isn1-scotiabank.azurewebsites.net
Open in
urlscan Pro
52.228.42.76
Malicious Activity!
Public Scan
Effective URL: https://isn1-scotiabank.azurewebsites.net/
Submission: On October 20 via api from US — Scanned from CA
Summary
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 08 on August 4th 2024. Valid for: a year.
This is the only time isn1-scotiabank.azurewebsites.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Scotiabank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 52.228.42.76 52.228.42.76 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 142.251.40.202 142.251.40.202 | 15169 (GOOGLE) (GOOGLE) | |
1 | 172.67.142.245 172.67.142.245 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 72.21.81.200 72.21.81.200 | 15133 (EDGECAST) (EDGECAST) | |
1 | 142.251.41.67 142.251.41.67 | 15169 (GOOGLE) (GOOGLE) | |
2 | 52.179.73.57 52.179.73.57 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
19 | 6 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
isn1-scotiabank.azurewebsites.net |
ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: yyz10s20-in-f3.1e100.net
fonts.gstatic.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
azurewebsites.net
isn1-scotiabank.azurewebsites.net |
195 KB |
2 |
visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 785 |
200 B |
1 |
gstatic.com
fonts.gstatic.com |
13 KB |
1 |
msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 3081 |
22 KB |
1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1222 |
9 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30 |
1 KB |
19 | 6 |
Domain | Requested by | |
---|---|---|
13 | isn1-scotiabank.azurewebsites.net |
isn1-scotiabank.azurewebsites.net
|
2 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | az416426.vo.msecnd.net |
isn1-scotiabank.azurewebsites.net
|
1 | use.fontawesome.com |
isn1-scotiabank.azurewebsites.net
|
1 | fonts.googleapis.com |
isn1-scotiabank.azurewebsites.net
|
19 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.scotiabank.com |
arm4f.scotiabank.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.azurewebsites.net Microsoft Azure RSA TLS Issuing CA 08 |
2024-08-04 - 2025-07-30 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-09-30 - 2024-12-23 |
3 months | crt.sh |
use.fontawesome.com WE1 |
2024-09-09 - 2024-12-09 |
3 months | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2024-06-06 - 2025-06-06 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-09-30 - 2024-12-23 |
3 months | crt.sh |
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04 |
2024-09-16 - 2025-09-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://isn1-scotiabank.azurewebsites.net/
Frame ID: 280B8F960BCD4E4EF71DE7D192BB56F0
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://isn1-scotiabank.azurewebsites.net/
HTTP 307
https://isn1-scotiabank.azurewebsites.net/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: French
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://isn1-scotiabank.azurewebsites.net/
HTTP 307
https://isn1-scotiabank.azurewebsites.net/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
isn1-scotiabank.azurewebsites.net/ Redirect Chain
|
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.0.7/css/ |
35 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
isn1-scotiabank.azurewebsites.net/Content/ |
117 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reward.css
isn1-scotiabank.azurewebsites.net/Content/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr-2.6.2.js
isn1-scotiabank.azurewebsites.net/Scripts/ |
49 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_en.png
isn1-scotiabank.azurewebsites.net/Images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.js
isn1-scotiabank.azurewebsites.net/Scripts/ |
282 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
isn1-scotiabank.azurewebsites.net/Scripts/ |
57 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
respond.js
isn1-scotiabank.azurewebsites.net/Scripts/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Scotia_W_Rg.woff2
isn1-scotiabank.azurewebsites.net/Content/fonts/ |
11 KB 11 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron-right.png
isn1-scotiabank.azurewebsites.net/Images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Scotia_W_Headline.woff2
isn1-scotiabank.azurewebsites.net/Content/fonts/ |
12 KB 13 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Scotia_W_Bd.woff2
isn1-scotiabank.azurewebsites.net/Content/fonts/ |
11 KB 12 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v32/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
isn1-scotiabank.azurewebsites.net/Content/ |
7 KB 7 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 200 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Scotiabank (Banking)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| html5 object| Modernizr object| appInsights function| $ function| jQuery object| respond object| AI object| Microsoft function| __extends function| _endsWith6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
isn1-scotiabank.azurewebsites.net/ | Name: ASP.NET_SessionId Value: iamoo1ht4b43ipz4fgjolyke |
|
isn1-scotiabank.azurewebsites.net/ | Name: __RequestVerificationToken Value: p6wki04mNjg-P41ggzCoHJaHYK3QaMzhWvYAMvBNJhSLxK6wE8e2C2uCbJWbeRWGnmmz7w5bFRgPc0w1-_vNkxhMZeRqc1_D1uw_q4-ieZo1 |
|
.isn1-scotiabank.azurewebsites.net/ | Name: ARRAffinity Value: 40738649c6f3795802988091ec0d2f105f6a06f9bec0ffb00aa95800b5cfeea9 |
|
.isn1-scotiabank.azurewebsites.net/ | Name: ARRAffinitySameSite Value: 40738649c6f3795802988091ec0d2f105f6a06f9bec0ffb00aa95800b5cfeea9 |
|
isn1-scotiabank.azurewebsites.net/ | Name: ai_user Value: bAXb3|2024-10-20T00:11:58.876Z |
|
isn1-scotiabank.azurewebsites.net/ | Name: ai_session Value: MFBOG|1729383118978.1|1729383118978.1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
az416426.vo.msecnd.net
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
isn1-scotiabank.azurewebsites.net
use.fontawesome.com
142.251.40.202
142.251.41.67
172.67.142.245
52.179.73.57
52.228.42.76
72.21.81.200
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
20f10502111b9fb4c47d833fe055188971bac8a6ff333aef302bff2a80e228e6
22c00f895dffacca72aadad6f9e461a7821a75f885210e9329ac1ea4662007ef
420b3d68e87c190370d928c51daff4d027603e7b21d5071afb3640ca2081c9c9
48fb03aaa5aa19cb3a549865fabbed1c4e5a5820a79f29012d5779f93d25dd52
4f2d377257a7f70d60388288f7c70f75f3a88c8a655d78958ea8440289d9dddd
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53b4f4267dc37839f3536bf50ffe96e32462c4d2616c783219ae930cc0d940f8
5b294b4beffc073116e500279a2f5143a787f6274b63812b1303e0aac2201083
66385667c02dc2fd0115b5c7a369221c810bed40b6d880d8bad5be0f2d281dd1
8785743b01c663969835fbf95cf30627e645bfa400107de59917a61fba2f964c
912e9182833035948fe293a9d4e1ddc1382304916fae943d535e2685c8a9e850
97f8b6f955b8e5d32eb023befcaadda8dcb364877b39e6d0a38e20e1579e535c
af3b55cd44e9b881047ac906ad729b60d63f32ec164bcf59223f1083f3080d45
b88a434bd779a40af5b559801ebda1fcd6b5a9752c0d3cc44bb0d20db80791e5
bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0
d579d83ae1477e0da463ad2b50e9b2bba341679e3d557deb9c3fb033a418da2b
eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e