www.forestofirmino.com.br.oliveiramidias.com Open in urlscan Pro
192.185.210.203 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Submission: On May 02 via automatic, source openphish (May 2nd 2024, 1:38:07 am UTC) — Scanned from DE

Summary HTTP 26 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 26 HTTP transactions. The main IP is 192.185.210.203, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is www.forestofirmino.com.br.oliveiramidias.com.
TLS certificate: Issued by R3 on March 21st 2024. Valid for: 3 months.

This is the only time www.forestofirmino.com.br.oliveiramidias.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Scotiabank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 11	192.185.210.203 192.185.210.203	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
4	2a02:26f0:170... 2a02:26f0:1700:194::51e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2600:9000:267... 2600:9000:2670:e600:d:e6dd:f300:21	16509 (AMAZON-02) (AMAZON-02)
1 3	3.248.114.134 3.248.114.134	16509 (AMAZON-02) (AMAZON-02)
1	54.228.206.60 54.228.206.60	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.222 63.140.62.222	16509 (AMAZON-02) (AMAZON-02)
1 1	52.16.30.197 52.16.30.197	16509 (AMAZON-02) (AMAZON-02)
1	52.210.155.25 52.210.155.25	16509 (AMAZON-02) (AMAZON-02)
26	8

11 192.185.210.203 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: br102-ip08.hostgator.com.br

www.forestofirmino.com.br.oliveiramidias.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:1700:194::51e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmtags.scotiabank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2670:e600:d:e6dd:f300:21 (United States)

ASN16509 (AMAZON-02, US)

dlslhpkfqfglo.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.248.114.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-114-134.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.206.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-206-60.eu-west-1.compute.amazonaws.com

scotiabank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net

somniture.scotiabank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.30.197 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-30-197.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.155.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-155-25.eu-west-1.compute.amazonaws.com

csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	oliveiramidias.com 1 redirects www.forestofirmino.com.br.oliveiramidias.com	59 KB
5	cloudfront.net dlslhpkfqfglo.cloudfront.net	795 KB
5	scotiabank.com dmtags.scotiabank.com — Cisco Umbrella Rank: 127781 somniture.scotiabank.com — Cisco Umbrella Rank: 114528	90 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 233 scotiabank.demdex.net — Cisco Umbrella Rank: 108304	4 KB
1	memcyco.com csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com — Cisco Umbrella Rank: 298263
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1310	517 B
0	Failed function sub() { [native code] }. Failed
26	7

	Domain	Requested by
11	www.forestofirmino.com.br.oliveiramidias.com	1 redirects www.forestofirmino.com.br.oliveiramidias.com
5	dlslhpkfqfglo.cloudfront.net	www.forestofirmino.com.br.oliveiramidias.com dlslhpkfqfglo.cloudfront.net
4	dmtags.scotiabank.com	www.forestofirmino.com.br.oliveiramidias.com dmtags.scotiabank.com
3	dpm.demdex.net	1 redirects www.forestofirmino.com.br.oliveiramidias.com
1	csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com	dlslhpkfqfglo.cloudfront.net
1	cm.everesttech.net	1 redirects
1	somniture.scotiabank.com	dmtags.scotiabank.com
1	scotiabank.demdex.net	dmtags.scotiabank.com
0	invalid Failed	dlslhpkfqfglo.cloudfront.net
26	9

This site contains links to these domains. Also see Links.

Domain
www.scotiabank.com

Subject Issuer	Validity	Valid
forestofirmino.com.br R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
apps.scotiabank.com Entrust Certification Authority - L1K	`2023-11-21` - `2024-12-21`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
somniture.scotiabank.com Entrust Certification Authority - L1K	`2023-08-21` - `2024-09-21`	a year	crt.sh
*.memcyco.com Amazon RSA 2048 M03	`2024-02-25` - `2025-03-25`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Frame ID: 2C6ED0ECFE802A82F067CBFD971CB8D8
Requests: 24 HTTP requests in this frame

Frame: https://scotiabank.demdex.net/dest5.html?d_nsid=0
Frame ID: EFA3393AD4A95ACE3F251572B4FFCBAE
Requests: 1 HTTP requests in this frame

Frame: https://csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/cdn/cd/csframe.html
Frame ID: 224CA9D82A3EF21BDB04A94E774973EA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in | Scotiabank

Page URL History Show full URLs

https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e HTTP 301
https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

85 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

947 kB
Transfer

2898 kB
Size

24
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.scotiabank.com/ca/en/personal.html
Title: Scotiabank

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/personal/contact-us.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/about/contact-us/security.html
Title: Security

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/about/contact-us/legal.html
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/about/contact-us/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/personal/accessibility.html
Title: Accessibility

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e HTTP 301
https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1714613882060 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1714613882060

Request Chain 15

https://cm.everesttech.net/cm/dd?d_uuid=76589533394425794451253742586712176919 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZjLuegAAAKPUwwOJ

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Redirect Chain

https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e
https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/

99 KB
25 KB

225ms
224ms

Document
text/html

192.185.210.203
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.210.203 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br102-ip08.hostgator.com.br
Software: Apache /
Resource Hash: bafdfc3ff688f329d8c4e648c375e929c4a54c1245d563a6841cecc65addd6b1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html
date: Thu, 02 May 2024 01:38:01 GMT
last-modified: Wed, 01 May 2024 22:21:05 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

content-length: 278
content-type: text/html; charset=iso-8859-1
date: Thu, 02 May 2024 01:38:01 GMT
location: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
server: Apache

GET
H/1.1 200
OK launch-edbf66c903b6.min.js Show response
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/ 253 KB
67 KB 79ms
18ms Script
application/x-javascript 2a02:26f0:1700:194::51e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js

Requested by

Host: www.forestofirmino.com.br.oliveiramidias.com
URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a02:26f0:1700:194::51e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.23.3 /

Resource Hash

432bdcaeac556841bbcae2c2573562ecdd13161fe8fc121fa4e5dc18ec37e707

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://.bns https://*.bns ;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 01:38:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Connection: keep-alive
Content-Length: 67765
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 08 Apr 2024 18:35:12 GMT
Server: nginx/1.23.3
ETag: "661438e0-3f579"
Vary: Accept-Encoding, origin
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://scotiabank.com
X-Vcap-Request-Id: 8e381378-2713-4206-4c5f-6c062af2ca37
Cache-Control: private
Accept-Ranges: bytes

GET
H2 200 mutha-scotia-wrapper.min.js Show response
dlslhpkfqfglo.cloudfront.net/cdn/ca/ 5 KB
3 KB 40ms
7ms Script
application/javascript 2600:9000:2670:e600:d:e6dd:f300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlslhpkfqfglo.cloudfront.net/cdn/ca/mutha-scotia-wrapper.min.js

Requested by

Host: www.forestofirmino.com.br.oliveiramidias.com
URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e600:d:e6dd:f300:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

416d9db2d794e184d13131d8fb84940dc4727c158281734eae4120a8637e96d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 03:16:29 GMT
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-permitted-cross-domain-policies: master-only
via: 1.1 c5b802393a68d17f06973bb92695544a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 80492
x-frame-options: DENY
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
x-amz-cf-id: BmeNnonaPUFtsSxDvMbFh_4XpCHdT8-pzaJ06_fcVfgdeqoNXbR1gg==

GET
H2 200 resource-loader.js Show response
www.forestofirmino.com.br.oliveiramidias.com/ 8 KB
4 KB 665ms
665ms Script
text/html 192.185.210.203
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forestofirmino.com.br.oliveiramidias.com/resource-loader.js
Requested by: Host: www.forestofirmino.com.br.oliveiramidias.com
URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.210.203 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br102-ip08.hostgator.com.br
Software: Apache /
Resource Hash: 312d8f2dc44f874c2a45fe38556d1a4ca89d97587dbe5da941c85f9f6a6044d1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 01:38:02 GMT
content-encoding: gzip
server: Apache
content-length: 3798
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 runtime.28b2f6d6a26212c51af2.js Show response
www.forestofirmino.com.br.oliveiramidias.com/ 8 KB
4 KB 668ms
667ms Script
text/html 192.185.210.203
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forestofirmino.com.br.oliveiramidias.com/runtime.28b2f6d6a26212c51af2.js
Requested by: Host: www.forestofirmino.com.br.oliveiramidias.com
URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.210.203 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br102-ip08.hostgator.com.br
Software: Apache /
Resource Hash: 57e92a0e4b9e3f59d3572f912611ee9525dec4227e2e5dfb46ed94a4806c4775

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 01:38:02 GMT
content-encoding: gzip
server: Apache
content-length: 3796
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 main.cafb241d85447b367d0c.chunk.js Show response
www.forestofirmino.com.br.oliveiramidias.com/ 8 KB
4 KB 697ms
697ms Script
text/html 192.185.210.203
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forestofirmino.com.br.oliveiramidias.com/main.cafb241d85447b367d0c.chunk.js
Requested by: Host: www.forestofirmino.com.br.oliveiramidias.com
URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.210.203 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br102-ip08.hostgator.com.br
Software: Apache /
Resource Hash: 7e4dd401ec6555157a0d3934d81f11e832311549c08f215980c4040c08cbb889

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 01:38:02 GMT
content-encoding: gzip
server: Apache
content-length: 3798
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 aJwh5KWcB Show response
www.forestofirmino.com.br.oliveiramidias.com/jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/ 8 KB
4 KB 679ms
679ms Script
text/html 192.185.210.203
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forestofirmino.com.br.oliveiramidias.com/jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB
Requested by: Host: www.forestofirmino.com.br.oliveiramidias.com
URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.210.203 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br102-ip08.hostgator.com.br
Software: Apache /
Resource Hash: 6cfc860a885ceab79150648390d0f30b7bbbd31381760b3775ccea55713cbff4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 01:38:02 GMT
content-encoding: gzip
server: Apache
content-length: 3796
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 styles.ef875488df3637535e09.css
www.forestofirmino.com.br.oliveiramidias.com/ 8 KB
4 KB 660ms
659ms Stylesheet
text/html 192.185.210.203
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forestofirmino.com.br.oliveiramidias.com/styles.ef875488df3637535e09.css
Requested by: Host: www.forestofirmino.com.br.oliveiramidias.com
URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.210.203 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br102-ip08.hostgator.com.br
Software: Apache /
Resource Hash: 0d70971f1808de44689a03f751d4066227e0e2d4a064affba1aa570f1626ac01

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 01:38:02 GMT
content-encoding: gzip
server: Apache
content-length: 3797
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 8fd30bd010d9e2c7677ec339685f958b.woff
www.forestofirmino.com.br.oliveiramidias.com/assets/ 8 KB
4 KB 653ms
653ms Font
text/html 192.185.210.203
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forestofirmino.com.br.oliveiramidias.com/assets/8fd30bd010d9e2c7677ec339685f958b.woff
Requested by: Host: www.forestofirmino.com.br.oliveiramidias.com
URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.210.203 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br102-ip08.hostgator.com.br
Software: Apache /
Resource Hash: a0584d2aac27b1eeb606fb8790ecf625eaff4662cc7bea7e479b126501af7f71

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Origin: https://www.forestofirmino.com.br.oliveiramidias.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 01:38:02 GMT
content-encoding: gzip
server: Apache
content-length: 3797
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1714613882060
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1714613882060

5 KB
2 KB

32ms
32ms

XHR
application/json

3.248.114.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1714613882060

Requested by

Host: www.forestofirmino.com.br.oliveiramidias.com
URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/

Protocol

Server

3.248.114.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-114-134.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7506a32b44029709cdf5d48589b32a5450689e3acea7440d6c5871137b6c3719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v060-0dc94a4c6.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Thu, 02 May 2024 01:38:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: dAJMuvlIQfo=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.forestofirmino.com.br.oliveiramidias.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 1727
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v060-0ed0d314d.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Thu, 02 May 2024 01:38:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: xImwr12qTYM=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1714613882060
access-control-allow-origin: https://www.forestofirmino.com.br.oliveiramidias.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK AppMeasurement.min.js Show response
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/ 34 KB
13 KB 17ms
17ms Script
application/x-javascript 2a02:26f0:1700:194::51e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js

Requested by

Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a02:26f0:1700:194::51e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.23.3 /

Resource Hash

6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://.bns https://*.bns ;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 01:38:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Connection: keep-alive
Content-Length: 12687
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 08 Apr 2024 18:34:19 GMT
Server: nginx/1.23.3
ETag: "661438ab-8996"
Vary: Accept-Encoding, origin
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://scotiabank.com
X-Vcap-Request-Id: e61856c7-d650-42dc-532c-9003683bddfd
Cache-Control: private
Accept-Ranges: bytes

GET
H/1.1 200
OK AppMeasurement_Module_ActivityMap.min.js Show response
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/ 3 KB
2 KB 31ms
17ms Script
application/x-javascript 2a02:26f0:1700:194::51e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js

Requested by

Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a02:26f0:1700:194::51e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.23.3 /

Resource Hash

bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://.bns https://*.bns ;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 01:38:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Connection: keep-alive
Content-Length: 1597
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 08 Apr 2024 18:34:19 GMT
Server: nginx/1.23.3
ETag: "661438ab-cd4"
Vary: Accept-Encoding, origin
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://scotiabank.com
X-Vcap-Request-Id: 566d5112-7b3e-4a90-4e42-51eb2dd04904
Cache-Control: private
Accept-Ranges: bytes

GET
H/1.1 200
OK otSDKStub.js Show response
dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/ 21 KB
7 KB 30ms
16ms Script
application/x-javascript 2a02:26f0:1700:194::51e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js

Requested by

Host: www.forestofirmino.com.br.oliveiramidias.com
URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a02:26f0:1700:194::51e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.23.3 /

Resource Hash

6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://.bns https://*.bns ;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 01:38:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Connection: keep-alive
Content-Length: 6793
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 16 Nov 2023 20:20:13 GMT
Server: nginx/1.23.3
ETag: "6556797d-524b"
Vary: Accept-Encoding, origin
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://scotiabank.com
X-Vcap-Request-Id: e8ed5c2b-47b3-46ef-7fd0-80e5a726ad83
Cache-Control: private
Accept-Ranges: bytes

GET 4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json
dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/ 0
0

GET
H2 200 dest5.html
scotiabank.demdex.net/ Frame EFA3 0
0 106ms
31ms Document
text/html 54.228.206.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.demdex.net/dest5.html?d_nsid=0

Requested by

Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.228.206.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-206-60.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 02 May 2024 01:38:02 GMT
dcs: dcs-prod-irl1-1-v060-0dc7a61ac.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Tue, 9 Apr 2024 11:58:06 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: vzFK47mFRl4=

GET
H2 200 id Show response
somniture.scotiabank.com/ 48 B
480 B 72ms
23ms XHR
application/x-javascript 63.140.62.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://somniture.scotiabank.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=74469134623774747912050511190841562117&ts=1714613882193

Requested by

Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

e2325008c6297b61a1e294f09385de5675e528bff025d1aef9da4514b1688cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 02 May 2024 01:38:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.forestofirmino.com.br.oliveiramidias.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZjLuegAAAKPUwwOJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=76589533394425794451253742586712176919
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZjLuegAAAKPUwwOJ

42 B
717 B

33ms
33ms

Image
image/gif

3.248.114.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZjLuegAAAKPUwwOJ

Requested by

Host: www.forestofirmino.com.br.oliveiramidias.com
URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/

Protocol

Server

3.248.114.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-114-134.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v060-0aeb99408.edge-irl1.demdex.com 3 ms
pragma: no-cache
date: Thu, 02 May 2024 01:38:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: TXmf9qqMQAU=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZjLuegAAAKPUwwOJ
Date: Thu, 02 May 2024 01:38:02 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 styles.ef875488df3637535e09.css
www.forestofirmino.com.br.oliveiramidias.com/ 8 KB
4 KB 628ms
628ms Stylesheet
text/html 192.185.210.203
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forestofirmino.com.br.oliveiramidias.com/styles.ef875488df3637535e09.css
Requested by: Host: www.forestofirmino.com.br.oliveiramidias.com
URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.210.203 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br102-ip08.hostgator.com.br
Software: Apache /
Resource Hash: 775536911c28c7be0a1e35d3ccf316d8ac79128ffc439a58d068e8dc8bb14681

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 01:38:02 GMT
content-encoding: gzip
server: Apache
content-length: 3799
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 50805f331bb1b697aafb6f0c28b09212.woff2
www.forestofirmino.com.br.oliveiramidias.com/assets/ 8 KB
4 KB 655ms
655ms Font
text/html 192.185.210.203
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forestofirmino.com.br.oliveiramidias.com/assets/50805f331bb1b697aafb6f0c28b09212.woff2
Requested by: Host: www.forestofirmino.com.br.oliveiramidias.com
URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.210.203 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br102-ip08.hostgator.com.br
Software: Apache /
Resource Hash: 25170e0d4b15102cfa35f1855a031a62bbc7835cf4e1700c619f3dc900e77711

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Origin: https://www.forestofirmino.com.br.oliveiramidias.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 01:38:02 GMT
content-encoding: gzip
server: Apache
content-length: 3798
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 jquery-3.6.1.min.js Show response
dlslhpkfqfglo.cloudfront.net/cdn/ca/ 2 MB
784 KB 7ms
7ms Script
application/javascript 2600:9000:2670:e600:d:e6dd:f300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js

Requested by

Host: dlslhpkfqfglo.cloudfront.net
URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/mutha-scotia-wrapper.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e600:d:e6dd:f300:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e24b45cf0914dc90c1a41f163118d8baf221ae51ca9c855d7da6071f15661ed6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 03:16:30 GMT
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-permitted-cross-domain-policies: master-only
via: 1.1 c5b802393a68d17f06973bb92695544a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 80492
x-frame-options: DENY
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
x-amz-cf-id: O96ozOe1OINWhAqGcj1vIdD6JtknMPAYnrn_i9JSFz7BLsE128yRtg==

GET
H2 200 gpk Show response
dlslhpkfqfglo.cloudfront.net/cdn/cd/ 767 B
1 KB 22ms
7ms XHR
application/json 2600:9000:2670:e600:d:e6dd:f300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlslhpkfqfglo.cloudfront.net/cdn/cd/gpk?orgID=81f541cd2f4ea9c2908b9e39b03e0a80

Requested by

Host: dlslhpkfqfglo.cloudfront.net
URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e600:d:e6dd:f300:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c34c500f08ebe23a81e67e6518dc4737afd96905596c54158d205f6d70afb614

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 03:16:31 GMT
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
via: 1.1 77e414816706879c16a3707f261f0b5a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 80491
x-cache: Hit from cloudfront
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0 (Ubuntu)
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://www.forestofirmino.com.br.oliveiramidias.com
access-control-allow-credentials: true
x-amz-cf-id: QPrh5JCtktOxEm3x_XDV4hPd6v-g-afWNR7G0cT-iDDZYYRkjt3Nbg==

GET
H2 200 csframe.html
csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/cdn/cd/ Frame 224C 0
0 127ms
51ms Document
text/html 52.210.155.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/cdn/cd/csframe.html

Requested by

Host: dlslhpkfqfglo.cloudfront.net
URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.210.155.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-155-25.eu-west-1.compute.amazonaws.com

Software

nginx/1.23.3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 May 2024 01:38:02 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.23.3
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only

POST
H2 200 gwf Show response
dlslhpkfqfglo.cloudfront.net/cdn/cd/ 8 KB
6 KB 444ms
443ms XHR
text/plain 2600:9000:2670:e600:d:e6dd:f300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlslhpkfqfglo.cloudfront.net/cdn/cd/gwf

Requested by

Host: dlslhpkfqfglo.cloudfront.net
URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e600:d:e6dd:f300:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

1e42e8ede35da060c962534c02b69a04d8e66585071dfb5b81ab515745b51f8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 01:38:03 GMT
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-permitted-cross-domain-policies: master-only
via: 1.1 c5b802393a68d17f06973bb92695544a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
x-frame-options: DENY
x-cache: Miss from cloudfront
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.forestofirmino.com.br.oliveiramidias.com
access-control-allow-credentials: true
x-amz-cf-id: kyFQSPsMkhG1ICicMMCH89QB68UUN5QV-6V74DC_93lFjgg-eBNtTQ==

GET
H2 200 favicon.ico
www.forestofirmino.com.br.oliveiramidias.com/ 8 KB
4 KB 614ms
614ms Other
text/html 192.185.210.203
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forestofirmino.com.br.oliveiramidias.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.210.203 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br102-ip08.hostgator.com.br
Software: Apache /
Resource Hash: 273c50a864b127786c0182dc5a675e0efb522ec58e11f3ce30dab61be13f74f4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 01:38:03 GMT
content-encoding: gzip
server: Apache
content-length: 3797
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET /
invalid/ 0
0

POST
H2 200 l Show response
dlslhpkfqfglo.cloudfront.net/cdn/cd/ 88 B
600 B 198ms
198ms XHR
text/plain 2600:9000:2670:e600:d:e6dd:f300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlslhpkfqfglo.cloudfront.net/cdn/cd/l

Requested by

Host: dlslhpkfqfglo.cloudfront.net
URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e600:d:e6dd:f300:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

92dc2c5aae48d8630ca1eff5b366fd3f8929a4873f4f790ac79ca09bc91c962e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.forestofirmino.com.br.oliveiramidias.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 01:38:03 GMT
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
via: 1.1 77e414816706879c16a3707f261f0b5a.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P9
x-frame-options: DENY
x-cache: Miss from cloudfront
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.forestofirmino.com.br.oliveiramidias.com
access-control-allow-credentials: true
content-length: 88
x-amz-cf-id: oaOzRAuso-7AwooTKOHdIQKh1qKP8q-YUMMzxvjpbtFLp98Dw8Fm7Q==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json

Domain: invalid
URL: chrome-extension://invalid/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Scotiabank (Banking)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dlslhpkfqfglo.cloudfront.net/	1970-01-20 20:16:53	Name: aphishCookie-1714533389643-SCOTIA Value: 0
.demdex.net/	1970-01-21 00:36:05	Name: demdex Value: 76589533394425794451253742586712176919
.oliveiramidias.com/	1969-12-31 23:59:59	Name: AMCVS_0AAF22CE52827A080A490D4D%40AdobeOrg Value: 1
.everesttech.net/	1970-01-21 05:02:29	Name: everest_g_v2 Value: g_surferid~ZjLuegAAAKPUwwOJ
.dpm.demdex.net/	1970-01-21 00:36:05	Name: dpm Value: 76589533394425794451253742586712176919
.oliveiramidias.com/	1970-01-21 05:52:53	Name: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C19846%7CMCMID%7C74469134623774747912050511190841562117%7CMCAAMLH-1715218682%7C6%7CMCAAMB-1715218682%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1714621082s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19853%7CvVersion%7C5.5.0
.adnxs.com/	1970-01-21 05:52:53	Name: receive-cookie-deprecation Value: 1
.mathtag.com/	1970-01-21 05:42:49	Name: uuid Value: 9d2a6632-ee7a-4d00-ac21-b3b4f02dba81
.doubleclick.net/	1970-01-21 05:38:29	Name: IDE Value: AHWqTUktn_myhrEO1iyvpTIU8m7THns0I3E7jFikKiRwGFwvCgef9qO63X6Hz94aziE
csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/	1970-01-20 20:26:58	Name: AWSALBCORS Value: jwxanZupwOsUC4apQL3PTlv6TA+KY9W27w8kdMXF0o3kPi9ozEuW+1o0WopdmFp8FrDMb9cBbhQR5N2qihrGqe226MUjpozR+YrMi7djpat6pglRwXVulmrU2eBt
.rfihub.com/	1970-01-21 05:38:29	Name: eud Value: H4sIAAAAAAAA_1vFxGtobmhiZmhsYWFkaWYGAK8ylb0QAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0NjQwNTO1NDc3shTiM9T1tvQ3KbTMjyyMdAwBAOkchA8lAAAA
.rfihub.com/	1970-01-21 05:38:29	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0NjQwNTO1NDc3shTiM9T1tvQ3KbTMjyyMdAwBAOkchA8lAAAA
.twitter.com/	1970-01-21 05:52:53	Name: personalization_id Value: "v1_vYHjvzeV78fjXp6DxgFxbw=="
.quantserve.com/	1970-01-20 22:26:29	Name: d Value: EKEBDAHgK7mvYA
.quantserve.com/	1970-01-21 05:47:08	Name: mc Value: 6632ee7b-2300d-f1517-31cad
.eyeota.net/	1970-01-20 20:16:54	Name: SERVERID Value: 23971~DM
.casalemedia.com/	1970-01-21 05:02:29	Name: CMID Value: ZjLue7mqPGkAAH9PBEmvEwAA
.casalemedia.com/	1970-01-20 22:26:29	Name: CMPS Value: 1174
.casalemedia.com/	1970-01-20 22:26:29	Name: CMPRO Value: 1174
.demdex.net/	1970-01-21 00:36:05	Name: dextp Value: 269-1-1714613882308\|358-1-1714613882409\|601-1-1714613882510\|771-1-1714613882610\|822-1-1714613882711\|1123-1-1714613882811\|1121-1-1714613882912\|903-1-1714613883013\|1175-1-1714613883113\|22052-1-1714613883214\|30064-1-1714613883314\|30646-1-1714613883415\|73426-1-1714613883515\|121998-1-1714613883616\|144230-1-1714613883716\|144231-1-1714613883817\|144232-1-1714613883917\|144233-1-1714613884018\|144234-1-1714613884118\|144235-1-1714613884219\|144236-1-1714613884319\|144237-1-1714613884420\|161033-1-1714613884520\|139200-1-1714613884621
.onaudience.com/	1970-01-21 05:02:29	Name: cookie Value: 130bf1714150b37b
.amazon-adsystem.com/	1970-01-21 02:08:15	Name: ad-id Value: A2FiStHEn03bjpLRlX4vuAI
.amazon-adsystem.com/	1970-01-21 05:52:53	Name: ad-privacy Value: 0

253 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Access to XMLHttpRequest at 'https://dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json' from origin 'https://www.forestofirmino.com.br.oliveiramidias.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://scotiabank.com' that is not equal to the supplied origin.
network	error	URL: https://dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/8fd30bd010d9e2c7677ec339685f958b.woff
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/8fd30bd010d9e2c7677ec339685f958b.woff
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: OTS parsing error: invalid sfntVersion: 1008813135
recommendation	verbose	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/8fd30bd010d9e2c7677ec339685f958b.woff
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/8fd30bd010d9e2c7677ec339685f958b.woff
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/50805f331bb1b697aafb6f0c28b09212.woff2
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/50805f331bb1b697aafb6f0c28b09212.woff2
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/50805f331bb1b697aafb6f0c28b09212.woff2
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/50805f331bb1b697aafb6f0c28b09212.woff2
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/8fd30bd010d9e2c7677ec339685f958b.woff
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/50805f331bb1b697aafb6f0c28b09212.woff2
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/8fd30bd010d9e2c7677ec339685f958b.woff
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/50805f331bb1b697aafb6f0c28b09212.woff2
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/8fd30bd010d9e2c7677ec339685f958b.woff
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/50805f331bb1b697aafb6f0c28b09212.woff2
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/8fd30bd010d9e2c7677ec339685f958b.woff
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: Failed to decode downloaded font: https://www.forestofirmino.com.br.oliveiramidias.com/assets/50805f331bb1b697aafb6f0c28b09212.woff2
other	warning	URL: https://dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js Message: OTS parsing error: invalid sfntVersion: 1008813135
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.forestofirmino.com.br.oliveiramidias.com/s/NOVASCOT/5e18e/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.everesttech.net
csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com
dlslhpkfqfglo.cloudfront.net
dmtags.scotiabank.com
dpm.demdex.net
invalid
scotiabank.demdex.net
somniture.scotiabank.com
www.forestofirmino.com.br.oliveiramidias.com
dmtags.scotiabank.com
invalid
192.185.210.203
2600:9000:2670:e600:d:e6dd:f300:21
2a02:26f0:1700:194::51e
3.248.114.134
52.16.30.197
52.210.155.25
54.228.206.60
63.140.62.222
0d70971f1808de44689a03f751d4066227e0e2d4a064affba1aa570f1626ac01
1e42e8ede35da060c962534c02b69a04d8e66585071dfb5b81ab515745b51f8a
25170e0d4b15102cfa35f1855a031a62bbc7835cf4e1700c619f3dc900e77711
273c50a864b127786c0182dc5a675e0efb522ec58e11f3ce30dab61be13f74f4
312d8f2dc44f874c2a45fe38556d1a4ca89d97587dbe5da941c85f9f6a6044d1
416d9db2d794e184d13131d8fb84940dc4727c158281734eae4120a8637e96d0
432bdcaeac556841bbcae2c2573562ecdd13161fe8fc121fa4e5dc18ec37e707
57e92a0e4b9e3f59d3572f912611ee9525dec4227e2e5dfb46ed94a4806c4775
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
6cfc860a885ceab79150648390d0f30b7bbbd31381760b3775ccea55713cbff4
7506a32b44029709cdf5d48589b32a5450689e3acea7440d6c5871137b6c3719
775536911c28c7be0a1e35d3ccf316d8ac79128ffc439a58d068e8dc8bb14681
7e4dd401ec6555157a0d3934d81f11e832311549c08f215980c4040c08cbb889
92dc2c5aae48d8630ca1eff5b366fd3f8929a4873f4f790ac79ca09bc91c962e
a0584d2aac27b1eeb606fb8790ecf625eaff4662cc7bea7e479b126501af7f71
bafdfc3ff688f329d8c4e648c375e929c4a54c1245d563a6841cecc65addd6b1
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
c34c500f08ebe23a81e67e6518dc4737afd96905596c54158d205f6d70afb614
e2325008c6297b61a1e294f09385de5675e528bff025d1aef9da4514b1688cfa
e24b45cf0914dc90c1a41f163118d8baf221ae51ca9c855d7da6071f15661ed6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.forestofirmino.com.br.oliveiramidias.com Open in urlscan Pro 192.185.210.203 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

85 %HTTPS

25 %IPv6

7 Domains

9 Subdomains

8 IPs

3 Countries

947 kBTransfer

2898 kBSize

24 Cookies

6 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

57 JavaScript Global Variables

24 Cookies

www.forestofirmino.com.br.oliveiramidias.com Open in urlscan Pro
192.185.210.203 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

85 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

947 kB
Transfer

2898 kB
Size

24
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!