ln.ser-ute.173-211-46-69.cprapid.com Open in urlscan Pro
173.211.46.69 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://verifica-dati-binance.com/wrjnms-loa/
Effective URL:
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Submission: On June 25 via api (June 25th 2024, 2:43:51 pm UTC) from US — Scanned from IT

Summary HTTP 23 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 173.211.46.69, located in Los Angeles, United States and belongs to AS-COLOAM, US. The main domain is ln.ser-ute.173-211-46-69.cprapid.com.
TLS certificate: Issued by R11 on June 24th 2024. Valid for: 3 months.

This is the only time ln.ser-ute.173-211-46-69.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Desio (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.100.6.5 159.100.6.5	44066 (DE-FIRSTC...) (DE-FIRSTCOLO firstcolo.net)
3 18	173.211.46.69 173.211.46.69	21769 (AS-COLOAM) (AS-COLOAM)
2	2a02:26f0:710... 2a02:26f0:7100::1720:eecb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	63.35.89.131 63.35.89.131	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:710... 2a02:26f0:7100:9a7::51e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.51.46.103 52.51.46.103	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.17 63.140.62.17	16509 (AMAZON-02) (AMAZON-02)
1 1	52.211.131.117 52.211.131.117	16509 (AMAZON-02) (AMAZON-02)
23	6

1 159.100.6.5 (Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO firstcolo.net, DE)
PTR: cp5.ultahost.com

verifica-dati-binance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 173.211.46.69 (Los Angeles, United States) 3 redirects

ASN21769 (AS-COLOAM, US)
PTR: nokpsdflkonbaorcmf.healthdataco.com

ln.ser-ute.173-211-46-69.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100::1720:eecb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ds-aksb-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.35.89.131 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-89-131.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:9a7::51e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmtags.scotiabank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.46.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-46-103.eu-west-1.compute.amazonaws.com

scotiabank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net

somniture.scotiabank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.131.117 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-131-117.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	cprapid.com 3 redirects ln.ser-ute.173-211-46-69.cprapid.com	7 MB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 242 scotiabank.demdex.net — Cisco Umbrella Rank: 134021	4 KB
3	scotiabank.com dmtags.scotiabank.com — Cisco Umbrella Rank: 130505 somniture.scotiabank.com — Cisco Umbrella Rank: 119877	15 KB
2	akamaihd.net ds-aksb-a.akamaihd.net — Cisco Umbrella Rank: 8306	5 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1336	503 B
1	verifica-dati-binance.com 1 redirects verifica-dati-binance.com	284 B
23	6

	Domain	Requested by
18	ln.ser-ute.173-211-46-69.cprapid.com	3 redirects ln.ser-ute.173-211-46-69.cprapid.com
3	dpm.demdex.net	1 redirects ln.ser-ute.173-211-46-69.cprapid.com
2	dmtags.scotiabank.com	ln.ser-ute.173-211-46-69.cprapid.com
2	ds-aksb-a.akamaihd.net	ln.ser-ute.173-211-46-69.cprapid.com
1	cm.everesttech.net	1 redirects
1	somniture.scotiabank.com	ln.ser-ute.173-211-46-69.cprapid.com
1	scotiabank.demdex.net	ln.ser-ute.173-211-46-69.cprapid.com
1	verifica-dati-binance.com	1 redirects
23	8

This site contains links to these domains. Also see Links.

Domain
ihbnext.cedacri.it

Subject Issuer	Validity	Valid
cpcontacts.ln.ser-ute.173-211-46-69.cprapid.com R11	`2024-06-24` - `2024-09-22`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2024-04-18` - `2025-04-19`	a year	crt.sh
apps.scotiabank.com Entrust Certification Authority - L1K	`2023-11-21` - `2024-12-21`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
somniture.scotiabank.com Entrust Certification Authority - L1K	`2023-08-21` - `2024-09-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Frame ID: 1BB7B4373BD11FA30ACA9E0621BA722E
Requests: 22 HTTP requests in this frame

Frame: https://scotiabank.demdex.net/dest5.html?d_nsid=0
Frame ID: 4AA8D0BC22ECA317F7440749C363F9CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Account | Banco Desio

Page URL History Show full URLs

https://verifica-dati-binance.com/wrjnms-loa/ HTTP 302
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed HTTP 301
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/ HTTP 302
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/checkclient.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af HTTP 302
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Page Statistics

23
Requests

91 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

6
IPs

3
Countries

6746 kB
Transfer

8105 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ihbnext.cedacri.it/
Title: Non ricordi i dati d'accesso?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://verifica-dati-binance.com/wrjnms-loa/ HTTP 302
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed HTTP 301
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/ HTTP 302
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/checkclient.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af HTTP 302
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1719326615985 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1719326615985

Request Chain 15

https://cm.everesttech.net/cm/dd?d_uuid=81181040315471803691485389968697871229 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnrXmAAAAE_IsANe

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.php Show response
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/
Redirect Chain

https://verifica-dati-binance.com/wrjnms-loa/
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/checkclient.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af

53 KB
53 KB

171ms
170ms

Document
text/html

173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash: e46cc6bdfd9597f8ebe594cfb61fccbe87e8b768c8abb46ae5e10de56ed67c6b

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Jun 2024 14:43:32 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Jun 2024 14:43:32 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5
Location: it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK styles.86a72d8001092c40e429.css
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/ 1 MB
1 MB 609ms
253ms Stylesheet
text/css 173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
Requested by: Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash: 0d3fb2e7ae7c73168ae60ea986f26e12d61f78c9632d39b4a2c4654c00250fb8

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:33 GMT
Last-Modified: Mon, 16 Jan 2023 10:32:55 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1363500

GET
H/1.1 200
OK 094054a424e3-launch-edbf66c903b6.min.js Show response
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/ 238 KB
239 KB 332ms
168ms Script
application/javascript 173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/094054a424e3-launch-edbf66c903b6.min.js
Requested by: Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash: 03225d14336379353bc306d8a809ea367fd0c30491c43c96918aa68783d1d9b0

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:33 GMT
Last-Modified: Mon, 16 Jan 2023 10:32:55 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 244003

GET
H/1.1 200
OK aksb.min.js Show response
ds-aksb-a.akamaihd.net/ 13 KB
5 KB 113ms
37ms Script
application/x-javascript 2a02:26f0:7100::1720:eecb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ds-aksb-a.akamaihd.net/aksb.min.js
Requested by: Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eecb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Aug 2018 18:25:26 GMT
Server: AkamaiNetStorage
ETag: "15de19f42b35806faf815298644157e0:1535653526"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 4826

GET
H/1.1 200
OK new-dmobile.png
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/ 22 KB
22 KB 603ms
270ms Image
image/png 173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/new-dmobile.png
Requested by: Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash: fde6372895f5b115abe65c37ae2a4f4769e43cfb6d826eb3f256477e6bb17fe0

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:33 GMT
Last-Modified: Mon, 16 Jan 2023 10:32:55 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 22094

GET
H/1.1 200
OK icons8-region-50.png
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/ 1 KB
1 KB 603ms
254ms Image
image/png 173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/icons8-region-50.png
Requested by: Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash: 647869f1f836569f0ec4de08c629ffc442525b5ea97913fd90dc009caedd5649

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:33 GMT
Last-Modified: Mon, 16 Jan 2023 10:32:55 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1131

GET
H/1.1 200
OK icons8-phone-50.png
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/ 990 B
1 KB 603ms
255ms Image
image/png 173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/icons8-phone-50.png
Requested by: Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash: 114ea0b2dfbba7ae939b3b84ce79969942a5eb9a06a84d1315a05cb9b45f7341

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:33 GMT
Last-Modified: Mon, 16 Jan 2023 10:32:55 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 990

GET
H/1.1 200
OK .-6643-resource-loader.js Show response
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/ 221 B
467 B 441ms
269ms Script
application/javascript 173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/.-6643-resource-loader.js
Requested by: Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash: 0c4aa449c09de4bc7447e0cb5c76bb62c5bc82d3bb806678a2180165ba78a696

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:33 GMT
Last-Modified: Mon, 16 Jan 2023 10:32:55 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 221

GET
H/1.1 200
OK .-6607-runtime.eff227375d548a03d4a2.js Show response
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/ 1 KB
2 KB 172ms
171ms Script
application/javascript 173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/.-6607-runtime.eff227375d548a03d4a2.js
Requested by: Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash: bdcedcc0085acc0e4d5a4489b2d73c2aae3f918b17f31bafcf4d8e8b1cc772be

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:34 GMT
Last-Modified: Mon, 16 Jan 2023 10:32:55 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1492

GET
H/1.1 200
OK .-6204-main.b454267499c8d1dd0ee2.chunk.js Show response
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/ 5 MB
5 MB 168ms
168ms Script
application/javascript 173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/.-6204-main.b454267499c8d1dd0ee2.chunk.js
Requested by: Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash: 1005d7e1cdba845abaf190203acd62ca9e994414be24e46ea8878be1374e2438

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:34 GMT
Last-Modified: Mon, 16 Jan 2023 10:32:55 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 5122630

GET
H/1.1 404
Not Found dF0
ln.ser-ute.173-211-46-69.cprapid.com/oJ0d/zt7x/3MnMW/33wsw/EcJYmNQk/ORoxZ2Ms/cVo0BWdH/ 0
0 169ms
169ms Script
text/html 173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/oJ0d/zt7x/3MnMW/33wsw/EcJYmNQk/ORoxZ2Ms/cVo0BWdH/dF0
Requested by: Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:34 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1719326615985
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1719326615985

5 KB
2 KB

56ms
55ms

XHR
application/json

63.35.89.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1719326615985

Requested by

Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af

Protocol

Server

63.35.89.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-89-131.eu-west-1.compute.amazonaws.com

Software

Resource Hash

872ad7da4f51f36c09fc5e9ac2f84590ff824e0e66840eb5f1cba35d6da3034c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

dcs: dcs-prod-irl1-1-v061-097592a56.edge-irl1.demdex.com 3 ms
pragma: no-cache
date: Tue, 25 Jun 2024 14:43:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: fs6chDRCRDg=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://ln.ser-ute.173-211-46-69.cprapid.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 1723
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v061-0bba5b8dc.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 25 Jun 2024 14:43:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: VX7n5sofQXU=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1719326615985
access-control-allow-origin: https://ln.ser-ute.173-211-46-69.cprapid.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK AppMeasurement.min.js Show response
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/b7f9de2492b6/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
13 KB 157ms
49ms Script
application/x-javascript 2a02:26f0:7100:9a7::51e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/b7f9de2492b6/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js

Requested by

Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/094054a424e3-launch-edbf66c903b6.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a02:26f0:7100:9a7::51e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.23.3 /

Resource Hash

9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://.bns https://*.bns ;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Connection: keep-alive
Content-Length: 12163
x-xss-protection: 1; mode=block
Last-Modified: Wed, 12 Jun 2024 21:26:00 GMT
Server: nginx/1.23.3
ETag: "666a1268-8315"
Vary: Accept-Encoding, origin
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://scotiabank.com
x-vcap-request-id: 5f81230a-bbb8-45b4-7692-c26d5d14c76c
Cache-Control: private
Accept-Ranges: bytes

GET
H/1.1 200
OK AppMeasurement_Module_ActivityMap.min.js Show response
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/b7f9de2492b6/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 144ms
43ms Script
application/x-javascript 2a02:26f0:7100:9a7::51e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/b7f9de2492b6/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js

Requested by

Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/094054a424e3-launch-edbf66c903b6.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a02:26f0:7100:9a7::51e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.23.3 /

Resource Hash

462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://.bns https://*.bns ;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Connection: keep-alive
Content-Length: 1597
x-xss-protection: 1; mode=block
Last-Modified: Wed, 12 Jun 2024 21:26:00 GMT
Server: nginx/1.23.3
ETag: "666a1268-ce5"
Vary: Accept-Encoding, origin
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://scotiabank.com
x-vcap-request-id: ea31cf9e-de3f-430f-6cdc-1b0720f50092
Cache-Control: private
Accept-Ranges: bytes

GET
H2 200 dest5.html
scotiabank.demdex.net/ Frame 4AA8 0
0 163ms
57ms Document
text/html 52.51.46.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.demdex.net/dest5.html?d_nsid=0

Requested by

Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/094054a424e3-launch-edbf66c903b6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.51.46.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-46-103.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 25 Jun 2024 14:43:36 GMT
dcs: dcscanary-prod-irl1-1-v076-08eaf837e.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 22 May 2024 08:52:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: QED3XdpuR+I=

GET
H2 200 id Show response
somniture.scotiabank.com/ 48 B
477 B 149ms
46ms XHR
application/x-javascript 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://somniture.scotiabank.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=90600084888653927071841967177116903023&ts=1719326616218

Requested by

Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/094054a424e3-launch-edbf66c903b6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

0114683aca44015af4c6c10669e665f80f6462289e7b03291964444ea2a3f705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/
Accept-Language: it-IT,it;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Jun 2024 14:43:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://ln.ser-ute.173-211-46-69.cprapid.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZnrXmAAAAE_IsANe
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=81181040315471803691485389968697871229
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnrXmAAAAE_IsANe

42 B
718 B

56ms
56ms

Image
image/gif

63.35.89.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnrXmAAAAE_IsANe

Requested by

Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af

Protocol

Server

63.35.89.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-89-131.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

dcs: dcs-prod-irl1-1-v061-0e44f6642.edge-irl1.demdex.com 4 ms
pragma: no-cache
date: Tue, 25 Jun 2024 14:43:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: KLjqAjlQSw8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnrXmAAAAE_IsANe
Date: Tue, 25 Jun 2024 14:43:36 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK styles.86a72d8001092c40e429.css
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/ 1 MB
0 0ms
0ms Stylesheet
text/css 173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
Requested by: Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash: 0d3fb2e7ae7c73168ae60ea986f26e12d61f78c9632d39b4a2c4654c00250fb8

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:33 GMT
Last-Modified: Mon, 16 Jan 2023 10:32:55 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 1363500
Content-Type: text/css

GET
H/1.1 200
OK mobile-phone.png
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/ 6 KB
6 KB 169ms
169ms Image
image/png 173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/mobile-phone.png
Requested by: Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash: 4aa0cb13c447cd5d35729bf6bf5cd8a799834df440c838041646ebb8d8488926

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:47 GMT
Last-Modified: Mon, 16 Jan 2023 10:32:55 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 6142

GET
H/1.1 200
OK assets-8fd30bd010d9e2c7677ec339685f958b.woff
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/fonts/ 30 KB
30 KB 325ms
168ms Font
font/woff 173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/fonts/assets-8fd30bd010d9e2c7677ec339685f958b.woff
Requested by: Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash: 5f45b253b0621b40b352b1ec52c4b2066bca8e71c5ac54d922459fc8109d9366

Request headers

Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
Origin: https://ln.ser-ute.173-211-46-69.cprapid.com
Accept-Language: it-IT,it;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:47 GMT
Last-Modified: Mon, 16 Jan 2023 10:32:55 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 30656

GET
H/1.1 200
OK assets-00cecde981e3ef7491eba946f4b95fe0.woff
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/fonts/ 31 KB
31 KB 493ms
168ms Font
font/woff 173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/fonts/assets-00cecde981e3ef7491eba946f4b95fe0.woff
Requested by: Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash: 5037b298c4193baf7e920bee2999d2ab852db7a3b6b09a38c25a78db92baf69b

Request headers

Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
Origin: https://ln.ser-ute.173-211-46-69.cprapid.com
Accept-Language: it-IT,it;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:47 GMT
Last-Modified: Mon, 16 Jan 2023 10:32:55 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 31796

GET
H/1.1 200
OK favicon.ico
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/ 1 KB
1 KB 168ms
168ms Other
image/x-icon 173.211.46.69
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.211.46.69 Los Angeles, United States, ASN21769 (AS-COLOAM, US),
Reverse DNS: nokpsdflkonbaorcmf.healthdataco.com
Software: Apache /
Resource Hash: 15db266fd7466c7e8d763d0afbbe4b4fed1ed4e147682120289064c9f2e9f540

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 25 Jun 2024 14:43:47 GMT
Last-Modified: Mon, 16 Jan 2023 10:32:55 GMT
Server: Apache
Content-Type: image/x-icon
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1150

GET
H/1.1 204
No Content b
ds-aksb-a.akamaihd.net/2/682023/ 0
269 B 29ms
28ms Image
text/html 2a02:26f0:7100::1720:eecb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ds-aksb-a.akamaihd.net/2/682023/b?dE=0&cS=0&cE=0&rqS=0&rsS=171&rsE=847&sS=&dl=269&di=14168&fp=15147&dlS=14168&dlE=14168&dc=14666&leS=14666&leE=14667&to=&ol=0&cr=8&mt=&mb=&b=133377&u=https%3A//ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php&ua=Mozilla/5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2014_7_1%20like%20Mac%20OS%20X%29%20AppleWebKit/605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Version/14.1.2%20Mobile/15E148%20Safari/604.1&pl=iPhone&us=&gh=104.98.118.53&t=&rid=29973540&r=36315&akM=b&akN=ae&vc=14:17&bpcip=c7a7c900&akTX=1&akTI=29973540&ai=447106&pmgn=&pmgi=&pmp=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eecb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://ln.ser-ute.173-211-46-69.cprapid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Tue, 25 Jun 2024 14:43:47 GMT
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store, private
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
Expires: Tue, 25 Jun 2024 14:43:47 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Desio (Banking)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ln.ser-ute.173-211-46-69.cprapid.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 71e318e0e40958383ab8d99541f08ac4
.demdex.net/	1970-01-21 01:54:38	Name: demdex Value: 81181040315471803691485389968697871229
.ser-ute.173-211-46-69.cprapid.com/	1969-12-31 23:59:59	Name: AMCVS_0AAF22CE52827A080A490D4D%40AdobeOrg Value: 1
.dpm.demdex.net/	1970-01-21 01:54:38	Name: dpm Value: 81181040315471803691485389968697871229
.ser-ute.173-211-46-69.cprapid.com/	1970-01-21 07:11:26	Name: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19900%7CMCMID%7C90600084888653927071841967177116903023%7CMCAAMLH-1719931416%7C6%7CMCAAMB-1719931416%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1719333816s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19907%7CvVersion%7C5.4.0
.adnxs.com/	1970-01-21 07:11:26	Name: receive-cookie-deprecation Value: 1
.mathtag.com/	1970-01-21 07:01:21	Name: uuid Value: b84e667a-d798-4500-b21e-44d030f51acf
.doubleclick.net/	1970-01-21 06:57:02	Name: IDE Value: AHWqTUmWgEiueaDOZyhSh_yL9GetSXWhuVFort04ZSkzzD2VsbF8kTHWGfYKGxiiGXs
.twitter.com/	1970-01-21 07:11:26	Name: personalization_id Value: "v1_AOa9pXxKOUkFHYoKNbVipw=="
.rfihub.com/	1970-01-21 06:57:02	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjE0NTWwsDA0MxfiM9T1LXa0CIy0dM_1qdQFAPNH7m4lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjE0NTWwsDA0MxfiM9T1LXa0CIy0dM_1qdQFAPNH7m4lAAAA
.rfihub.com/	1970-01-21 06:57:02	Name: eud Value: H4sIAAAAAAAA_1vFxGtobmhpbGRmBqQtTAGrChbXEAAAAA
.quantserve.com/	1970-01-20 23:45:02	Name: d Value: ENABDAGWLLmvYA
.quantserve.com/	1970-01-21 07:05:41	Name: mc Value: 667ad799-4cc6a-0a706-86510
.eyeota.net/	1970-01-20 21:35:27	Name: SERVERID Value: 20851~DM
.demdex.net/	1970-01-21 01:54:38	Name: dextp Value: 269-1-1719326616398\|358-1-1719326616499\|601-1-1719326616600\|771-1-1719326616701\|822-1-1719326616801\|1123-1-1719326616905\|1121-1-1719326617006\|903-1-1719326617114\|1175-1-1719326617216\|22052-1-1719326617317\|30064-1-1719326617420\|30646-1-1719326617521\|73426-1-1719326617623\|121998-1-1719326617726\|144230-1-1719326617827\|144231-1-1719326617927\|144232-1-1719326618032\|144233-1-1719326618133\|144234-1-1719326618234\|144235-1-1719326618334\|144236-1-1719326618435\|144237-1-1719326618537\|161033-1-1719326618638\|139200-1-1719326618739
.onaudience.com/	1970-01-21 06:21:02	Name: cookie Value: ff771b26e49bf782
.amazon-adsystem.com/	1970-01-21 02:09:02	Name: ad-id Value: A-18b9Qk7kgsrCzEZKAOLz0
.amazon-adsystem.com/	1970-01-21 07:11:26	Name: ad-privacy Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ln.ser-ute.173-211-46-69.cprapid.com/oJ0d/zt7x/3MnMW/33wsw/EcJYmNQk/ORoxZ2Ms/cVo0BWdH/dF0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.everesttech.net
dmtags.scotiabank.com
dpm.demdex.net
ds-aksb-a.akamaihd.net
ln.ser-ute.173-211-46-69.cprapid.com
scotiabank.demdex.net
somniture.scotiabank.com
verifica-dati-binance.com
159.100.6.5
173.211.46.69
2a02:26f0:7100:9a7::51e
2a02:26f0:7100::1720:eecb
52.211.131.117
52.51.46.103
63.140.62.17
63.35.89.131
0114683aca44015af4c6c10669e665f80f6462289e7b03291964444ea2a3f705
03225d14336379353bc306d8a809ea367fd0c30491c43c96918aa68783d1d9b0
0c4aa449c09de4bc7447e0cb5c76bb62c5bc82d3bb806678a2180165ba78a696
0d3fb2e7ae7c73168ae60ea986f26e12d61f78c9632d39b4a2c4654c00250fb8
1005d7e1cdba845abaf190203acd62ca9e994414be24e46ea8878be1374e2438
114ea0b2dfbba7ae939b3b84ce79969942a5eb9a06a84d1315a05cb9b45f7341
15db266fd7466c7e8d763d0afbbe4b4fed1ed4e147682120289064c9f2e9f540
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
4aa0cb13c447cd5d35729bf6bf5cd8a799834df440c838041646ebb8d8488926
5037b298c4193baf7e920bee2999d2ab852db7a3b6b09a38c25a78db92baf69b
5f45b253b0621b40b352b1ec52c4b2066bca8e71c5ac54d922459fc8109d9366
647869f1f836569f0ec4de08c629ffc442525b5ea97913fd90dc009caedd5649
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
872ad7da4f51f36c09fc5e9ac2f84590ff824e0e66840eb5f1cba35d6da3034c
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
bdcedcc0085acc0e4d5a4489b2d73c2aae3f918b17f31bafcf4d8e8b1cc772be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46cc6bdfd9597f8ebe594cfb61fccbe87e8b768c8abb46ae5e10de56ed67c6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fde6372895f5b115abe65c37ae2a4f4769e43cfb6d826eb3f256477e6bb17fe0

ln.ser-ute.173-211-46-69.cprapid.com Open in urlscan Pro 173.211.46.69 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

91 %HTTPS

25 %IPv6

6 Domains

8 Subdomains

6 IPs

3 Countries

6746 kBTransfer

8105 kBSize

19 Cookies

1 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

27 JavaScript Global Variables

19 Cookies

1 Console Messages

Indicators

ln.ser-ute.173-211-46-69.cprapid.com Open in urlscan Pro
173.211.46.69 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

91 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

6
IPs

3
Countries

6746 kB
Transfer

8105 kB
Size

19
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!