www.fareeqesam.org Open in urlscan Pro
162.241.225.249 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://moneyshiftracing.com/~quickfix/
Effective URL:
https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=co...
Submission: On June 26 via manual (June 26th 2020, 1:09:09 pm UTC) from CA

Summary HTTP 13 Redirects Links 64 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 162.241.225.249, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.fareeqesam.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 12th 2020. Valid for: 3 months.

This is the only time www.fareeqesam.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telus (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	192.3.201.125 192.3.201.125	36352 (AS-COLOCR...) (AS-COLOCROSSING)
1 13	162.241.225.249 162.241.225.249	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
13	2

1 192.3.201.125 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: server203.webhostingbuzz.com

moneyshiftracing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 162.241.225.249 (Provo, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5305.bluehost.com

www.fareeqesam.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	fareeqesam.org 1 redirects www.fareeqesam.org	234 KB
1	moneyshiftracing.com moneyshiftracing.com	253 B
13	2

	Domain	Requested by
13	www.fareeqesam.org	1 redirects www.fareeqesam.org
1	moneyshiftracing.com
13	2

This site contains links to these domains. Also see Links.

Domain
www.telus.com
business.telus.com
sb3ye.app.goo.gl
identity.telus.com
forum.telus.com
community.telus.com
webmail.telus.net
wise.telus.com
www.telusinternational.com
blog.telus.com
about.telus.com
telusidentity.telus.com

Subject Issuer	Validity	Valid
cpcalendars.maska19.com Let's Encrypt Authority X3	`2020-06-12` - `2020-09-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback
Frame ID: 7FC036C4770BE4C2B2EEC3D2A15DEF72
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.fareeqesam.org/popquizz/mentalbreakdown/ HTTP 302
https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_por... Page URL

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

13
Requests

92 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

234 kB
Transfer

457 kB
Size

0
Cookies

64 Outgoing links

These are links going to different origins than the main page.

URL: https://www.telus.com/?linktype=nav
Title: TELUS Personal

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ moneyshiftracing.com/~quickfix/	0 253 B	376ms 188ms	Document text/html	192.3.201.125 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL http://moneyshiftracing.com/~quickfix/ Protocol HTTP/1.1 Server 192.3.201.125 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS server203.webhostingbuzz.com Software LiteSpeed / PHP/5.6.40 Resource Hash Request headers Host moneyshiftracing.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection Keep-Alive X-Powered-By PHP/5.6.40 Refresh 0;url=https://www.fareeqesam.org/popquizz/mentalbreakdown/ Content-Type text/html; charset=UTF-8 Content-Length 0 Date Fri, 26 Jun 2020 13:08:53 GMT Server LiteSpeed
GET H2	200	Primary Request Login.php Show response www.fareeqesam.org/popquizz/mentalbreakdown/ Redirect Chain https://www.fareeqesam.org/popquizz/mentalbreakdown/ https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%...	178 KB 46 KB	377ms 376ms	Document text/html	162.241.225.249 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.225.249 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box5305.bluehost.com Software Apache / Resource Hash `dbce9c48b880fcc7ad5cde3cd0acc7d7584863d8c0f88bea214f17c098093edf` Request headers :method GET :authority www.fareeqesam.org :scheme https :path /popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer http://moneyshiftracing.com/~quickfix/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://moneyshiftracing.com/~quickfix/ Response headers status 200 date Fri, 26 Jun 2020 13:08:54 GMT server Apache vary Accept-Encoding content-encoding gzip host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-type text/html; charset=UTF-8 Redirect headers status 302 date Fri, 26 Jun 2020 13:08:53 GMT server Apache location Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail customerinfo internetservicemanagement securitymgmt paymentmanagement invoiceinfo devicemanagement phonenumbermgmt accountinfo accountmanagement loyaltyandrewards priceplaninfo accountactivity paymentprocessing wifimanagement PartnerProfile profilemanagement usagepreferencemanagement usagemeter wlspaymentmgmt homephonemanagement usagemanagement usagedetails usagenotificationacceptancehistory usageblockmanagement homesecuritymanagement onetimepasscode serviceeligibility tvsusbscriptioninfo appointmentmanagement wirelineprotectionsubscriptionservice servicemanagement hellocustomer invoicedocuments billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 0 content-type text/html; charset=UTF-8
GET H2	200	jquery-3.3.1.min.js Show response www.fareeqesam.org/popquizz/mentalbreakdown/src/	85 KB 37 KB	206ms 205ms	Script application/javascript	162.241.225.249 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.fareeqesam.org/popquizz/mentalbreakdown/src/jquery-3.3.1.min.js Requested by Host: www.fareeqesam.org URL: https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.225.249 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box5305.bluehost.com Software Apache / Resource Hash `4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de` Request headers Referer https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 26 Jun 2020 13:08:54 GMT content-encoding gzip last-modified Thu, 10 Jan 2019 12:45:52 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript status 200 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ==
GET H2	200	j.js Show response www.fareeqesam.org/popquizz/mentalbreakdown/src/	3 KB 751 B	201ms 201ms	Script application/javascript	162.241.225.249 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.fareeqesam.org/popquizz/mentalbreakdown/src/j.js Requested by Host: www.fareeqesam.org URL: https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.225.249 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box5305.bluehost.com Software Apache / Resource Hash `e81130ab078cfaf535fc6b4d346f8032e9099f5e429cdb24d5c1deb80f86ac7d` Request headers Referer https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 26 Jun 2020 13:08:54 GMT content-encoding gzip last-modified Thu, 10 Jan 2019 12:45:52 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript status 200 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 673
GET H2	200	styles_9bd8b84a9c03352228b4.css www.fareeqesam.org/popquizz/mentalbreakdown/src/	56 KB 13 KB	202ms 201ms	Stylesheet text/css	162.241.225.249 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.fareeqesam.org/popquizz/mentalbreakdown/src/styles_9bd8b84a9c03352228b4.css Requested by Host: www.fareeqesam.org URL: https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.225.249 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box5305.bluehost.com Software Apache / Resource Hash `11915af6b9b36831211194b0a13bd2fefc24679a5a1539d27aef8106cd5ab937` Request headers Referer https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 26 Jun 2020 13:08:54 GMT content-encoding gzip last-modified Thu, 10 Jan 2019 12:45:52 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type text/css status 200 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 13610
GET H2	200	Logo_TELUS.svg www.fareeqesam.org/popquizz/mentalbreakdown/src/	2 KB 2 KB	125ms 124ms	Image image/svg+xml	162.241.225.249 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.fareeqesam.org/popquizz/mentalbreakdown/src/Logo_TELUS.svg Requested by Host: www.fareeqesam.org URL: https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.225.249 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box5305.bluehost.com Software Apache / Resource Hash `cbe1b0f1185a0b862a1e9ed248098ff59f79de8c00cd0ea2dd873023e704d3f4` Request headers Referer https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 26 Jun 2020 13:08:54 GMT last-modified Thu, 10 Jan 2019 12:45:52 GMT server Apache accept-ranges bytes content-type image/svg+xml status 200 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 1826
GET H2	200	Logo_TELUS_white.svg www.fareeqesam.org/popquizz/mentalbreakdown/src/	2 KB 2 KB	124ms 124ms	Image image/svg+xml	162.241.225.249 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.fareeqesam.org/popquizz/mentalbreakdown/src/Logo_TELUS_white.svg Requested by Host: www.fareeqesam.org URL: https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.225.249 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box5305.bluehost.com Software Apache / Resource Hash `31bf43ce5c4741bfd9fda40462c63bfb1e518f0e4ca88a09ff7f963cd3b3f67b` Request headers Referer https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 26 Jun 2020 13:08:54 GMT last-modified Thu, 10 Jan 2019 12:45:52 GMT server Apache accept-ranges bytes content-type image/svg+xml status 200 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 2231
GET H2	200	wave_header_default.png www.fareeqesam.org/popquizz/mentalbreakdown/src/	20 KB 20 KB	128ms 128ms	Image image/png	162.241.225.249 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.fareeqesam.org/popquizz/mentalbreakdown/src/wave_header_default.png Requested by Host: www.fareeqesam.org URL: https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.225.249 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box5305.bluehost.com Software Apache / Resource Hash `44968214d4d5a6c9a466025084ccde7360fb1365c13375062dd050004889531f` Request headers Referer https://www.fareeqesam.org/popquizz/mentalbreakdown/src/styles_9bd8b84a9c03352228b4.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 26 Jun 2020 13:08:54 GMT last-modified Thu, 10 Jan 2019 12:45:52 GMT server Apache accept-ranges bytes content-type image/png status 200 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 20752
GET H2	200	b8765d4b-d9a3-48b9-ac65-560e7517cf0e.woff2 www.fareeqesam.org/popquizz/mentalbreakdown/src/	19 KB 20 KB	129ms 128ms	Font font/woff2	162.241.225.249 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.fareeqesam.org/popquizz/mentalbreakdown/src/b8765d4b-d9a3-48b9-ac65-560e7517cf0e.woff2 Requested by Host: www.fareeqesam.org URL: https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.225.249 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box5305.bluehost.com Software Apache / Resource Hash `726b4339c7bca67dbba88d1f121857e2130d7ac194df7a512461ae621cfc2ff1` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.fareeqesam.org/popquizz/mentalbreakdown/src/styles_9bd8b84a9c03352228b4.css Origin https://www.fareeqesam.org Response headers date Fri, 26 Jun 2020 13:08:54 GMT last-modified Thu, 10 Jan 2019 12:45:52 GMT server Apache accept-ranges bytes content-type font/woff2 status 200 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 19848
GET H2	200	dc50c02f-3f77-4e75-b89c-e3f9bb4752e6.woff2 www.fareeqesam.org/popquizz/mentalbreakdown/src/	19 KB 19 KB	230ms 229ms	Font font/woff2	162.241.225.249 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.fareeqesam.org/popquizz/mentalbreakdown/src/dc50c02f-3f77-4e75-b89c-e3f9bb4752e6.woff2 Requested by Host: www.fareeqesam.org URL: https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.225.249 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box5305.bluehost.com Software Apache / Resource Hash `7adbc085f4ca58718317d3c12bafe06e65bffc31b1310d5ef3a005f18155e554` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.fareeqesam.org/popquizz/mentalbreakdown/src/styles_9bd8b84a9c03352228b4.css Origin https://www.fareeqesam.org Response headers date Fri, 26 Jun 2020 13:08:54 GMT last-modified Thu, 10 Jan 2019 12:45:52 GMT server Apache accept-ranges bytes content-type font/woff2 status 200 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 19472
GET H2	200	core-icons.woff2 www.fareeqesam.org/popquizz/mentalbreakdown/src/	4 KB 4 KB	229ms 228ms	Font font/woff2	162.241.225.249 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.fareeqesam.org/popquizz/mentalbreakdown/src/core-icons.woff2 Requested by Host: www.fareeqesam.org URL: https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.225.249 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box5305.bluehost.com Software Apache / Resource Hash `d8985cae9eda7ce2bb937053b26c94a391b53c4e2563ed77c6527db0e41a16e4` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.fareeqesam.org/popquizz/mentalbreakdown/src/styles_9bd8b84a9c03352228b4.css Origin https://www.fareeqesam.org Response headers date Fri, 26 Jun 2020 13:08:54 GMT last-modified Thu, 10 Jan 2019 12:45:52 GMT server Apache accept-ranges bytes content-type font/woff2 status 200 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 4036
GET H2	200	3e8a8b56-3cb0-4347-b670-eaaf06b76e9b.woff2 www.fareeqesam.org/popquizz/mentalbreakdown/src/	19 KB 19 KB	131ms 130ms	Font font/woff2	162.241.225.249 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.fareeqesam.org/popquizz/mentalbreakdown/src/3e8a8b56-3cb0-4347-b670-eaaf06b76e9b.woff2 Requested by Host: www.fareeqesam.org URL: https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.225.249 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box5305.bluehost.com Software Apache / Resource Hash `56b0625243f403285df4a6ec2b3bb68b17501a6a95ba30252a917c06d4395f58` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.fareeqesam.org/popquizz/mentalbreakdown/src/styles_9bd8b84a9c03352228b4.css Origin https://www.fareeqesam.org Response headers date Fri, 26 Jun 2020 13:08:54 GMT last-modified Thu, 10 Jan 2019 12:45:52 GMT server Apache accept-ranges bytes content-type font/woff2 status 200 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 19304
GET H2	200	aff68211-86bb-476d-882e-f7a3face144c.woff2 www.fareeqesam.org/popquizz/mentalbreakdown/src/	49 KB 50 KB	131ms 131ms	Font font/woff2	162.241.225.249 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.fareeqesam.org/popquizz/mentalbreakdown/src/aff68211-86bb-476d-882e-f7a3face144c.woff2 Requested by Host: www.fareeqesam.org URL: https://www.fareeqesam.org/popquizz/mentalbreakdown/Login.php?as/authorization.oauth2?client_id=uni_portal&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20securitymgmt%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20homephonemanagement%20usagemanagement%20usagedetails%20usagenotificationacceptancehistory%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20tvsusbscriptioninfo%20appointmentmanagement%20wirelineprotectionsubscriptionservice%20servicemanagement%20hellocustomer%20invoicedocuments%20billpreferencemanagement&redirect_uri=https://api.digital.telus.com/oauth2/callback Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.225.249 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box5305.bluehost.com Software Apache / Resource Hash `f776d0dfb485629c7351534355429068fd43071b7613e3d2042986fd5b5bf46c` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.fareeqesam.org/popquizz/mentalbreakdown/src/styles_9bd8b84a9c03352228b4.css Origin https://www.fareeqesam.org Response headers date Fri, 26 Jun 2020 13:08:54 GMT last-modified Thu, 10 Jan 2019 12:45:52 GMT server Apache accept-ranges bytes content-type font/woff2 status 200 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 50428

www.fareeqesam.org Open in urlscan Pro 162.241.225.249 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

234 kBTransfer

457 kBSize

0 Cookies

64 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

0 Cookies

Indicators

www.fareeqesam.org Open in urlscan Pro
162.241.225.249 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

234 kB
Transfer

457 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!