urlscan.io logo urlscan.io
SecurityTrails logo

discaud.cfd Open in urlscan Pro
193.233.203.151  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Submission: On July 18 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 22 HTTP transactions. The main IP is 193.233.203.151, located in Chisinau, Moldova and belongs to ALEXHOST, MD. The main domain is discaud.cfd.
This is the only time discaud.cfd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Scotiabank (Banking)

Domain & IP information

IP Address AS Autonomous System
7 193.233.203.151 200019 (ALEXHOST)
4 23.197.12.170 16625 (AKAMAI-AS)
5 18.65.40.124 16509 (AMAZON-02)
1 3 63.32.136.28 16509 (AMAZON-02)
1 63.34.165.131 16509 (AMAZON-02)
1 63.140.62.222 15224 (OMNITURE)
1 1 52.19.10.201 16509 (AMAZON-02)
1 63.33.101.72 16509 (AMAZON-02)
22 8
7    193.233.203.151 (Chisinau, Moldova)

ASN200019 (ALEXHOST, MD)
PTR: rbc-verifyid.com
discaud.cfd
4    23.197.12.170 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-12-170.deploy.static.akamaitechnologies.com
dmtags.scotiabank.com
5    18.65.40.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-40-124.ams1.r.cloudfront.net
dlslhpkfqfglo.cloudfront.net
3    63.32.136.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-136-28.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    63.34.165.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-165-131.eu-west-1.compute.amazonaws.com
scotiabank.demdex.net
1    63.140.62.222 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-222.data.adobedc.net
somniture.scotiabank.com
1    52.19.10.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-10-201.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    63.33.101.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-101-72.eu-west-1.compute.amazonaws.com
csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com
Apex Domain
Subdomains		 Transfer
7 discaud.cfd
discaud.cfd
156 KB
5 cloudfront.net
dlslhpkfqfglo.cloudfront.net
791 KB
5 scotiabank.com
dmtags.scotiabank.com — Cisco Umbrella Rank: 273867
somniture.scotiabank.com — Cisco Umbrella Rank: 196692
91 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 319
scotiabank.demdex.net — Cisco Umbrella Rank: 160796
4 KB
1 memcyco.com
csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com — Cisco Umbrella Rank: 672463
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 2184
490 B
22 6
Domain Requested by
7 discaud.cfd discaud.cfd
5 dlslhpkfqfglo.cloudfront.net discaud.cfd
dlslhpkfqfglo.cloudfront.net
4 dmtags.scotiabank.com discaud.cfd
dmtags.scotiabank.com
3 dpm.demdex.net 1 redirects
1 csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com dlslhpkfqfglo.cloudfront.net
1 cm.everesttech.net 1 redirects
1 somniture.scotiabank.com dmtags.scotiabank.com
1 scotiabank.demdex.net dmtags.scotiabank.com
22 8

This site contains links to these domains. Also see Links.

Domain
www.scotiabank.com
Subject Issuer Validity Valid
apps.scotiabank.com
Entrust Certification Authority - L1K		 2023-11-21 -
2024-12-21		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
somniture.scotiabank.com
Entrust Certification Authority - L1K		 2023-08-21 -
2024-09-21		 a year crt.sh
*.memcyco.com
Amazon RSA 2048 M03		 2024-02-25 -
2025-03-25		 a year crt.sh

This page contains 3 frames:

Primary Page: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Frame ID: F7821AA68418113735E8BB58CB45F124
Requests: 20 HTTP requests in this frame

Frame: https://scotiabank.demdex.net/dest5.html?d_nsid=0
Frame ID: E9C6A5B7201C4B3F42CCB769758A4E97
Requests: 1 HTTP requests in this frame

Frame: https://csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/cdn/cd/csframe.html
Frame ID: 6B4AD0033367E6EE15BB9A0CEC355BBF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in | Scotiabank

Page URL History Show full URLs

  1. http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico HTTP 307
    https://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico HTTP 307
    http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

55 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

8
IPs

4
Countries

1041 kB
Transfer

3260 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico HTTP 307
    https://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico HTTP 307
    http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1721317709463 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1721317709463
Request Chain 17
  • https://cm.everesttech.net/cm/dd?d_uuid=72199955273399199831007370084596946345 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zpk5TwAAAB3oewO5

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request favicon.ico
discaud.cfd/scotia/personal/details/index.php/assets/
Redirect Chain
  • http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
  • https://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
  • http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
100 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Protocol
HTTP/1.1
Server
193.233.203.151 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
rbc-verifyid.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
a58d8fe0278b952a970f58d42a86ad2506a973d4153cb888a9c33f0992e98c99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
17493
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Jul 2024 15:48:28 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.52 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Location
http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Non-Authoritative-Reason
HttpsUpgrades
launch-edbf66c903b6.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/ 		256 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Requested by
Host: discaud.cfd
URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.197.12.170 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-12-170.deploy.static.akamaitechnologies.com
Software
nginx/1.25.3 /
Resource Hash
c85e9e190e2b35fc4f3627952ade96e9d163eae291ac1ecedc76fd26205d104d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://discaud.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 15:48:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
68056
x-xss-protection
1; mode=block
Last-Modified
Wed, 10 Jul 2024 17:22:51 GMT
Server
nginx/1.25.3
ETag
"668ec36b-3ffaf"
Vary
Accept-Encoding, origin
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://scotiabank.com
x-vcap-request-id
5a4b3bcf-6d51-4de3-61f1-22539136fbc6
Cache-Control
private
Accept-Ranges
bytes
mutha-scotia-wrapper.min.js
dlslhpkfqfglo.cloudfront.net/cdn/ca/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dlslhpkfqfglo.cloudfront.net/cdn/ca/mutha-scotia-wrapper.min.js
Requested by
Host: discaud.cfd
URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.40.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-40-124.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
949e10ac987de3321d38c17582ca6ccfe9628cc3cdeeffcdab6798a0c4a47f27
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://discaud.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 07:51:14 GMT
content-security-policy
frame-ancestors https://*
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding
gzip
server
nginx
x-permitted-cross-domain-policies
master-only
via
1.1 4ab1227a56c7dfaf7a8f7750683df1be.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
28635
x-frame-options
DENY
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
x-amz-cf-id
hreQ2sXsmAhJ1NI8ZzIf_cjP9l4isHnu_vp-WeACOmZkkE94GTStxQ==
7c428f63a00e5bd025fa159e8c94389f.svg
discaud.cfd/scotia/personal/details/index.php/assets/assets/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://discaud.cfd/scotia/personal/details/index.php/assets/assets/7c428f63a00e5bd025fa159e8c94389f.svg
Requested by
Host: discaud.cfd
URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Protocol
HTTP/1.1
Server
193.233.203.151 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
rbc-verifyid.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 15:48:28 GMT
Content-Encoding
gzip
Server
Apache/2.4.52 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
17493
styles.ee1730d27a38e7dfb0d6.css
discaud.cfd/scotia/personal/details/index.php/assets/assets/ 		100 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://discaud.cfd/scotia/personal/details/index.php/assets/assets/styles.ee1730d27a38e7dfb0d6.css
Requested by
Host: discaud.cfd
URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Protocol
HTTP/1.1
Server
193.233.203.151 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
rbc-verifyid.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
a58d8fe0278b952a970f58d42a86ad2506a973d4153cb888a9c33f0992e98c99

Request headers

Referer
http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 15:48:29 GMT
Content-Encoding
gzip
Server
Apache/2.4.52 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
17493
main.054ad90d49cb5bf3a1c6.chunk.js
discaud.cfd/scotia/personal/details/index.php/assets/assets/ 		100 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://discaud.cfd/scotia/personal/details/index.php/assets/assets/main.054ad90d49cb5bf3a1c6.chunk.js
Requested by
Host: discaud.cfd
URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Protocol
HTTP/1.1
Server
193.233.203.151 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
rbc-verifyid.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
a58d8fe0278b952a970f58d42a86ad2506a973d4153cb888a9c33f0992e98c99

Request headers

Referer
http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 15:48:28 GMT
Content-Encoding
gzip
Server
Apache/2.4.52 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
17493
1pOmQMP1I
discaud.cfd/GdtB_q_Bp/Tov/M_-Xnw/t1EOXGYmr9Lw7V/TVIrUAROBg/Qg/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://discaud.cfd/GdtB_q_Bp/Tov/M_-Xnw/t1EOXGYmr9Lw7V/TVIrUAROBg/Qg/1pOmQMP1I
Requested by
Host: discaud.cfd
URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Protocol
HTTP/1.1
Server
193.233.203.151 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
rbc-verifyid.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash

Request headers

Referer
http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 15:48:28 GMT
Server
Apache/2.4.52 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
8fd30bd010d9e2c7677ec339685f958b.woff
discaud.cfd/scotia/personal/details/index.php/assets/assets/ 		100 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://discaud.cfd/scotia/personal/details/index.php/assets/assets/8fd30bd010d9e2c7677ec339685f958b.woff
Requested by
Host: discaud.cfd
URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Protocol
HTTP/1.1
Server
193.233.203.151 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
rbc-verifyid.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
a58d8fe0278b952a970f58d42a86ad2506a973d4153cb888a9c33f0992e98c99

Request headers

Referer
http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Origin
http://discaud.cfd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 15:48:28 GMT
Content-Encoding
gzip
Server
Apache/2.4.52 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
17493
50805f331bb1b697aafb6f0c28b09212.woff2
discaud.cfd/scotia/personal/details/index.php/assets/assets/ 		100 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://discaud.cfd/scotia/personal/details/index.php/assets/assets/50805f331bb1b697aafb6f0c28b09212.woff2
Requested by
Host: discaud.cfd
URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Protocol
HTTP/1.1
Server
193.233.203.151 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
rbc-verifyid.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
a58d8fe0278b952a970f58d42a86ad2506a973d4153cb888a9c33f0992e98c99

Request headers

Referer
http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Origin
http://discaud.cfd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 15:48:29 GMT
Content-Encoding
gzip
Server
Apache/2.4.52 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
17493
jquery-3.6.1.min.js
dlslhpkfqfglo.cloudfront.net/cdn/ca/ 		2 MB
781 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js
Requested by
Host: dlslhpkfqfglo.cloudfront.net
URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/mutha-scotia-wrapper.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.40.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-40-124.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
cc7807249343287cecb6a5d77394c47c1e0962cd76b944824c0b24112571c0eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://discaud.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 07:51:15 GMT
content-security-policy
frame-ancestors https://*
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding
gzip
server
nginx
x-permitted-cross-domain-policies
master-only
via
1.1 4ab1227a56c7dfaf7a8f7750683df1be.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
28634
x-frame-options
DENY
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
x-amz-cf-id
DWNBp3qxDiLw81KP25ZfvBa-uctlnTVM4IvMPEwkPY7FQV_SgWr9Sg==
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1721317709463
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1721317709463
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1721317709463
Protocol
H2
Server
63.32.136.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-136-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3b4077c9746eff46deeff12d19075cb2be2f914425fa35763bbf3682ba920232
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://discaud.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v063-03de3022a.edge-irl1.demdex.com 3 ms
pragma
no-cache
date
Thu, 18 Jul 2024 15:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
8bYTK3vgRk0=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
http://discaud.cfd
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1708
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v063-0d4536899.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Thu, 18 Jul 2024 15:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
JXpY6wXJTTs=
vary
Origin
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1721317709463
access-control-allow-origin
http://discaud.cfd
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/7466ee70b697/hostedLibFiles/EPc7341b33570d4c988798fc9f0093d4b2/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/7466ee70b697/hostedLibFiles/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement.min.js
Requested by
Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.197.12.170 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-12-170.deploy.static.akamaitechnologies.com
Software
nginx/1.25.3 /
Resource Hash
f012c00d43164a4de843ae80abefe500f8497e1123d11c965cd3b40600fe9720
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://discaud.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 15:48:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
12938
x-xss-protection
1; mode=block
Last-Modified
Wed, 10 Jul 2024 17:26:53 GMT
Server
nginx/1.25.3
ETag
"668ec45d-8be7"
Vary
Accept-Encoding, origin
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://scotiabank.com
x-vcap-request-id
1f28b525-b760-437e-6025-32d3e8d06a82
Cache-Control
private
Accept-Ranges
bytes
AppMeasurement_Module_ActivityMap.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/7466ee70b697/hostedLibFiles/EPc7341b33570d4c988798fc9f0093d4b2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/7466ee70b697/hostedLibFiles/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.197.12.170 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-12-170.deploy.static.akamaitechnologies.com
Software
nginx/1.25.3 /
Resource Hash
b90b775b65c2623322caaa52d7acf6af709ca59bdd475a54043b6308d91828c4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://discaud.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 15:48:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
1599
x-xss-protection
1; mode=block
Last-Modified
Wed, 10 Jul 2024 17:26:53 GMT
Server
nginx/1.25.3
ETag
"668ec45d-cd4"
Vary
Accept-Encoding, origin
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://scotiabank.com
x-vcap-request-id
e27a333e-c96a-4f40-53cf-9217e4bc1bd3
Cache-Control
private
Accept-Ranges
bytes
otSDKStub.js
dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js
Requested by
Host: discaud.cfd
URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.197.12.170 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-12-170.deploy.static.akamaitechnologies.com
Software
nginx/1.25.3 /
Resource Hash
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://discaud.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 15:48:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
6793
x-xss-protection
1; mode=block
Last-Modified
Fri, 05 Jul 2024 19:51:11 GMT
Server
nginx/1.25.3
ETag
"66884eaf-524b"
Vary
Accept-Encoding, origin
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://scotiabank.com
x-vcap-request-id
cd70865c-9ca1-4461-4ba3-32a4dcbf36f6
Cache-Control
private
Accept-Ranges
bytes
4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json
dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/ 		0
0
gpk
dlslhpkfqfglo.cloudfront.net/cdn/cd/ 		767 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dlslhpkfqfglo.cloudfront.net/cdn/cd/gpk?orgID=81f541cd2f4ea9c2908b9e39b03e0a80&
Requested by
Host: dlslhpkfqfglo.cloudfront.net
URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.40.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-40-124.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
c34c500f08ebe23a81e67e6518dc4737afd96905596c54158d205f6d70afb614
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://discaud.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 08:00:37 GMT
content-security-policy
frame-ancestors https://*
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
via
1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
28073
x-cache
Hit from cloudfront
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
http://discaud.cfd
access-control-allow-credentials
true
x-amz-cf-id
wCdlvGojVU2-zn3y_4gKWyZKXcZL5YVE7Y_S5kI45041J56XzLLO_Q==
dest5.html
scotiabank.demdex.net/ Frame E9C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://scotiabank.demdex.net/dest5.html?d_nsid=0
Requested by
Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.34.165.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-165-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://discaud.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 18 Jul 2024 15:48:31 GMT
dcs
dcs-prod-irl1-2-v063-0d9beb7a6.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 18 Jul 2024 10:28:53 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
56YWk1aiRhg=
id
somniture.scotiabank.com/ 		48 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://somniture.scotiabank.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=75751276944818440930065360383402096827&ts=1721317710825
Requested by
Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.222 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-222.data.adobedc.net
Software
jag /
Resource Hash
26ac39a1a1d22f110ba59e58a91db08283d6a6bd896cb994c78a771f14f6c59b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://discaud.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 18 Jul 2024 15:48:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
http://discaud.cfd
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Zpk5TwAAAB3oewO5
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=72199955273399199831007370084596946345
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zpk5TwAAAB3oewO5
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zpk5TwAAAB3oewO5
Protocol
H2
Server
63.32.136.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-136-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://discaud.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v063-0d4536899.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Thu, 18 Jul 2024 15:48:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
61mBYn7YTsI=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zpk5TwAAAB3oewO5
Date
Thu, 18 Jul 2024 15:48:31 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
csframe.html
csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/cdn/cd/ Frame 6B4A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/cdn/cd/csframe.html
Requested by
Host: dlslhpkfqfglo.cloudfront.net
URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.33.101.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-101-72.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://discaud.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 18 Jul 2024 15:48:31 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
gwf
dlslhpkfqfglo.cloudfront.net/cdn/cd/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dlslhpkfqfglo.cloudfront.net/cdn/cd/gwf?
Requested by
Host: dlslhpkfqfglo.cloudfront.net
URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.40.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-40-124.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
02f9ea14223e76525d57db897217855b7c46de7cd2ef4509f306715e5954cb7d
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Referer
http://discaud.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 18 Jul 2024 15:48:32 GMT
content-security-policy
frame-ancestors https://*
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding
gzip
server
nginx
x-permitted-cross-domain-policies
master-only
via
1.1 4ab1227a56c7dfaf7a8f7750683df1be.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
x-frame-options
DENY
x-cache
Miss from cloudfront
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://discaud.cfd
access-control-allow-credentials
true
x-amz-cf-id
cXUpgy5haBsKbW2bH0PZ2Fbm_qac-Y8x05nkXpV-Pa6m_Yx360uKIw==
l
dlslhpkfqfglo.cloudfront.net/cdn/cd/ 		104 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dlslhpkfqfglo.cloudfront.net/cdn/cd/l?
Requested by
Host: dlslhpkfqfglo.cloudfront.net
URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.40.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-40-124.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
a280260eb3264e48b6ae8e868bf52b9d84f08fb903b2132f370774bfae83d310
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Referer
http://discaud.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 18 Jul 2024 15:48:32 GMT
content-security-policy
frame-ancestors https://*
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
via
1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
server
nginx
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
AMS1-P1
x-frame-options
DENY
x-cache
Miss from cloudfront
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://discaud.cfd
access-control-allow-credentials
true
content-length
104
x-amz-cf-id
73oRrCSSU2pxwge34CZ5EMkxzZ28WiCTf-9lHhb_4rR2Q5lzOaXuNQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dmtags.scotiabank.com
URL
https://dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Scotiabank (Banking)

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| stylesLink object| process object| LD_CONFIG object| REDUX_STATE object| webpackJsonp function| a0d function| a0ad function| a0ab function| a0ac function| a0c object| a0f function| a0e function| a0af function| a0ai function| a0ah boolean| a0g function| a0F function| a0ag string| a0h function| a0ae string| a0i function| a0E function| a0a9 function| a0j number| a0k function| a0aa function| a0l object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| OptanonWrapper object| appEventData number| _dataLayerOverwriteMonitor function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_ActivityMap object| s function| inList number| a object| OneTrustStub function| $ function| jQuery function| lTa object| murmurHash3 function| UAParser object| localforage object| KJUR function| JSEncrypt object| CryptoJS

20 Cookies

Domain/Path Name / Value
dlslhpkfqfglo.cloudfront.net/ Name: aphishCookie-1721289074442-SCOTIA
Value: HnSadqwEvXI54T8pjddOVqDAlKDQB7MJReUQXoL2WMGZiRB4N1
.demdex.net/ Name: demdex
Value: 72199955273399199831007370084596946345
.discaud.cfd/ Name: AMCVS_0AAF22CE52827A080A490D4D%40AdobeOrg
Value: 1
csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/ Name: AWSALBCORS
Value: h79GlJBCRTQF3Bk6o37fGNtM5yaBl4jYAqIhudxAyJPkHIXR75XkzIjS8KJtkCI2qklkBckHTKmany9zoRRbfiMzHmj8Sp53cOqLkOGfDMsF/3MHu9xOkyx0mCSc
.dpm.demdex.net/ Name: dpm
Value: 72199955273399199831007370084596946345
.discaud.cfd/ Name: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19923%7CMCMID%7C75751276944818440930065360383402096827%7CMCAAMLH-1721922510%7C6%7CMCAAMB-1721922510%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1721324911s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19930%7CvVersion%7C5.5.0
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.mathtag.com/ Name: uuid
Value: a1126699-3950-4600-8f4b-ad23c8168e9f
.twitter.com/ Name: personalization_id
Value: "v1_oRZccvzB76K1kLCxyieL1A=="
.doubleclick.net/ Name: IDE
Value: AHWqTUl1e6_7LZ-zaG7cUhySSacZleCYGpMbXiD-Iroj9Ua-Bm0csKbvGxKRi57jkoQ
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2NjYwN7c0NbEwNxbiM9T18E2rTAyOt8gO9AgCACdLo-QlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2NjYwN7c0NbEwNxbiM9T18E2rTAyOt8gO9AgCACdLo-QlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFxGtobmRobGhubmhkbmEOAAAe2mMQAAAA
.quantserve.com/ Name: d
Value: EOsBDAGtLLmvYA
.quantserve.com/ Name: mc
Value: 66993950-ede82-80155-05ae1
.eyeota.net/ Name: SERVERID
Value: 21290~DM
.demdex.net/ Name: dextp
Value: 269-1-1721317711639|358-1-1721317711751|601-1-1721317711853|771-1-1721317711962|822-1-1721317712071|1123-1-1721317712177|1121-1-1721317712279|903-1-1721317712388|1175-1-1721317712489|22052-1-1721317712621|30064-1-1721317712734|30646-1-1721317712841|73426-1-1721317712944|121998-1-1721317713050|144230-1-1721317713167|144231-1-1721317713268|144232-1-1721317713369|144233-1-1721317713484|144234-1-1721317713594|144235-1-1721317713698|144236-1-1721317713807|144237-1-1721317713909|161033-1-1721317714011|139200-1-1721317714112
.onaudience.com/ Name: cookie
Value: 3bce0c580049e89e
.amazon-adsystem.com/ Name: ad-id
Value: AwgJ91pU9U_WkKy7aZR304w
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

7 Console Messages

Source Level URL
Text
network error URL: http://discaud.cfd/GdtB_q_Bp/Tov/M_-Xnw/t1EOXGYmr9Lw7V/TVIrUAROBg/Qg/1pOmQMP1I
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico(Line 3031)
Message:
Failed to decode downloaded font: http://discaud.cfd/scotia/personal/details/index.php/assets/assets/8fd30bd010d9e2c7677ec339685f958b.woff
other warning URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico(Line 3031)
Message:
OTS parsing error: invalid sfntVersion: 538976288
other warning URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Message:
Failed to decode downloaded font: http://discaud.cfd/scotia/personal/details/index.php/assets/assets/50805f331bb1b697aafb6f0c28b09212.woff2
other warning URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Message:
OTS parsing error: invalid sfntVersion: 538976288
javascript error URL: http://discaud.cfd/scotia/personal/details/index.php/assets/favicon.ico
Message:
Access to XMLHttpRequest at 'https://dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json' from origin 'http://discaud.cfd' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://scotiabank.com' that is not equal to the supplied origin.
network error URL: https://dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json
Message:
Failed to load resource: net::ERR_FAILED