urlscan.io logo urlscan.io
SecurityTrails logo

telusrecycling.ca Open in urlscan Pro
52.60.44.107  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://telusrecycling.ca/
Effective URL: https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
Submission: On March 08 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 52.60.44.107, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is telusrecycling.ca.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 7th 2020. Valid for: 3 months.
This is the only time telusrecycling.ca was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telus (Telecommunication)

Domain & IP information

10    52.60.44.107 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-44-107.ca-central-1.compute.amazonaws.com
telusrecycling.ca
2    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:3031::6812:3c5f (United States)

ASN13335 (CLOUDFLARENET, US)
browser-update.org
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3033::681c:1a12 (United States)

ASN13335 (CLOUDFLARENET, US)
s3-ca1.icom.productions
1    2606:2800:234:660:118e:28f:1d8a:2522 (United States)

ASN15133 (EDGECAST, US)
fast.fonts.net
1    2600:9000:214f:ba00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.ctfassets.net
Domain Requested by
10 telusrecycling.ca 2 redirects telusrecycling.ca
3 browser-update.org telusrecycling.ca
browser-update.org
2 fonts.gstatic.com
2 fonts.googleapis.com telusrecycling.ca
1 images.ctfassets.net
1 fast.fonts.net
1 s3-ca1.icom.productions
18 7

This site contains links to these domains. Also see Links.

Domain
browser-update.org
Subject Issuer Validity Valid
telusrecycling.ca
Let's Encrypt Authority X3		 2020-03-07 -
2020-06-05		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-30 -
2020-10-09		 8 months crt.sh
*.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
s9.wac.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2019-01-16 -
2021-02-03		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
Frame ID: 0B4FE89E6D32204A68B9598BE13F5DB6
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://telusrecycling.ca/ HTTP 302
    https://telusrecycling.ca/login.php?return=%2Findex.php HTTP 302
    https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /\(Amazon\)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
  • script /react.*\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /\(Amazon\)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

18
Requests

94 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

548 kB
Transfer

569 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://telusrecycling.ca/ HTTP 302
    https://telusrecycling.ca/login.php?return=%2Findex.php HTTP 302
    https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
telusrecycling.ca/includes/modules/FM_ReactLogin/
Redirect Chain
  • https://telusrecycling.ca/
  • https://telusrecycling.ca/login.php?return=%2Findex.php
  • https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.44.107 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-44-107.ca-central-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33; Qcodo/0.3.43 (Qcodo Beta 3)
Resource Hash
33fd6ccbc8906afe40befe34ebbbc74c5243a8a61cab0d248eaea0ad555e90df

Request headers

Host
telusrecycling.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=rcjs9e19cc426ueao7a3jiaigv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Date
Sun, 08 Mar 2020 00:46:46 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By
PHP/7.1.33; Qcodo/0.3.43 (Qcodo Beta 3)
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Length
1216
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 08 Mar 2020 00:46:46 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By
PHP/7.1.33; Qcodo/0.3.43 (Qcodo Beta 3)
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
/includes/modules/FM_ReactLogin/?return=%2Findex.php
Content-Length
0
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Maven+Pro|Open+Sans|Pontano+Sans|PT+Sans|Puritan|Roboto
Requested by
Host: telusrecycling.ca
URL: https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3bb8f1472fba850afd0867935b37984e5461ecf03fba4aa1aa65bac5f0c3f0d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 08 Mar 2020 00:46:46 GMT
server
ESF
date
Sun, 08 Mar 2020 00:46:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Mar 2020 00:46:46 GMT
icon
fonts.googleapis.com/ 		574 B
468 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: telusrecycling.ca
URL: https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 08 Mar 2020 00:46:46 GMT
server
ESF
date
Sun, 08 Mar 2020 00:46:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Mar 2020 00:46:46 GMT
react-login.2.5.0.js
telusrecycling.ca/includes/modules/FM_ReactLogin/ 		469 KB
469 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telusrecycling.ca/includes/modules/FM_ReactLogin/react-login.2.5.0.js
Requested by
Host: telusrecycling.ca
URL: https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.44.107 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-44-107.ca-central-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash
feaf6653a9dddfdca142955b5fd8379731cf51f9d8c6beea45925a29ccf0c4e6

Request headers

Referer
https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sun, 08 Mar 2020 00:46:46 GMT
Last-Modified
Mon, 07 May 2018 16:06:23 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"754a0-56b9fd9ea81b9"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
480416
login-config.json
telusrecycling.ca/orgresources/1/FM_ReactLogin/ 		858 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telusrecycling.ca/orgresources/1/FM_ReactLogin/login-config.json
Requested by
Host: telusrecycling.ca
URL: https://telusrecycling.ca/includes/modules/FM_ReactLogin/react-login.2.5.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.44.107 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-44-107.ca-central-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash
c1c826b648ca3bb8529915feb6fdeb03223cc83d4e89f3007edc026800d2fb17

Request headers

Pragma
no-cache
Last-Modified
Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Sec-Fetch-Dest
empty
Referer
https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
If-Modified-Since
Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)
Expires
0

Response headers

Date
Sun, 08 Mar 2020 00:46:47 GMT
Last-Modified
Fri, 07 Jun 2019 23:02:10 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"35a-58ac3d1ffa080"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
858
update.min.js
browser-update.org/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser-update.org/update.min.js
Requested by
Host: telusrecycling.ca
URL: https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3c5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73cf26bb5e257637005e208f98806e426bd31007b0840b5e992f77d363ad4402

Request headers

Referer
https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 08 Mar 2020 00:46:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 29 Feb 2020 11:30:45 GMT
server
cloudflare
age
652558
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=86400
cf-ray
57088a8a7ff56395-FRA
expires
Sun, 01 Mar 2020 11:30:49 GMT
update.show.min.js
browser-update.org/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser-update.org/update.show.min.js
Requested by
Host: browser-update.org
URL: https://browser-update.org/update.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3c5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f58a109a11741d70c099c8c6107ffd0ffcf14d3654eb0262354cccfb8a8a16cd

Request headers

Referer
https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 08 Mar 2020 00:46:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 29 Feb 2020 11:30:45 GMT
server
cloudflare
age
652557
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=86400
cf-ray
57088a8a98076395-FRA
expires
Sun, 01 Mar 2020 11:30:50 GMT
c.png
browser-update.org/static/img/small/ 		787 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://browser-update.org/static/img/small/c.png
Requested by
Host: browser-update.org
URL: https://browser-update.org/update.show.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3c5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f979bb91eaf11b4a8f292cf49bab2250eb755cff8f6a10169977db44acabd3e

Request headers

Referer
https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 08 Mar 2020 00:46:47 GMT
cf-cache-status
HIT
last-modified
Thu, 26 Jul 2018 12:18:24 GMT
server
cloudflare
age
517
etag
"313-571e5fddcaa54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
57088a8ab8116395-FRA
content-length
787
common.css
telusrecycling.ca/includes/modules/FM_ReactLogin/css/common/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telusrecycling.ca/includes/modules/FM_ReactLogin/css/common/common.css
Requested by
Host: telusrecycling.ca
URL: https://telusrecycling.ca/includes/modules/FM_ReactLogin/react-login.2.5.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.44.107 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-44-107.ca-central-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash
a81f5ea16b1bb316be0d8fcc856a4812873aef0def01ea542c8bf971bde4a9a0

Request headers

Referer
https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Sun, 08 Mar 2020 00:46:47 GMT
Last-Modified
Fri, 09 Feb 2018 21:44:49 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"18f9-564ce700b0d04"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
6393
index.css
telusrecycling.ca/orgresources/1/FM_ReactLogin/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telusrecycling.ca/orgresources/1/FM_ReactLogin/index.css
Requested by
Host: telusrecycling.ca
URL: https://telusrecycling.ca/includes/modules/FM_ReactLogin/react-login.2.5.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.44.107 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-44-107.ca-central-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash
8b1b17e359fa6015a7c6051ec352afab218f53393ccf85068c2530ac86d2962a

Request headers

Referer
https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Sun, 08 Mar 2020 00:46:47 GMT
Last-Modified
Fri, 07 Jun 2019 04:10:04 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"42c3-58ab4014b1f00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
17091
en-base.json
telusrecycling.ca/includes/modules/FM_ReactLogin/baseLanguageFiles/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telusrecycling.ca/includes/modules/FM_ReactLogin/baseLanguageFiles/en-base.json
Requested by
Host: telusrecycling.ca
URL: https://telusrecycling.ca/includes/modules/FM_ReactLogin/react-login.2.5.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.44.107 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-44-107.ca-central-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash
91d87802544051057fc004901807ba64c6c991d58ed831aafd5ec1f8b26532da

Request headers

Pragma
no-cache
Last-Modified
Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Sec-Fetch-Dest
empty
Referer
https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
If-Modified-Since
Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)
Expires
0

Response headers

Date
Sun, 08 Mar 2020 00:46:47 GMT
Last-Modified
Fri, 09 Feb 2018 21:44:49 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"c4e-564ce700b0d04"
Content-Type
text/plain; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
3150
en.json
telusrecycling.ca/orgresources/1/FM_ReactLogin/ 		147 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telusrecycling.ca/orgresources/1/FM_ReactLogin/en.json
Requested by
Host: telusrecycling.ca
URL: https://telusrecycling.ca/includes/modules/FM_ReactLogin/react-login.2.5.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.44.107 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-44-107.ca-central-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash
26d53d33b24075d813772f90bcbaf81d73d62c33c5c27fb90c3884782b31b990

Request headers

Pragma
no-cache
Last-Modified
Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Sec-Fetch-Dest
empty
Referer
https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
If-Modified-Since
Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)
Expires
0

Response headers

Date
Sun, 08 Mar 2020 00:46:47 GMT
Last-Modified
Fri, 07 Jun 2019 04:07:38 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"93-58ab3f8975680"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
147
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Maven+Pro|Open+Sans|Pontano+Sans|PT+Sans|Puritan|Roboto
Origin
https://telusrecycling.ca
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 02:11:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
3278090
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Fri, 29 Jan 2021 02:11:57 GMT
fonts.css
s3-ca1.icom.productions/fonts/telus_wise_eco/ 		565 B
876 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-ca1.icom.productions/fonts/telus_wise_eco/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:1a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8196ea5b14f61a5eece45f5ff5b2b48aa5ff85aba7045ed78c99d9d891cb6276

Request headers

Referer
https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 08 Mar 2020 00:46:48 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
8297F94001343220
cf-ray
57088a8ccbbdc2c7-FRA
status
200
x-amz-id-2
fX5qPchlAqRWmSl4IF59xXh14J6B54XBJc58i8xDS32UCkwrK5Po0KORPxmyP9noEAtlBf1EFBo=
last-modified
Tue, 21 Aug 2018 18:59:02 GMT
server
cloudflare
etag
W/"6303450077a88734b9d497a45d11e160"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
9EMdCf4A2pbg49cPDPEZUjGM2w71FGrU
cache-control
max-age=14400
x-amz-meta-version-id
Ges3TB4v1od4f8gqCfOWBXqHLP7uWW4_
content-type
text/css
1.css
fast.fonts.net/t/ 		0
164 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/t/1.css?apiType=css&projectid=a061458f-1fdd-43da-9373-237cb9f720cc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41AE) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telusrecycling.ca/includes/modules/FM_ReactLogin/?return=%2Findex.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 08 Mar 2020 00:46:48 GMT
last-modified
Wed, 21 Feb 2018 12:55:22 GMT
server
ECS (fcn/41AE)
age
23943965
etag
"616070693"
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
expires
Sun, 15 Mar 2020 00:46:48 GMT
leaf.jpg
telusrecycling.ca/orgresources/1/FM_ReactLogin/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telusrecycling.ca/orgresources/1/FM_ReactLogin/leaf.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.44.107 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-44-107.ca-central-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash
db0ca2bf896330200451486c02898a6f387cba99effe9fbbeae33889485a651d

Request headers

Referer
https://telusrecycling.ca/orgresources/1/FM_ReactLogin/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 08 Mar 2020 00:46:48 GMT
Last-Modified
Fri, 08 Mar 2019 00:55:52 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"2abc-5838aaf389600"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
10940
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExcOPIDU.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Maven+Pro|Open+Sans|Pontano+Sans|PT+Sans|Puritan|Roboto
Origin
https://telusrecycling.ca
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 19:13:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:28:02 GMT
server
sffe
age
2784774
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11380
x-xss-protection
0
expires
Wed, 03 Feb 2021 19:13:54 GMT
Logo_TELUS.svg
images.ctfassets.net/fikanzmkdlqn/3yUnySNpS8IS4CeyUeWgeg/5bcfa9c592acfe591f26d85f6820fa5f/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.ctfassets.net/fikanzmkdlqn/3yUnySNpS8IS4CeyUeWgeg/5bcfa9c592acfe591f26d85f6820fa5f/Logo_TELUS.svg
Protocol
HTTP/1.1
Server
2600:9000:214f:ba00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
cbe1b0f1185a0b862a1e9ed248098ff59f79de8c00cd0ea2dd873023e704d3f4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 09 Jan 2020 14:49:11 GMT
Content-Encoding
gzip
Server
Contentful Images API
Age
5047057
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
Connection
keep-alive
X-Amz-Cf-Id
QVVqGt65_UYPybEVkldYqiLohb3qqRu63amHd3A29fBiorSpDhkoxg==
Via
1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telus (Telecommunication)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| orgResourcesFolder string| orgCode string| sessionLang object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| KJUR object| Hex object| Base64 function| ASN1 object| $buoop function| $buo_f object| $bu_ function| $buo function| $bu_getBrowser object| _buorgres function| $buo_show

2 Cookies

Domain/Path Name / Value
telusrecycling.ca/ Name: browserupdateorg
Value: pause
telusrecycling.ca/ Name: PHPSESSID
Value: rcjs9e19cc426ueao7a3jiaigv

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser-update.org
fast.fonts.net
fonts.googleapis.com
fonts.gstatic.com
images.ctfassets.net
s3-ca1.icom.productions
telusrecycling.ca
2600:9000:214f:ba00:12:94b3:c380:93a1
2606:2800:234:660:118e:28f:1d8a:2522
2606:4700:3031::6812:3c5f
2606:4700:3033::681c:1a12
2a00:1450:4001:800::2003
2a00:1450:4001:819::200a
52.60.44.107
26d53d33b24075d813772f90bcbaf81d73d62c33c5c27fb90c3884782b31b990
33fd6ccbc8906afe40befe34ebbbc74c5243a8a61cab0d248eaea0ad555e90df
3bb8f1472fba850afd0867935b37984e5461ecf03fba4aa1aa65bac5f0c3f0d2
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5f979bb91eaf11b4a8f292cf49bab2250eb755cff8f6a10169977db44acabd3e
73cf26bb5e257637005e208f98806e426bd31007b0840b5e992f77d363ad4402
8196ea5b14f61a5eece45f5ff5b2b48aa5ff85aba7045ed78c99d9d891cb6276
8b1b17e359fa6015a7c6051ec352afab218f53393ccf85068c2530ac86d2962a
91d87802544051057fc004901807ba64c6c991d58ed831aafd5ec1f8b26532da
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
a81f5ea16b1bb316be0d8fcc856a4812873aef0def01ea542c8bf971bde4a9a0
c1c826b648ca3bb8529915feb6fdeb03223cc83d4e89f3007edc026800d2fb17
cbe1b0f1185a0b862a1e9ed248098ff59f79de8c00cd0ea2dd873023e704d3f4
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
db0ca2bf896330200451486c02898a6f387cba99effe9fbbeae33889485a651d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f58a109a11741d70c099c8c6107ffd0ffcf14d3654eb0262354cccfb8a8a16cd
feaf6653a9dddfdca142955b5fd8379731cf51f9d8c6beea45925a29ccf0c4e6