www.interac.ca-yq.club

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 185.196.8.138, located in Switzerland and belongs to SIMPLECARRER2, US. The main domain is www.interac.ca-yq.club.

This is the only time www.interac.ca-yq.club was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Scotiabank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
6	185.196.8.138 185.196.8.138		34888 (SIMPLECAR...) (SIMPLECARRER2)
6	1

6 185.196.8.138 (Switzerland)

ASN34888 (SIMPLECARRER2, US)

www.interac.ca-yq.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	ca-yq.club www.interac.ca-yq.club	17 KB
6	1

	Domain	Requested by
6	www.interac.ca-yq.club	www.interac.ca-yq.club
6	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/step.php
Frame ID: 596991032764E3939E7824B8DC56F905
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

6
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

17 kB
Transfer

17 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request step.php Show response www.interac.ca-yq.club/sh/Y8s09/scotiaonline/	3 KB 1 KB	266ms 252ms	Document text/html	185.196.8.138 SIMPLECARRER2
General Check archive.org Show headers Download Go to Full URL http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/step.php Protocol HTTP/1.1 Server 185.196.8.138 , Switzerland, ASN34888 (SIMPLECARRER2, US), Reverse DNS Software LiteSpeed / PHP/7.3.25 Resource Hash `113a28364af0e34cd69c344f7c69876554af536658f613a7515fab4ce8632aa4` Request headers Host www.interac.ca-yq.club Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection Keep-Alive X-Powered-By PHP/7.3.25 Content-Type text/html; charset=UTF-8 Content-Length 1188 Content-Encoding gzip Vary Accept-Encoding Date Thu, 24 Dec 2020 01:32:23 GMT Server LiteSpeed
GET H/1.1	200 OK	st6.png www.interac.ca-yq.club/sh/Y8s09/scotiaonline/images/	2 KB 2 KB	130ms 130ms	Image image/png	185.196.8.138 SIMPLECARRER2
General Check archive.org Show headers Download Go to Show image Full URL http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/images/st6.png Requested by Host: www.interac.ca-yq.club URL: http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/step.php Protocol HTTP/1.1 Server 185.196.8.138 , Switzerland, ASN34888 (SIMPLECARRER2, US), Reverse DNS Software LiteSpeed / Resource Hash `7eb0d4815063a5d9287ccedeafcd55ae7f56e3a9f30534edb4ad5783efb82139` Request headers Referer http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/step.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Dec 2020 01:32:23 GMT Last-Modified Fri, 08 Nov 2019 16:30:06 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 2254 Expires Thu, 31 Dec 2020 01:32:23 GMT
GET H/1.1	200 OK	st11.png www.interac.ca-yq.club/sh/Y8s09/scotiaonline/images/	7 KB 7 KB	261ms 248ms	Image image/png	185.196.8.138 SIMPLECARRER2
General Check archive.org Show headers Download Go to Show image Full URL http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/images/st11.png Requested by Host: www.interac.ca-yq.club URL: http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/step.php Protocol HTTP/1.1 Server 185.196.8.138 , Switzerland, ASN34888 (SIMPLECARRER2, US), Reverse DNS Software LiteSpeed / Resource Hash `fcce527dfc39503bc267f59837ad3981fcdad89223ae62c5b0e5c0ef2c065c6a` Request headers Referer http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/step.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Dec 2020 01:32:23 GMT Last-Modified Fri, 08 Nov 2019 16:30:06 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 7078 Expires Thu, 31 Dec 2020 01:32:23 GMT
GET H/1.1	200 OK	st240.png www.interac.ca-yq.club/sh/Y8s09/scotiaonline/images/	4 KB 5 KB	264ms 249ms	Image image/png	185.196.8.138 SIMPLECARRER2
General Check archive.org Show headers Download Go to Show image Full URL http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/images/st240.png Requested by Host: www.interac.ca-yq.club URL: http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/step.php Protocol HTTP/1.1 Server 185.196.8.138 , Switzerland, ASN34888 (SIMPLECARRER2, US), Reverse DNS Software LiteSpeed / Resource Hash `0f82edbd026814d3d0677bea5eabbb4e381abea488bf1bef48b5888f021ce2c3` Request headers Referer http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/step.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Dec 2020 01:32:23 GMT Last-Modified Fri, 08 Nov 2019 16:30:06 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 4360 Expires Thu, 31 Dec 2020 01:32:23 GMT
GET H/1.1	200 OK	submit.png www.interac.ca-yq.club/sh/Y8s09/scotiaonline/images/	1 KB 1 KB	260ms 245ms	Image image/png	185.196.8.138 SIMPLECARRER2
General Check archive.org Show headers Download Go to Show image Full URL http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/images/submit.png Requested by Host: www.interac.ca-yq.club URL: http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/step.php Protocol HTTP/1.1 Server 185.196.8.138 , Switzerland, ASN34888 (SIMPLECARRER2, US), Reverse DNS Software LiteSpeed / Resource Hash `eb52119239eb83adbd79bf9adb849d781897b6802474bbe8f8006ad6d20c43e0` Request headers Referer http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/step.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Dec 2020 01:32:23 GMT Last-Modified Fri, 08 Nov 2019 16:30:06 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 1177 Expires Thu, 31 Dec 2020 01:32:23 GMT
GET H/1.1	200 OK	shape242706140.gif www.interac.ca-yq.club/sh/Y8s09/scotiaonline/images/	99 B 390 B	264ms 250ms	Image image/gif	185.196.8.138 SIMPLECARRER2
General Check archive.org Show headers Download Go to Show image Full URL http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/images/shape242706140.gif Requested by Host: www.interac.ca-yq.club URL: http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/step.php Protocol HTTP/1.1 Server 185.196.8.138 , Switzerland, ASN34888 (SIMPLECARRER2, US), Reverse DNS Software LiteSpeed / Resource Hash `2e026e2d19ebd589fced04a08b708ab9d28d7c327e8620d1ed2b867dad7d3522` Request headers Referer http://www.interac.ca-yq.club/sh/Y8s09/scotiaonline/step.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Dec 2020 01:32:23 GMT Last-Modified Fri, 08 Nov 2019 16:30:06 GMT Server LiteSpeed Content-Type image/gif Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 99 Expires Thu, 31 Dec 2020 01:32:23 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Scotiabank (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.interac.ca-yq.club
185.196.8.138
0f82edbd026814d3d0677bea5eabbb4e381abea488bf1bef48b5888f021ce2c3
113a28364af0e34cd69c344f7c69876554af536658f613a7515fab4ce8632aa4
2e026e2d19ebd589fced04a08b708ab9d28d7c327e8620d1ed2b867dad7d3522
7eb0d4815063a5d9287ccedeafcd55ae7f56e3a9f30534edb4ad5783efb82139
eb52119239eb83adbd79bf9adb849d781897b6802474bbe8f8006ad6d20c43e0
fcce527dfc39503bc267f59837ad3981fcdad89223ae62c5b0e5c0ef2c065c6a

www.interac.ca-yq.club Open in urlscan Pro 185.196.8.138 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

6 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

17 kBTransfer

17 kBSize

0 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

Indicators

www.interac.ca-yq.club Open in urlscan Pro
185.196.8.138 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

17 kB
Transfer

17 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!