telus-partners.com Open in urlscan Pro
216.245.184.222 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://telus-partners.com/
Submission: On April 28 via automatic, source certstream-suspicious (April 28th 2024, 12:34:45 am UTC) — Scanned from DE

Summary HTTP 21 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 21 HTTP transactions. The main IP is 216.245.184.222, located in Chicago, United States and belongs to BLNWX, US. The main domain is telus-partners.com.
TLS certificate: Issued by R3 on April 27th 2024. Valid for: 3 months.

This is the only time telus-partners.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telus (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
16	216.245.184.222 216.245.184.222	399629 (BLNWX) (BLNWX)
4	99.86.4.112 99.86.4.112	16509 (AMAZON-02) (AMAZON-02)
1	54.157.15.219 54.157.15.219	14618 (AMAZON-AES) (AMAZON-AES)
21	3

16 216.245.184.222 (Chicago, United States)

ASN399629 (BLNWX, US)

telus-partners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.4.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-112.fra6.r.cloudfront.net

cdn.telus.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.157.15.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-15-219.compute-1.amazonaws.com

static.telus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	telus-partners.com telus-partners.com	987 KB
4	telus.digital cdn.telus.digital — Cisco Umbrella Rank: 226127	93 KB
1	telus.com static.telus.com	2 KB
21	3

	Domain	Requested by
16	telus-partners.com	telus-partners.com
4	cdn.telus.digital	telus-partners.com
1	static.telus.com
21	3

This site contains links to these domains. Also see Links.

Domain
secure.telusmobility.com
www.telus.com

Subject Issuer	Validity	Valid
telus-partners.com R3	`2024-04-27` - `2024-07-26`	3 months	crt.sh
cdn.telus.digital DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-01` - `2025-03-31`	a year	crt.sh
static.telus.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-01` - `2025-02-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://telus-partners.com/
Frame ID: 044D7DA9054C03C9EF6852688012D24B
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Koodo Partner SSO

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1083 kB
Transfer

1483 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.telusmobility.com/partners/im_preauth/validatePartner.jsp?language=EN
Title: First time visitor? REGISTER NOW!

Search URL Search Domain Scan URL

URL: https://secure.telusmobility.com/partners/forgotPassword.jsp?language=EN
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://secure.telusmobility.com/partners/securecontent/english/info/login_troubles.jsp
Title: Trouble logging in?

Search URL Search Domain Scan URL

URL: http://www.telus.com/

Search URL Search Domain Scan URL

URL: https://secure.telusmobility.com/partners/securecontent/english/info/browser_req.jsp
Title: browser requirements

Search URL Search Domain Scan URL

URL: https://secure.telusmobility.com/partners/termsAndConditions.jsp?language=EN
Title: terms and conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response telus-partners.com/	14 KB 4 KB	744ms 139ms	Document text/html	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Full URL https://telus-partners.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `1956c43bbfca9a9749e8355f7d0383ee8b70920f74d92a76dca797d4e335fbf5` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes Connection Keep-Alive Content-Encoding gzip Content-Length 3325 Content-Type text/html Date Sun, 28 Apr 2024 00:34:39 GMT ETag "36e9-600eaa290a680-gzip" Keep-Alive timeout=5, max=100 Last-Modified Thu, 20 Jul 2023 12:53:30 GMT Server Apache/2.4.41 (Ubuntu) Vary Accept-Encoding
GET H/1.1	200 OK	telus_common_002.js Show response telus-partners.com/index_files/	7 KB 3 KB	138ms 137ms	Script application/javascript	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Full URL https://telus-partners.com/index_files/telus_common_002.js Requested by Host: telus-partners.com URL: https://telus-partners.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `31b50b141710243fcff1890f1828889fe38261c860ddc00c3f1b580216fbfdde` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:39 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 12:53:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "1c19-600eaa2af2b00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2542
GET H/1.1	200 OK	main.js Show response telus-partners.com/index_files/	490 B 599 B	539ms 135ms	Script application/javascript	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Full URL https://telus-partners.com/index_files/main.js Requested by Host: telus-partners.com URL: https://telus-partners.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `e53c4c4d16a2a905a402e1896e3d523ef698a161519809a276dc34aeb01fe3ed` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:40 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 12:53:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "1ea-600eaa2af2b00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 250
GET H/1.1	200 OK	jquery.js Show response telus-partners.com/index_files/	242 KB 72 KB	426ms 156ms	Script application/javascript	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Full URL https://telus-partners.com/index_files/jquery.js Requested by Host: telus-partners.com URL: https://telus-partners.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:40 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 12:53:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "3c72d-600eaa2af2b00-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97
GET H/1.1	200 OK	js.cookie.js Show response telus-partners.com/index_files/	4 KB 2 KB	469ms 137ms	Script application/javascript	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Full URL https://telus-partners.com/index_files/js.cookie.js Requested by Host: telus-partners.com URL: https://telus-partners.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:40 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 12:53:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "f20-600eaa2af2b00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1475
GET H/1.1	200 OK	validation-rules.js Show response telus-partners.com/index_files/	5 KB 1 KB	607ms 136ms	Script application/javascript	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Full URL https://telus-partners.com/index_files/validation-rules.js Requested by Host: telus-partners.com URL: https://telus-partners.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `b435bfc13df848eb2b151ec65ec91bb3b0920f004a9b3716b11072db2f0e2662` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:40 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 12:53:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "14b3-600eaa2af2b00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1027
GET H/1.1	200 OK	login.js Show response telus-partners.com/index_files/	14 KB 3 KB	665ms 138ms	Script application/javascript	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Full URL https://telus-partners.com/index_files/login.js Requested by Host: telus-partners.com URL: https://telus-partners.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `bd0ca4f26fc73435cb9ee2ded6019d290ce7969155e1cf4944ea3c965b695b1b` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:40 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 12:53:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "394a-600eaa2af2b00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3187
GET H/1.1	200 OK	modal.js Show response telus-partners.com/index_files/	488 B 575 B	412ms 136ms	Script application/javascript	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Full URL https://telus-partners.com/index_files/modal.js Requested by Host: telus-partners.com URL: https://telus-partners.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `d39e02a7c1febfb7714dc526b750af2a62a0116b50cb30d3008f427bf7cd27fd` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:40 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 12:53:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "1e8-600eaa2af2b00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 226
GET H/1.1	200 OK	tds.min.css telus-partners.com/index_files/	36 KB 7 KB	275ms 137ms	Stylesheet text/css	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Full URL https://telus-partners.com/index_files/tds.min.css Requested by Host: telus-partners.com URL: https://telus-partners.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `a2e7c33fa437debb34fb84109a43e15769b9ed0c3c14aa27b15d5259f29b60a4` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:40 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 12:53:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "91c6-600eaa2af2b00-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 6580
GET H/1.1	200 OK	telus-sso-improvement.css telus-partners.com/index_files/	7 KB 2 KB	403ms 135ms	Stylesheet text/css	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Full URL https://telus-partners.com/index_files/telus-sso-improvement.css Requested by Host: telus-partners.com URL: https://telus-partners.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `08537c342b465b3e71b5e920c47646f697520270019d9f0fa00ceac048506975` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:40 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 12:53:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "1ba5-600eaa2af2b00-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1856
GET H/1.1	200 OK	telus_common.js Show response telus-partners.com/index_files/	234 KB 129 KB	327ms 151ms	Script application/javascript	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Full URL https://telus-partners.com/index_files/telus_common.js Requested by Host: telus-partners.com URL: https://telus-partners.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `1cdcf9679f4eccb09e63ddf2aa7c510b0c9fdd1f22474e829aed21b459d974ff` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:41 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 12:53:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "3a724-600eaa2af2b00-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H/1.1	200 OK	require.js Show response telus-partners.com/index_files/	84 KB 21 KB	421ms 145ms	Script application/javascript	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Full URL https://telus-partners.com/index_files/require.js Requested by Host: telus-partners.com URL: https://telus-partners.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `a5fa09c0712a5ec008c8bae7481ea66829cc9c513a24c437b19b4552b9ccf7d9` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:40 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 12:53:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "151d2-600eaa2af2b00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 21150
GET H/1.1	200 OK	telus_logo.png telus-partners.com/assets/	3 KB 3 KB	260ms 134ms	Image image/png	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Show image Full URL https://telus-partners.com/assets/telus_logo.png Requested by Host: telus-partners.com URL: https://telus-partners.com/index_files/telus-sso-improvement.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `b081e5b9cd551642f26ebc937f38f23c9241dd4004f40894bbedcc0daf301a2f` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/index_files/telus-sso-improvement.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:40 GMT Last-Modified Thu, 20 Jul 2023 12:53:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "b04-600eaa2af2b00" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2820
GET H/1.1	200 OK	leaves-retina-web.png telus-partners.com/assets/	704 KB 704 KB	279ms 136ms	Image image/png	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Show image Full URL https://telus-partners.com/assets/leaves-retina-web.png Requested by Host: telus-partners.com URL: https://telus-partners.com/index_files/telus-sso-improvement.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `8fabef7055aa20f5033d7df021c027128feb0757af2cab181412cdc8644d3662` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/index_files/telus-sso-improvement.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:40 GMT Last-Modified Thu, 20 Jul 2023 12:53:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "b0078-600eaa2af2b00" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 721016
GET H/1.1	200 OK	wave-header-default.png telus-partners.com/assets/	34 KB 35 KB	187ms 138ms	Image image/png	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Show image Full URL https://telus-partners.com/assets/wave-header-default.png Requested by Host: telus-partners.com URL: https://telus-partners.com/index_files/telus-sso-improvement.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `e9bd7a2422b44ed7329fb3ece73c00f386d18b33ea9472f1811731c824c9cd80` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/index_files/telus-sso-improvement.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:40 GMT Last-Modified Thu, 20 Jul 2023 12:53:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "8918-600eaa2af2b00" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 35096
GET H2	200	core-icons.woff2 cdn.telus.digital/thorium/core/v0.4.0/	4 KB 4 KB	648ms 473ms	Font binary/octet-stream	99.86.4.112 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.telus.digital/thorium/core/v0.4.0/core-icons.woff2 Requested by Host: telus-partners.com URL: https://telus-partners.com/index_files/tds.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-112.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash `d8985cae9eda7ce2bb937053b26c94a391b53c4e2563ed77c6527db0e41a16e4` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Origin https://telus-partners.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 00:34:41 GMT via 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 4036 last-modified Mon, 08 Jan 2018 20:08:10 GMT server AmazonS3 etag "6a61e48747de876a912bcaa556dacd23" access-control-max-age 3600 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * cache-control max-age=315360000 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id 951XEfv6f_XITxsxVL6N89fMx8SkmG5JZO6CPBfPT0iP9l4oFQ9evw==
GET H2	200	b8765d4b-d9a3-48b9-ac65-560e7517cf0e.woff2 cdn.telus.digital/thorium/core/fonts/etext/	19 KB 20 KB	606ms 432ms	Font font/woff2	99.86.4.112 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.telus.digital/thorium/core/fonts/etext/b8765d4b-d9a3-48b9-ac65-560e7517cf0e.woff2 Requested by Host: telus-partners.com URL: https://telus-partners.com/index_files/tds.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-112.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash `726b4339c7bca67dbba88d1f121857e2130d7ac194df7a512461ae621cfc2ff1` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Origin https://telus-partners.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 00:34:41 GMT via 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 19848 last-modified Thu, 20 Feb 2020 23:49:39 GMT server AmazonS3 etag "ad426bec3984966214cc48ece827907e" access-control-max-age 3600 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id oJzFbofqQw8OxTgalEPBsJynzx9ObSQwMVs4vrk_uZsvQXJIMdPYSg==
GET H2	200	3e8a8b56-3cb0-4347-b670-eaaf06b76e9b.woff2 cdn.telus.digital/thorium/core/fonts/etext/	19 KB 19 KB	642ms 467ms	Font font/woff2	99.86.4.112 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.telus.digital/thorium/core/fonts/etext/3e8a8b56-3cb0-4347-b670-eaaf06b76e9b.woff2 Requested by Host: telus-partners.com URL: https://telus-partners.com/index_files/tds.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-112.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash `56b0625243f403285df4a6ec2b3bb68b17501a6a95ba30252a917c06d4395f58` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Origin https://telus-partners.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 00:34:41 GMT via 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 19304 last-modified Thu, 20 Feb 2020 23:49:48 GMT server AmazonS3 etag "42691fb7a4691282f7e00bbdcc87c467" access-control-max-age 3600 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id TaHdx6jENhtqYYzMFiz13Dt_5HHsG8xJREFIqhGE5t9Ga5rxVpIxQQ==
GET H2	200	aff68211-86bb-476d-882e-f7a3face144c.woff2 cdn.telus.digital/thorium/core/fonts/	49 KB 50 KB	616ms 442ms	Font font/woff2	99.86.4.112 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.telus.digital/thorium/core/fonts/aff68211-86bb-476d-882e-f7a3face144c.woff2 Requested by Host: telus-partners.com URL: https://telus-partners.com/index_files/tds.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-112.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash `f776d0dfb485629c7351534355429068fd43071b7613e3d2042986fd5b5bf46c` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Origin https://telus-partners.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 00:34:41 GMT via 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 50428 last-modified Thu, 20 Feb 2020 23:41:56 GMT server AmazonS3 etag "929eac69416d11a543cee859bd33f1bc" access-control-max-age 3600 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id tHh7dIVuZV2QI86yqN95w4p8NbgZdj-aO1exqQEC_nT9utOf_PAvLA==
GET H/1.1	404 Not Found	main.js telus-partners.com/assets/scripts/	0 0	195ms 136ms	Script text/html	216.245.184.222 BLNWX
General Check archive.org Show headers Download Go to Full URL https://telus-partners.com/assets/scripts/main.js Requested by Host: telus-partners.com URL: https://telus-partners.com/index_files/require.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.245.184.222 Chicago, United States, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 00:34:41 GMT Server Apache/2.4.41 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 281 Content-Type text/html; charset=iso-8859-1
GET H2	200	TELUS-favicon-128.png static.telus.com/common/images/favicon/	2 KB 2 KB	576ms 118ms	Other image/png	54.157.15.219 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://static.telus.com/common/images/favicon/TELUS-favicon-128.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.157.15.219 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-157-15-219.compute-1.amazonaws.com Software nginx/1.1.19 / Resource Hash `61579f1ddc96195a2c4b8a98932aeacdb8dd4cc1a858f21d9b3cccd78efcf5d6` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://telus-partners.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma public date Sun, 28 Apr 2024 00:34:42 GMT last-modified Thu, 23 Mar 2017 23:45:18 GMT server nginx/1.1.19 content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 1810 expires Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telus (Telecommunication)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://telus-partners.com/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://telus-partners.com/assets/scripts/main.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.telus.digital
static.telus.com
telus-partners.com
216.245.184.222
54.157.15.219
99.86.4.112
08537c342b465b3e71b5e920c47646f697520270019d9f0fa00ceac048506975
1956c43bbfca9a9749e8355f7d0383ee8b70920f74d92a76dca797d4e335fbf5
1cdcf9679f4eccb09e63ddf2aa7c510b0c9fdd1f22474e829aed21b459d974ff
31b50b141710243fcff1890f1828889fe38261c860ddc00c3f1b580216fbfdde
55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789
56b0625243f403285df4a6ec2b3bb68b17501a6a95ba30252a917c06d4395f58
61579f1ddc96195a2c4b8a98932aeacdb8dd4cc1a858f21d9b3cccd78efcf5d6
726b4339c7bca67dbba88d1f121857e2130d7ac194df7a512461ae621cfc2ff1
8fabef7055aa20f5033d7df021c027128feb0757af2cab181412cdc8644d3662
a2e7c33fa437debb34fb84109a43e15769b9ed0c3c14aa27b15d5259f29b60a4
a5fa09c0712a5ec008c8bae7481ea66829cc9c513a24c437b19b4552b9ccf7d9
b081e5b9cd551642f26ebc937f38f23c9241dd4004f40894bbedcc0daf301a2f
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e
b435bfc13df848eb2b151ec65ec91bb3b0920f004a9b3716b11072db2f0e2662
bd0ca4f26fc73435cb9ee2ded6019d290ce7969155e1cf4944ea3c965b695b1b
d39e02a7c1febfb7714dc526b750af2a62a0116b50cb30d3008f427bf7cd27fd
d8985cae9eda7ce2bb937053b26c94a391b53c4e2563ed77c6527db0e41a16e4
e53c4c4d16a2a905a402e1896e3d523ef698a161519809a276dc34aeb01fe3ed
e9bd7a2422b44ed7329fb3ece73c00f386d18b33ea9472f1811731c824c9cd80
f776d0dfb485629c7351534355429068fd43071b7613e3d2042986fd5b5bf46c

telus-partners.com Open in urlscan Pro 216.245.184.222 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

1083 kBTransfer

1483 kBSize

0 Cookies

6 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

telus-partners.com Open in urlscan Pro
216.245.184.222 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1083 kB
Transfer

1483 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!