.telus.com/openam/css/otp-custom.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-zen-fury baed1f67a10c24661c37e37670b3735257dbb23f date Tue, 26 Nov 2019 19:33:27 GMT last-modified Sun, 20 Oct 2019 19:16:48 GMT server ZENEDGE x-powered-by Servlet/3.0 JSP/2.2 x-cache-status NOTCACHED content-type image/jpeg status 200 accept-ranges bytes content-length 8235 x-cdn Served-By-Zenedge
GET H2	200	whirlers.gif partnerauth.telus.com/openam/images/	20 KB 21 KB	284ms 283ms	Image image/gif	152.70.24.16 Oracle Corporation
General Check archive.org Show headers Download Go to Show image Full URL https://partnerauth.telus.com/openam/images/whirlers.gif Requested by Host: telus-help.org URL: https://telus-help.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 152.70.24.16 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US), Reverse DNS Software ZENEDGE / Servlet/3.0 JSP/2.2 Resource Hash `92a348270709b18868cd859801941bffafd3785328f4d7475328d913d4288f76` Request headers Referer https://partnerauth.telus.com/openam/css/otp-custom.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-zen-fury baed1f67a10c24661c37e37670b3735257dbb23f date Tue, 26 Nov 2019 19:33:27 GMT last-modified Sun, 20 Oct 2019 19:16:48 GMT server ZENEDGE x-powered-by Servlet/3.0 JSP/2.2 x-cache-status NOTCACHED content-type image/gif status 200 accept-ranges bytes x-cdn Served-By-Zenedge

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telus (Telecommunication)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.telus-help.org/	1970-01-19 06:09:48	Name: __cfduid Value: d046949e13621af21689bf8d1b218e7231574796806

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images.ctfassets.net
partnerauth.telus.com
telus-help.org
152.70.24.16
2600:9000:20eb:2c00:12:94b3:c380:93a1
2606:4700:30::681b:adc0
0408fb555c0cc8d3186197945bf229feac943c17f66e85bc3eb4388dac618b28
2653f087eea887b9bf71cc242744f62f9bc7c7b39784700848ed57b72c38f01e
2b0df1fe361f8d973e2853ed4eaef1d6329f89ba0e13e6b700804ef2f857fa76
3fbd169a4a1da85fcf033b201f953e50749ebc0c9cb890b20556bbae0892c356
48e5a6525aff2609146548798f5be10caebe42880e328988f560c5a2011e03c0
92a348270709b18868cd859801941bffafd3785328f4d7475328d913d4288f76
cbe1b0f1185a0b862a1e9ed248098ff59f79de8c00cd0ea2dd873023e704d3f4
cca84868f403650e637e6e51405e2d93a768028f8f0a1a83f5074b524046752c
e9fc4db606a5a5f273e62d608c94f076a8580a3548ee1ab3631569cdd80f0350

telus-help.org Open in urlscan Pro 2606:4700:30::681b:adc0 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

38 kBTransfer

42 kBSize

1 Cookies

7 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

1 Cookies

Indicators

telus-help.org Open in urlscan Pro
2606:4700:30::681b:adc0 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

38 kB
Transfer

42 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!