partner-identity.ca Open in urlscan Pro
172.67.199.156 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://partner-identity.ca/
Effective URL:
http://partner-identity.ca/idp/startSSO.ping?PartnerSpId=ChannelPortal
Submission: On September 24 via automatic, source certstream-suspicious (September 24th 2023, 5:56:55 am UTC) — Scanned from CA

Summary HTTP 10 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 172.67.199.156, located in United States and belongs to CLOUDFLARENET, US. The main domain is partner-identity.ca.

This is the only time partner-identity.ca was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telus (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.36.211 104.21.36.211	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	172.67.199.156 172.67.199.156	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.155.1.94 18.155.1.94	16509 (AMAZON-02) (AMAZON-02)
10	2

1 104.21.36.211 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

partner-identity.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.199.156 (United States)

ASN13335 (CLOUDFLARENET, US)

partner-identity.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.155.1.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-1-94.atl59.r.cloudfront.net

cdn.telus.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	partner-identity.ca 1 redirects partner-identity.ca	755 KB
4	telus.digital cdn.telus.digital — Cisco Umbrella Rank: 420668	94 KB
10	2

	Domain	Requested by
7	partner-identity.ca	1 redirects partner-identity.ca
4	cdn.telus.digital	partner-identity.ca
10	2

This site contains links to these domains. Also see Links.

Domain
secure.telusmobility.com
partnerauth.telus.com
www.telus.com

Subject Issuer	Validity	Valid
cdn.telus.digital DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-02` - `2024-05-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://partner-identity.ca/idp/startSSO.ping?PartnerSpId=ChannelPortal
Frame ID: 259BDFF010FD917CE51927902B281C56
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TELUS Partner SSO

Page URL History Show full URLs

https://partner-identity.ca/ HTTP 303
http://partner-identity.ca/idp/startSSO.ping?PartnerSpId=ChannelPortal Page URL

Page Statistics

10
Requests

40 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

848 kB
Transfer

884 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.telusmobility.com/partners/im_preauth/validatePartner.jsp?language=EN
Title: First time visitor? REGISTER NOW!

Search URL Search Domain Scan URL

URL: https://partnerauth.telus.com/am/XUI/?realm=alpha&authIndexType=service&authIndexValue=ForgotPassword&locale=en
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://secure.telusmobility.com/partners/securecontent/english/info/login_troubles.jsp
Title: Trouble logging in?

Search URL Search Domain Scan URL

URL: http://www.telus.com/

Search URL Search Domain Scan URL

URL: https://secure.telusmobility.com/partners/securecontent/english/info/browser_req.jsp
Title: browser requirements

Search URL Search Domain Scan URL

URL: https://secure.telusmobility.com/partners/termsAndConditions.jsp?language=EN
Title: terms and conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://partner-identity.ca/ HTTP 303
http://partner-identity.ca/idp/startSSO.ping?PartnerSpId=ChannelPortal Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request startSSO.ping Show response partner-identity.ca/idp/ Redirect Chain https://partner-identity.ca/ http://partner-identity.ca/idp/startSSO.ping?PartnerSpId=ChannelPortal	7 KB 3 KB	115ms 97ms	Document text/html	172.67.199.156 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://partner-identity.ca/idp/startSSO.ping?PartnerSpId=ChannelPortal Protocol HTTP/1.1 Server 172.67.199.156 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `47c53c7249528d9c0b23f0b62c635b11833a7d3938fbd8c815e727c7c2c6e018` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 80b8c955cec439c5-YYZ Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 24 Sep 2023 05:56:50 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xUIEkTcFe0cJw1iXwB4eyRMFBam1jusdUyE4e5CEjnX%2Bq%2F72TwEbakLPgLtOl%2FjkeoSNvC%2FrysgpIZ8qFtNLF0FbGHbdfJDWp%2Fvb%2FR%2BpCNVoh6MaL5sBOeCWwu1foCE0pl8FDtK"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400 Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 80b8c9551f0236c1-YYZ content-type text/html; charset=utf-8 date Sun, 24 Sep 2023 05:56:50 GMT location http://partner-identity.ca/idp/startSSO.ping?PartnerSpId=ChannelPortal nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BrdfoxcT5ifGlbJTXqWIshODqqzA%2FuSfnMVkVEawvAp1u6B1Kp6JF0mNhIzJXuJJXlvESpcQ1QlzVEibqi9B25f3y0zVoQxZvTEH8LpBXuJn19prmmoj3KYvOYs4UWg3iKzEa%2BT"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H/1.1	200 OK	tds.min.css partner-identity.ca/public/css/	36 KB 7 KB	211ms 210ms	Stylesheet text/css	172.67.199.156 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://partner-identity.ca/public/css/tds.min.css Requested by Host: partner-identity.ca URL: http://partner-identity.ca/idp/startSSO.ping?PartnerSpId=ChannelPortal Protocol HTTP/1.1 Server 172.67.199.156 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a2e7c33fa437debb34fb84109a43e15769b9ed0c3c14aa27b15d5259f29b60a4` Request headers accept-language en-CA,en;q=0.9 Referer http://partner-identity.ca/idp/startSSO.ping?PartnerSpId=ChannelPortal User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Sun, 24 Sep 2023 05:56:50 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Sun, 24 Sep 2023 05:56:50 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGefSSHREkAJLbdrjcM16Ilpv0F0hdaOaKn2KxEnTOGU3Fi0uVcJEOYA1KK12SXmwjPGte0YlvyH3%2BR6Btok6p18MZUkBDoBmtPgRMKXPUMJURvFH5D3pICZ89Xb8pQSBmpxHFkq"}],"group":"cf-nel","max_age":604800} Content-Type text/css; charset=utf-8 Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 80b8c9566f3439c5-YYZ alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	telus-sso-improvement.css partner-identity.ca/public/css/	7 KB 3 KB	110ms 91ms	Stylesheet text/css	172.67.199.156 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://partner-identity.ca/public/css/telus-sso-improvement.css Requested by Host: partner-identity.ca URL: http://partner-identity.ca/idp/startSSO.ping?PartnerSpId=ChannelPortal Protocol HTTP/1.1 Server 172.67.199.156 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `815051e8b4979a7a5a20376772b08da82a8ffe4620592398748cf9f9c7c4da7d` Request headers accept-language en-CA,en;q=0.9 Referer http://partner-identity.ca/idp/startSSO.ping?PartnerSpId=ChannelPortal User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Sun, 24 Sep 2023 05:56:50 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Sun, 24 Sep 2023 05:56:50 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hC%2FFkgyNyOz8iexfmj5FHMu0A1gAcJAwcv7gBbpB8sldn6tvrjwAS7m8dYbwqOYy9UpepyUtrxzQ98DRJBqf8aFuunHTStvzraUyH5A%2BrvpXqZzMukgV6%2FRo%2BEfaKWo5b7gy%2F3cx"}],"group":"cf-nel","max_age":604800} Content-Type text/css; charset=utf-8 Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 80b8c9568ca23905-YYZ alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	telus-logo.svg partner-identity.ca/public/img/	4 KB 3 KB	159ms 159ms	Image image/svg+xml	172.67.199.156 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://partner-identity.ca/public/img/telus-logo.svg Requested by Host: partner-identity.ca URL: http://partner-identity.ca/public/css/telus-sso-improvement.css Protocol HTTP/1.1 Server 172.67.199.156 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `47593272e59aaeb5d5e88f6f453a8fe90569fbdbf54b6be214c733e2a1f4e92f` Request headers accept-language en-CA,en;q=0.9 Referer http://partner-identity.ca/public/css/telus-sso-improvement.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Sun, 24 Sep 2023 05:56:50 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Sun, 24 Sep 2023 05:56:50 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dm%2BCSlf7hUGuwg%2FZE4KerdA6DLY4tZvsVICoA8Cr4qU1pXYEm1awY1GyRNS8snUTgmgKKARO7EST3SMuaoBuDJrOlm%2B1ZDN2I%2BSoPhyoqPijWKHfWgBF5IY0pL6BA%2F0oY0yYuvfV"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 80b8c957d88739c5-YYZ alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	leaves-retina-web.png partner-identity.ca/public/img/	704 KB 705 KB	269ms 269ms	Image image/png	172.67.199.156 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://partner-identity.ca/public/img/leaves-retina-web.png Requested by Host: partner-identity.ca URL: http://partner-identity.ca/public/css/telus-sso-improvement.css Protocol HTTP/1.1 Server 172.67.199.156 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8fabef7055aa20f5033d7df021c027128feb0757af2cab181412cdc8644d3662` Request headers accept-language en-CA,en;q=0.9 Referer http://partner-identity.ca/public/css/telus-sso-improvement.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Sun, 24 Sep 2023 05:56:50 GMT CF-Cache-Status MISS Last-Modified Sun, 24 Sep 2023 05:56:50 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiXMCRRBXVU6BA0RQtxvwopQvAyoUsx3k%2FuKyhVR07VsBCR3kl88A%2FHVgGDQR7VEb6ZyUbX9lG1NZnxYSqyLaHTGfO8JTaDdYgIHWTFZuvbpZK8IaPQfFSRxrm9E8HqR7iwRgfLJ"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 80b8c957ddf63905-YYZ alt-svc h3=":443"; ma=86400 Content-Length 721016
GET H/1.1	200 OK	wave-header-default.png partner-identity.ca/public/img/	34 KB 35 KB	243ms 225ms	Image image/png	172.67.199.156 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://partner-identity.ca/public/img/wave-header-default.png Requested by Host: partner-identity.ca URL: http://partner-identity.ca/public/css/telus-sso-improvement.css Protocol HTTP/1.1 Server 172.67.199.156 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e9bd7a2422b44ed7329fb3ece73c00f386d18b33ea9472f1811731c824c9cd80` Request headers accept-language en-CA,en;q=0.9 Referer http://partner-identity.ca/public/css/telus-sso-improvement.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Sun, 24 Sep 2023 05:56:50 GMT CF-Cache-Status MISS Last-Modified Sun, 24 Sep 2023 05:56:50 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9OU0Ukr3K67N2n6hX8U7PmButJipJzArqov6MJemEFIFeOUD0LGOH6dHyR43mPG1CCSQ01CtHYmSZH6Pfd4G%2B3dqZBraednQyi5qyozH1S42%2B91R%2BeO2aRlxj0NjKn9AM9b6yGI"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 80b8c957fd255443-YYZ alt-svc h3=":443"; ma=86400 Content-Length 35096
GET H/1.1	200 OK	core-icons.woff2 cdn.telus.digital/thorium/core/v0.4.0/	4 KB 5 KB	247ms 139ms	Font binary/octet-stream	18.155.1.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.telus.digital/thorium/core/v0.4.0/core-icons.woff2 Requested by Host: partner-identity.ca URL: http://partner-identity.ca/public/css/tds.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.155.1.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-155-1-94.atl59.r.cloudfront.net Software AmazonS3 / Resource Hash `d8985cae9eda7ce2bb937053b26c94a391b53c4e2563ed77c6527db0e41a16e4` Request headers Referer http://partner-identity.ca/ Origin http://partner-identity.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Sun, 24 Sep 2023 05:56:51 GMT Via 1.1 b0a0b581dcccd27fc074709437a90f04.cloudfront.net (CloudFront) X-Amz-Cf-Pop ATL59-P3 X-Cache Miss from cloudfront Connection keep-alive Content-Length 4036 Last-Modified Mon, 08 Jan 2018 20:08:10 GMT Server AmazonS3 ETag "6a61e48747de876a912bcaa556dacd23" Access-Control-Max-Age 3600 Access-Control-Allow-Methods GET Content-Type binary/octet-stream Access-Control-Allow-Origin * Cache-Control max-age=315360000 Vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method Accept-Ranges bytes X-Amz-Cf-Id 16k3O_wIBS0fQX13dYx_d6A5OYY-dvkIp3W1Rvv0daB19e2AWvjBUA==
GET H/1.1	200 OK	b8765d4b-d9a3-48b9-ac65-560e7517cf0e.woff2 cdn.telus.digital/thorium/core/fonts/etext/	19 KB 20 KB	269ms 151ms	Font font/woff2	18.155.1.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.telus.digital/thorium/core/fonts/etext/b8765d4b-d9a3-48b9-ac65-560e7517cf0e.woff2 Requested by Host: partner-identity.ca URL: http://partner-identity.ca/public/css/tds.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.155.1.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-155-1-94.atl59.r.cloudfront.net Software AmazonS3 / Resource Hash `726b4339c7bca67dbba88d1f121857e2130d7ac194df7a512461ae621cfc2ff1` Request headers Referer http://partner-identity.ca/ Origin http://partner-identity.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Sun, 24 Sep 2023 05:56:51 GMT Via 1.1 69930623363d197ac4acf886c37b847a.cloudfront.net (CloudFront) X-Amz-Cf-Pop ATL59-P3 X-Cache Miss from cloudfront Connection keep-alive Content-Length 19848 Last-Modified Thu, 20 Feb 2020 23:49:39 GMT Server AmazonS3 ETag "ad426bec3984966214cc48ece827907e" Access-Control-Max-Age 3600 Access-Control-Allow-Methods GET Content-Type font/woff2 Access-Control-Allow-Origin * Vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method Accept-Ranges bytes X-Amz-Cf-Id pWZpZRpoYpNPaE2VJBISikw2AdviB6StOb7sWtlepMWTviWYWNnw5A==
GET H/1.1	200 OK	3e8a8b56-3cb0-4347-b670-eaaf06b76e9b.woff2 cdn.telus.digital/thorium/core/fonts/etext/	19 KB 19 KB	279ms 161ms	Font font/woff2	18.155.1.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.telus.digital/thorium/core/fonts/etext/3e8a8b56-3cb0-4347-b670-eaaf06b76e9b.woff2 Requested by Host: partner-identity.ca URL: http://partner-identity.ca/public/css/tds.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.155.1.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-155-1-94.atl59.r.cloudfront.net Software AmazonS3 / Resource Hash `56b0625243f403285df4a6ec2b3bb68b17501a6a95ba30252a917c06d4395f58` Request headers Referer http://partner-identity.ca/ Origin http://partner-identity.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Sun, 24 Sep 2023 05:56:51 GMT Via 1.1 235a6e0aa4b103fa2b80a9cef32a0f82.cloudfront.net (CloudFront) X-Amz-Cf-Pop ATL59-P3 X-Cache Miss from cloudfront Connection keep-alive Content-Length 19304 Last-Modified Thu, 20 Feb 2020 23:49:48 GMT Server AmazonS3 ETag "42691fb7a4691282f7e00bbdcc87c467" Access-Control-Max-Age 3600 Access-Control-Allow-Methods GET Content-Type font/woff2 Access-Control-Allow-Origin * Vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method Accept-Ranges bytes X-Amz-Cf-Id kwXIstX2vKSw9QbkbzQImjUsiTlVXiPwSfliYPEc-lX80yJr5r7wFg==
GET H/1.1	200 OK	aff68211-86bb-476d-882e-f7a3face144c.woff2 cdn.telus.digital/thorium/core/fonts/	49 KB 50 KB	277ms 159ms	Font font/woff2	18.155.1.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.telus.digital/thorium/core/fonts/aff68211-86bb-476d-882e-f7a3face144c.woff2 Requested by Host: partner-identity.ca URL: http://partner-identity.ca/public/css/tds.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.155.1.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-155-1-94.atl59.r.cloudfront.net Software AmazonS3 / Resource Hash `f776d0dfb485629c7351534355429068fd43071b7613e3d2042986fd5b5bf46c` Request headers Referer http://partner-identity.ca/ Origin http://partner-identity.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Sun, 24 Sep 2023 05:56:51 GMT Via 1.1 dd476b5dc73d3dd6d27c3cdd2f07140a.cloudfront.net (CloudFront) X-Amz-Cf-Pop ATL59-P3 X-Cache Miss from cloudfront Connection keep-alive Content-Length 50428 Last-Modified Thu, 20 Feb 2020 23:41:56 GMT Server AmazonS3 ETag "929eac69416d11a543cee859bd33f1bc" Access-Control-Max-Age 3600 Access-Control-Allow-Methods GET Content-Type font/woff2 Access-Control-Allow-Origin * Vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method Accept-Ranges bytes X-Amz-Cf-Id YKZIBCftcm4LYS4HQDLQtgSXOJhrWAdzSxgry7yi-EnOkd8sqOTdmg==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telus (Telecommunication)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.telus.digital
partner-identity.ca
104.21.36.211
172.67.199.156
18.155.1.94
47593272e59aaeb5d5e88f6f453a8fe90569fbdbf54b6be214c733e2a1f4e92f
47c53c7249528d9c0b23f0b62c635b11833a7d3938fbd8c815e727c7c2c6e018
56b0625243f403285df4a6ec2b3bb68b17501a6a95ba30252a917c06d4395f58
726b4339c7bca67dbba88d1f121857e2130d7ac194df7a512461ae621cfc2ff1
815051e8b4979a7a5a20376772b08da82a8ffe4620592398748cf9f9c7c4da7d
8fabef7055aa20f5033d7df021c027128feb0757af2cab181412cdc8644d3662
a2e7c33fa437debb34fb84109a43e15769b9ed0c3c14aa27b15d5259f29b60a4
d8985cae9eda7ce2bb937053b26c94a391b53c4e2563ed77c6527db0e41a16e4
e9bd7a2422b44ed7329fb3ece73c00f386d18b33ea9472f1811731c824c9cd80
f776d0dfb485629c7351534355429068fd43071b7613e3d2042986fd5b5bf46c

partner-identity.ca Open in urlscan Pro 172.67.199.156 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

40 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

848 kBTransfer

884 kBSize

0 Cookies

6 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

partner-identity.ca Open in urlscan Pro
172.67.199.156 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

40 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

848 kB
Transfer

884 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!