spoc-portal.com
Open in
urlscan Pro
104.21.81.210
Malicious Activity!
Public Scan
Effective URL: https://spoc-portal.com/
Submission: On August 08 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by GTS CA 1P5 on August 7th 2023. Valid for: 3 months.
This is the only time spoc-portal.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telus (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 172.67.164.156 172.67.164.156 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.21.81.210 104.21.81.210 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 18.67.76.128 18.67.76.128 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 107.162.139.198 107.162.139.198 | 55002 (DEFENSE-NET) (DEFENSE-NET) | |
1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-128.iad89.r.cloudfront.net
cdn.telus.digital |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
telus.digital
cdn.telus.digital — Cisco Umbrella Rank: 217952 |
101 KB |
4 |
telus.com
partneridentity.telus.com |
747 KB |
2 |
spoc-portal.com
1 redirects
spoc-portal.com |
3 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257 |
11 KB |
11 | 4 |
Domain | Requested by | |
---|---|---|
5 | cdn.telus.digital |
spoc-portal.com
cdn.telus.digital |
4 | partneridentity.telus.com |
spoc-portal.com
partneridentity.telus.com |
2 | spoc-portal.com | 1 redirects |
1 | cdnjs.cloudflare.com |
spoc-portal.com
|
11 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
secure.telusmobility.com |
partnerauth.telus.com |
www.telus.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
spoc-portal.com GTS CA 1P5 |
2023-08-07 - 2023-11-05 |
3 months | crt.sh |
cdn.telus.digital DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
partneridentity.telus.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-02 - 2024-03-01 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://spoc-portal.com/
Frame ID: 41C7C486F6624549FD87E12785FC1D2D
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
TELUS Partner SSOPage URL History Show full URLs
-
http://spoc-portal.com/
HTTP 301
https://spoc-portal.com/ Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: First time visitor? REGISTER NOW!
Search URL Search Domain Scan URL
Title: Forgot your password?
Search URL Search Domain Scan URL
Title: Trouble logging in?
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: browser requirements
Search URL Search Domain Scan URL
Title: terms and conditions
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://spoc-portal.com/
HTTP 301
https://spoc-portal.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
spoc-portal.com/ Redirect Chain
|
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tds.min.css
cdn.telus.digital/thorium/core/v0.16.3/ |
36 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
telus-sso-improvement.css
partneridentity.telus.com/assets/styles/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/ |
57 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
telus-logo.svg
partneridentity.telus.com/assets/assets/ |
4 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
leaves-retina-web.png
partneridentity.telus.com/assets/assets/ |
704 KB 705 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wave-header-default.png
partneridentity.telus.com/assets/assets/ |
34 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core-icons.woff2
cdn.telus.digital/thorium/core/v0.4.0/ |
4 KB 5 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b8765d4b-d9a3-48b9-ac65-560e7517cf0e.woff2
cdn.telus.digital/thorium/core/fonts/etext/ |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3e8a8b56-3cb0-4347-b670-eaaf06b76e9b.woff2
cdn.telus.digital/thorium/core/fonts/etext/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aff68211-86bb-476d-882e-f7a3face144c.woff2
cdn.telus.digital/thorium/core/fonts/ |
49 KB 50 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telus (Telecommunication)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.telus.digital
cdnjs.cloudflare.com
partneridentity.telus.com
spoc-portal.com
104.17.25.14
104.21.81.210
107.162.139.198
172.67.164.156
18.67.76.128
0e117c1ffe3b549c3e95d70372c56eca65eaf5db8934a45c5d4f6fe5a705a35a
1f2da6e84d0fbd44946c6427168d125afe1ec92100daf6feda1aeda968aa43a1
47593272e59aaeb5d5e88f6f453a8fe90569fbdbf54b6be214c733e2a1f4e92f
56b0625243f403285df4a6ec2b3bb68b17501a6a95ba30252a917c06d4395f58
726b4339c7bca67dbba88d1f121857e2130d7ac194df7a512461ae621cfc2ff1
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
8fabef7055aa20f5033d7df021c027128feb0757af2cab181412cdc8644d3662
a2e7c33fa437debb34fb84109a43e15769b9ed0c3c14aa27b15d5259f29b60a4
d8985cae9eda7ce2bb937053b26c94a391b53c4e2563ed77c6527db0e41a16e4
e9bd7a2422b44ed7329fb3ece73c00f386d18b33ea9472f1811731c824c9cd80
f776d0dfb485629c7351534355429068fd43071b7613e3d2042986fd5b5bf46c