www.telus.all-services.top Open in urlscan Pro
2600:4c00:80:18::3da Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.telus.all-services.top/
Submission: On March 22 via automatic, source certstream-suspicious (March 22nd 2024, 1:40:48 pm UTC) — Scanned from DE

Summary HTTP 11 Redirects Links 90 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2600:4c00:80:18::3da, located in United States and belongs to PRIVATESYSTEMS, US. The main domain is www.telus.all-services.top.
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.

This is the only time www.telus.all-services.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telus (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	2600:4c00:80:... 2600:4c00:80:18::3da	63410 (PRIVATESY...) (PRIVATESYSTEMS)
7	2600:9000:235... 2600:9000:235a:3600:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	172.66.0.98 172.66.0.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	96.126.112.16 96.126.112.16	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
11	4

1 2600:4c00:80:18::3da (United States)

ASN63410 (PRIVATESYSTEMS, US)

www.telus.all-services.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:235a:3600:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.66.0.98 (United States)

ASN13335 (CLOUDFLARENET, US)

www.telus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.126.112.16 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: mail2.snaphost.com

www.100forms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 3948	13 KB
2	telus.com www.telus.com — Cisco Umbrella Rank: 319773
1	100forms.com www.100forms.com	4 KB
1	all-services.top www.telus.all-services.top	47 KB
11	4

	Domain	Requested by
7	images.ctfassets.net	www.telus.all-services.top
2	www.telus.com	www.telus.all-services.top
1	www.100forms.com	www.telus.all-services.top
1	www.telus.all-services.top
11	4

This site contains links to these domains. Also see Links.

Domain
telusidentity.telus.com
www.telus.com
email.telus.net
www.100forms.com
stores.telus.com
www.youtube.com
ca.linkedin.com
www.instagram.com
twitter.com
www.facebook.com
forum.telus.com
www.telusinternational.com
telus.com

Subject Issuer	Validity	Valid
www.telus.all-services.top R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh
images.ctfassets.net Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
www.telus.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-13` - `2024-11-12`	a year	crt.sh
www.100forms.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-30` - `2024-09-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.telus.all-services.top/
Frame ID: 13B38B4C3F5B27605C70E3A13DD3000D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telus

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

64 kB
Transfer

352 kB
Size

1
Cookies

90 Outgoing links

These are links going to different origins than the main page.

URL: https://telusidentity.telus.com/as/authorization.oauth2?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139&response_type=code&scope=profileinfohighdetail%20customerinfo%20internetservicemanagement%20paymentmanagement%20invoiceinfo%20devicemanagement%20phonenumbermgmt%20accountinfo%20accountmanagement%20loyaltyandrewards%20priceplaninfo%20accountprofilemgmt%20accountactivity%20paymentprocessing%20wifimanagement%20PartnerProfile%20profilemanagement%20usagepreferencemanagement%20usagemeter%20wlspaymentmgmt%20usagemanagement%20usagedetails%20usageblockmanagement%20homesecuritymanagement%20onetimepasscode%20serviceeligibility%20appointmentmanagement%20servicemanagement%20securitymgmt%20productinventory%20wirelineprotectionsubscriptionservice%20discountestimator%20callcontrolmanagement%20insight10%20cmscustomerbillmanagement%20cmsServiceActivationAndConfiguration%20userprofilecontactinfo%20customerbillmanagement%20paymentManagement%20wlsProductInventoryManagement%20deviceReturnsManagement%20openid%20customerUsageInfo%20wlsserviceinfo%20billmgmt%20customerprofilemanagement%20tvmgmt&redirect_uri=https%3A%2F%2Fproxy.digital.telus.com%2Foauth2%2Fcallback#end-of-nav
Title: Skip to content

Search URL Search Domain Scan URL

URL: https://www.telus.com/?linkname=Personal&linktype=ge-supernav
Title: Personal

Search URL Search Domain Scan URL

URL: https://www.telus.com/business/small?linktype=ge-supernav&linkname=Small_Medium_Business_1_100

Search URL Search Domain Scan URL

URL: https://www.telus.com/business/medium-large?linktype=ge-supernav&linkname=Commercial_101

Search URL Search Domain Scan URL

URL: https://www.telus.com/partner?linktype=ge-supernav&linkname=Partner_Solutions_Wholesale

Search URL Search Domain Scan URL

URL: https://www.telus.com/health?linkname=Health&linktype=ge-supernav
Title: Health

Search URL Search Domain Scan URL

URL: https://www.telus.com/agriculture?linkname=Agriculture_Consumer_Goods&linktype=ge-supernav
Title: Agriculture & Consumer Goods

Search URL Search Domain Scan URL

URL: https://www.telus.com/social-impact?linkname=Social_Impact&linktype=ge-supernav
Title: Social Impact

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility?linkname=Explore_Mobility&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/phones?sessionFlow=consumer&linkname=Phones&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/devices/category/phones?condition=certified-pre-owned&linkname=Certified_Pre_owned&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/prepaid?linkname=Prepaid&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/bring-it-back?linkname=Bring_It_Back&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/trade-in-bring-it-back-returns?linkname=Trade_In&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/device-protection?linkname=Device_Protection&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/sim-cards?linkname=SIM_Cards&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/plans?linkname=Plans&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/bring-your-own-device?linkname=Bring_Your_Own_Device&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/plans/family?linkname=TELUS_Family_Discount&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/add-ons?linkname=Add_ons&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/streamplus?linkname=Stream&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/network?linkname=Network_Coverage&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/travel?linkname=Travel&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/connected-devices?linkname=Connected_Devices&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/devices/category/tablets?linkname=Tablets&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/devices/category/smartwatches?linkname=Smartwatches&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/accessories?linkname=Accessories&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/accessories/category/apple-accessories?linkname=Apple_accessories&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/bc/mobility/mobile-internet?linkname=Mobile_Internet&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/content/wireless-home-phone?linkname=Wireless_Home_Phone&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/mobility/switch-to-telus?linkname=Switch_to_TELUS&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/deals-and-bundles?INTCMP=tcom_mobilitynav_chevron_ffh_dealsandbundles_10052023&linktype=ge-meganav&linkname=Explore_our_featured_offers

Search URL Search Domain Scan URL

URL: https://www.telus.com/apple?intcmp=tcom_mob_apple-brand_chevron_shop-apple&linktype=ge-meganav&linkname=Explore_Apple_at_TELUS

Search URL Search Domain Scan URL

URL: https://www.telus.com/samsung?INTCMP=tcom_sbp_meganav_shop_samsung_07112023&linktype=ge-meganav&linkname=Discover_Samsung_products_at_TELUS

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/smarthome-security?linkname=SmartHome_Security&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/smarthome-security/how-it-works?linkname=How_it_works&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/shop/home-services/smarthome-security/plans?linkname=Plans&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/smarthome-security/security-system-products?linktype=ge-meganav&linkname=Products

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/shop/home/new/smarthome-security/wizard?linkname=Recommend_a_plan&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/smarthome-security/customsecurity?linkname=Custom_Security&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/smart-home/join-beta?linkname=SmartHome&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/smart-home/join-beta?linkname=Become_a_beta_tester&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/online-security?linkname=Online_Security&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/online-security/plans?linkname=Plans&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/online-security/prevention?linkname=Prevention&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/online-security/detection?linkname=Detection&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/online-security/recovery?linkname=Recovery&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/smartwear-security?linkname=SmartWear_Security&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/shop/home-services/smartwear/safety-jewelry-devices?linkname=Plans_safety_devices&linktype=ge-meganav

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/deals-and-bundles/smartwear-security-offer?linktype=ge-meganav&linkname=Save_15_on_any_SmartWear_device

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/shop/home/new/smarthome-security/wizard?linktype=ge-meganav&linkname=Get_help_picking_a_home_security_plan

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/my-telus-app?linkname=My_TELUS&linktype=ge-mainnav
Title: My TELUS

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/commerce/cart?linktype=ge-mainnav-cart-icon
Title: Cart has 0 items

Search URL Search Domain Scan URL

URL: https://www.telus.com/my-telus/forgot/username
Title: Forgot your username?

Search URL Search Domain Scan URL

URL: https://www.telus.com/my-telus/forgot/password?clientId=fe9c55ad-8a94-46b2-a3c3-816799478139
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.telus.com/selfregistration?INTCMP=Tcom_New_LoginPage_SelfRegLink
Title: Sign up for My TELUS

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/support/article/telus-eversafe?INTCMP=tcom_my-telus_login_eversafe_learn-more
Title: About TELUS EverSafe

Search URL Search Domain Scan URL

URL: https://email.telus.net/
Title: Go to TELUS Email

Search URL Search Domain Scan URL

URL: https://www.100forms.com/
Title: form to email

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/support?linktype=ge-footer
Title: Support

Search URL Search Domain Scan URL

URL: https://stores.telus.com/en?linktype=ge-footer
Title: Find a store

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/support/contact-us?linktype=ge-footer
Title: Contact us

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/social-impact/connecting-canada/indigenous-reconciliation
Title: TELUS’ commitments to Reconciliation

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TELUS

Search URL Search Domain Scan URL

URL: https://ca.linkedin.com/company/telus

Search URL Search Domain Scan URL

URL: https://www.instagram.com/telus/?hl=en

Search URL Search Domain Scan URL

URL: https://twitter.com/telus

Search URL Search Domain Scan URL

URL: https://www.facebook.com/telus/

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/about?linktype=ge-footer
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/about/careers?linktype=ge-footer
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/digital?linktype=ge-footer
Title: TELUS Digital

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/social-impact/giving-back?linktype=ge-footer
Title: The Network that gives back

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/about/accessibility/crtc-wireless-code-of-conduct?linktype=ge-footer
Title: TELUS & CRTC Wireless Code

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/about/privacy?linktype=ge-footer
Title: Privacy / Cookies

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/about/security?linktype=ge-footer
Title: Security

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/support/topic/service-terms?linktype=ge-footer
Title: Service Terms

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/about/policies-and-disclosures/user-terms?linktype=ge-footer
Title: User Terms

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/about/policies-and-disclosures?linktype=ge-footer
Title: Policies

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/outages?INTCMP=VAN_status&linktype=ge-footer
Title: TELUS Service Status

Search URL Search Domain Scan URL

URL: https://forum.telus.com/t5/Home/ct-p/EN?linktype=ge-footer
Title: Community Forum

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/commerce/order-status?linktype=ge-footer
Title: Order Status

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/social-impact?linktype=ge-footer
Title: Social Impact

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/about/procurement?linktype=ge-footer
Title: TELUS Procurement

Search URL Search Domain Scan URL

URL: https://www.telusinternational.com/?linktype=ge-footer
Title: TELUS International

Search URL Search Domain Scan URL

URL: https://email.telus.net/?linktype=ge-footer
Title: TELUS Webmail

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/wise?linktype=ge-footer
Title: TELUS Wise

Search URL Search Domain Scan URL

URL: https://telus.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.telus.all-services.top/ 331 KB
47 KB 513ms
252ms Document
text/html 2600:4c00:80:18::3da
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telus.all-services.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:4c00:80:18::3da , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: fead1a3b86b0321057c9a79d9a63a859cb2181af885b501d208c476b34c23ead

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 13:40:42 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 Logo_TELUS.svg
images.ctfassets.net/fikanzmkdlqn/3yUnySNpS8IS4CeyUeWgeg/5bcfa9c592acfe591f26d85f6820fa5f/ 2 KB
1 KB 94ms
21ms Image
image/svg+xml 2600:9000:235a:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fikanzmkdlqn/3yUnySNpS8IS4CeyUeWgeg/5bcfa9c592acfe591f26d85f6820fa5f/Logo_TELUS.svg
Requested by: Host: www.telus.all-services.top
URL: https://www.telus.all-services.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: cbe1b0f1185a0b862a1e9ed248098ff59f79de8c00cd0ea2dd873023e704d3f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telus.all-services.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 02:13:10 GMT
content-encoding: gzip
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jun 2018 18:30:42 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 41254
etag: W/"e9c94438527401f924b1e32cbd9fdea9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: pwgElUWl1aIepXXZ1WH_mRdpDbjBSqIzijIw2GgKPRyGj4vBh2KISA==

GET
H2 403 ever-safe-logo.png
www.telus.com/telus-login/static/ 0
0 729ms
37ms Image
text/html 172.66.0.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telus.com/telus-login/static/ever-safe-logo.png
Requested by: Host: www.telus.all-services.top
URL: https://www.telus.all-services.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telus.all-services.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H2 403 phone_grey_en.png
www.telus.com/telus-login/static/ 0
0 631ms
38ms Image
text/html 172.66.0.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telus.com/telus-login/static/phone_grey_en.png
Requested by: Host: www.telus.all-services.top
URL: https://www.telus.all-services.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telus.all-services.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H/1.1 200
OK FORMKEY:KXYGUYX9BU6E Show response
www.100forms.com/js/ 3 KB
4 KB 869ms
193ms Script
text/javascript 96.126.112.16
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.100forms.com/js/FORMKEY:KXYGUYX9BU6E

Requested by

Host: www.telus.all-services.top
URL: https://www.telus.all-services.top/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

96.126.112.16 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail2.snaphost.com

Software

Apache-Coyote/1.1 /

Resource Hash

f236e268af238eef67723df0acb4c0d852128c4a3e56660cc8746b84ae632c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telus.all-services.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Fri, 22 Mar 2024 13:40:43 GMT
X-Content-Type-Options: nosniff
Server: Apache-Coyote/1.1
X-Frame-Options: DENY
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Content-Language: de-DE
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 3535
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 200 youtube_grey.png
images.ctfassets.net/fikanzmkdlqn/3UT98RTJqlPOosADIS0zvT/cf02cb826630ad16c22abcafc278af63/ 902 B
1 KB 23ms
22ms Image
image/png 2600:9000:235a:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fikanzmkdlqn/3UT98RTJqlPOosADIS0zvT/cf02cb826630ad16c22abcafc278af63/youtube_grey.png
Requested by: Host: www.telus.all-services.top
URL: https://www.telus.all-services.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 375e45a6d41cd7d8fe47a2a892966d078dba34d01f8bb64256e23fb0e70711bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telus.all-services.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 03:52:15 GMT
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 18:32:16 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 35309
etag: "3c30b48500089571de63db682d59dca9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 902
x-amz-cf-id: BLteZwJD_7-5iBqnr-j9sK840dHoXeoIdlABSeWOTArA_3psry5rsw==

GET
H2 200 linkedin_black.png
images.ctfassets.net/fikanzmkdlqn/1P6VE6ZOJAU3W1ULhZGHg9/db5c57783caafebe1b0bf49444c2637b/ 705 B
1 KB 24ms
23ms Image
image/png 2600:9000:235a:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fikanzmkdlqn/1P6VE6ZOJAU3W1ULhZGHg9/db5c57783caafebe1b0bf49444c2637b/linkedin_black.png
Requested by: Host: www.telus.all-services.top
URL: https://www.telus.all-services.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: d31439d85198520518c73954e2957a4faafe79908e7ac573416ea970424ca939

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telus.all-services.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 04:11:41 GMT
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 18:33:03 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 34143
etag: "255c871d52194e7ea0a6fa29116f5526"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 705
x-amz-cf-id: uH4yHxjBhe3qRElnHTkFpjHq0Qo_gW8CxYVuFZzpBGGzNb8Xj967pA==

GET
H2 200 instagram_black.png
images.ctfassets.net/fikanzmkdlqn/YBVTvLZlG6HIyhZDqq2Lg/ca9260eec0fca53605fac3b6c8944ea1/ 2 KB
2 KB 26ms
26ms Image
image/png 2600:9000:235a:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fikanzmkdlqn/YBVTvLZlG6HIyhZDqq2Lg/ca9260eec0fca53605fac3b6c8944ea1/instagram_black.png
Requested by: Host: www.telus.all-services.top
URL: https://www.telus.all-services.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 9a7816a635f144c65d99ccef62230dd9663a3d2db4565bf56ef85a99e36a3c7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telus.all-services.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 02:13:17 GMT
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 18:22:07 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 41247
etag: "6e8acbb4c5cc2a2304af954af0e792a9"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 2027
x-amz-cf-id: RCT0s7cwVSvwNOj6EuiK8cX3pWYvkDR2O8G4lngoGjQTcGaXS_Tq4Q==

GET
H2 200 X_Logo_Sept14.png
images.ctfassets.net/fikanzmkdlqn/6mEIrDh526sTmAKY8Ayj38/c636d5ac568d84e59b8336d4aa25e774/ 754 B
1 KB 26ms
26ms Image
image/png 2600:9000:235a:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fikanzmkdlqn/6mEIrDh526sTmAKY8Ayj38/c636d5ac568d84e59b8336d4aa25e774/X_Logo_Sept14.png
Requested by: Host: www.telus.all-services.top
URL: https://www.telus.all-services.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: aae00164386e406f17ef50698fd14fe20a4a900436a6ebb6b4e81ffc50148543

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telus.all-services.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 04:04:43 GMT
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
last-modified: Thu, 14 Sep 2023 16:49:51 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 34870
etag: "a785944e2b78d8190704488a62d44da0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 754
x-amz-cf-id: 7BbF6qU-fwUvKFleREMBNMj6_Tg2Q8Qaj3RC2dRjKBCcOEZOW-04gg==

GET
H2 200 logo-facebook.png
images.ctfassets.net/fikanzmkdlqn/7oy6SUxAHZmOiicDcj7xd0/b0027a69854fbe5cbf81dc20c3fb48d7/ 1 KB
2 KB 27ms
27ms Image
image/png 2600:9000:235a:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fikanzmkdlqn/7oy6SUxAHZmOiicDcj7xd0/b0027a69854fbe5cbf81dc20c3fb48d7/logo-facebook.png
Requested by: Host: www.telus.all-services.top
URL: https://www.telus.all-services.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 569136e70e36c1b7100efcf76f7f8c3f39a602ed73247f9893c1759fa5154d6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telus.all-services.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 03:59:34 GMT
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 18:21:20 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 34870
etag: "f61c42c6b493846dfab375d945376734"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 1367
x-amz-cf-id: x0uyYyy4Kgijru9VtjnQWi0jLQJctkGdHqK60s2Sr_oNMUBjnacyTA==

GET
H2 200 TELUS_LMTFF_EN_Hor_2021_Digital_RGB__2_.svg
images.ctfassets.net/fikanzmkdlqn/3loH0T0nylM0oqQ5CCbfWa/5c6adb84324374887c8ee92c81f0604a/ 10 KB
4 KB 27ms
22ms Image
image/svg+xml 2600:9000:235a:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fikanzmkdlqn/3loH0T0nylM0oqQ5CCbfWa/5c6adb84324374887c8ee92c81f0604a/TELUS_LMTFF_EN_Hor_2021_Digital_RGB__2_.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 5b3194a6213f6e735c512acb4affa0045860aa6d4c1d973c75231c41c3e4e54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telus.all-services.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:37:51 GMT
content-encoding: gzip
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
last-modified: Wed, 11 Oct 2023 15:29:39 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 43374
etag: W/"f30299ad4596a5b6d20bc7a5ed184794"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 3hqvlrNprVpcWCXRscauTJpiznYWSYc2KE7860fqtMcYOLSa9euJwg==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telus (Telecommunication)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| randomLinksForBlocked function| f101 function| f100 function| checkForFileInputs

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.telus.com/	1970-01-20 19:18:36	Name: __cf_bm Value: Ap8aLuL43WKygnNk.7e8KeXECTgv_wBZEaFryodXxCs-1711114843-1.0.1.1-vVqO9Z48w_dqXUbeHn_i9Z1TXsuZ9aZHQ6XYcCSqHXtyWKrmcXD2hT9hPPJ0XQMHV7CLIPeQLwHEawAHs4JB6lzxA8KiT8bRRkVyx9BIODs

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.telus.all-services.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.telus.com/telus-login/static/ever-safe-logo.png Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://www.telus.all-services.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.telus.com/telus-login/static/phone_grey_en.png Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images.ctfassets.net
www.100forms.com
www.telus.all-services.top
www.telus.com
172.66.0.98
2600:4c00:80:18::3da
2600:9000:235a:3600:12:94b3:c380:93a1
96.126.112.16
375e45a6d41cd7d8fe47a2a892966d078dba34d01f8bb64256e23fb0e70711bd
569136e70e36c1b7100efcf76f7f8c3f39a602ed73247f9893c1759fa5154d6a
5b3194a6213f6e735c512acb4affa0045860aa6d4c1d973c75231c41c3e4e54e
9a7816a635f144c65d99ccef62230dd9663a3d2db4565bf56ef85a99e36a3c7d
aae00164386e406f17ef50698fd14fe20a4a900436a6ebb6b4e81ffc50148543
cbe1b0f1185a0b862a1e9ed248098ff59f79de8c00cd0ea2dd873023e704d3f4
d31439d85198520518c73954e2957a4faafe79908e7ac573416ea970424ca939
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f236e268af238eef67723df0acb4c0d852128c4a3e56660cc8746b84ae632c3e
fead1a3b86b0321057c9a79d9a63a859cb2181af885b501d208c476b34c23ead

www.telus.all-services.top Open in urlscan Pro 2600:4c00:80:18::3da Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

11 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

64 kBTransfer

352 kBSize

1 Cookies

90 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

4 Console Messages

Indicators

www.telus.all-services.top Open in urlscan Pro
2600:4c00:80:18::3da Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

64 kB
Transfer

352 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!