api.scotiacolpseguro.win

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 172.67.145.151, located in United States and belongs to CLOUDFLARENET, US. The main domain is api.scotiacolpseguro.win.
TLS certificate: Issued by WE1 on June 18th 2024. Valid for: 3 months.

This is the only time api.scotiacolpseguro.win was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Scotiabank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1 8	172.67.145.151 172.67.145.151		13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	1

8 172.67.145.151 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api.scotiacolpseguro.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	scotiacolpseguro.win 1 redirects api.scotiacolpseguro.win	110 KB
7	1

	Domain	Requested by
8	api.scotiacolpseguro.win	1 redirects api.scotiacolpseguro.win
7	1

This site contains no links.

Subject Issuer	Validity	Valid
scotiacolpseguro.win WE1	`2024-06-18` - `2024-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f
Frame ID: A708CCE13285924E306A1282E533A8FF
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Virtual

Page URL History Show full URLs

https://api.scotiacolpseguro.win/ HTTP 302
https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68af... Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

110 kB
Transfer

181 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://api.scotiacolpseguro.win/ HTTP 302
https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response api.scotiacolpseguro.win/virtual/login/ Redirect Chain https://api.scotiacolpseguro.win/ https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048...	59 KB 7 KB	139ms 138ms	Document text/html	172.67.145.151 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.151 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `1d7a6cb684ffc4acfcbf4060bdc868bd21453124fa667c757e5839057288790a` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 896f59b69bff4d7f-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 20 Jun 2024 22:56:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Scw8IYITpTyWQykEVwFtD2oMlg7exvxFvRBvxWqNPXseTX5PH7e7O9RDC3kfP4oFd%2FhI0X8a1lbN9nE0Bdi20biIwHqPe1xQc0ARyokDK8oEsHgrBw5hVQ9GJFDOItULU4qE%2BIvdNhjpK5s%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 896f59b28fdd4d7f-FRA content-type text/html; charset=UTF-8 date Thu, 20 Jun 2024 22:56:08 GMT location /virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=29B3GCGiRMNfm4VVq9NM1ZY6fwWOcVI%2B663dtp5p3fRdu29uiQcTqvJfqh50coh3NkFjJOPh53OyKDGCknEnI%2F%2FQnu5TaODD6s2HmDbVbqYVAzQlysOarh3t2zA%2BpDkegZnGpHPZ9wpiOPg%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33
GET H3	200	logo-red.svg api.scotiacolpseguro.win/canvas/svgs/logos/	12 KB 5 KB	654ms 652ms	Image image/svg+xml	172.67.145.151 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://api.scotiacolpseguro.win/canvas/svgs/logos/logo-red.svg Requested by Host: api.scotiacolpseguro.win URL: https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.151 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2933c5c27784b1869ba9534af1f8ebd72d151dd5a7e581b588d5a36406c8956e` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 22:56:09 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 03 Oct 2023 19:43:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2e95-606d51ab2f380" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hONwb1%2BHXDu1YDvBtGPz0bsXigypGQXkLSB90iI294weC%2BUP%2FCOxWWb26wMyrRsSt6sgRvQUaE%2F03IjTaRad2NdFl7uoZxuyZ%2BDAFl9mbw1ygH84SSHbB41qrQdUZJAK7xxOHQWBRJPyh%2Fc%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 896f59b89dc44d7f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	logo-symbol-red.svg api.scotiacolpseguro.win/canvas/svgs/logos/	2 KB 2 KB	691ms 690ms	Image image/svg+xml	172.67.145.151 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://api.scotiacolpseguro.win/canvas/svgs/logos/logo-symbol-red.svg Requested by Host: api.scotiacolpseguro.win URL: https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.151 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `192acd11e276a8a6131abbf54aa56e6563eaf3203ea4b7394ad2c88227e358b8` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 22:56:09 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 03 Oct 2023 19:46:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"9fc-606d5276512c0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hf9TOVboTERmjnfkLgScdDhN%2Bp36IbAArSoJWA0IC3zKEKUicKhgZtLeJFBjWQQQy0jgCZ4O0P4qY3WkFaxrc7eIl2uoRIGqOAZ8HMPwht4HlbP%2F9jHQkfoOLlofpwRI4awWoqIOXba%2B7Us%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 896f59b89dc74d7f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	Scotia_W_Headline.5a532caa3319ee5c.woff api.scotiacolpseguro.win/virtual/login/	32 KB 32 KB	678ms 677ms	Font font/woff	172.67.145.151 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.scotiacolpseguro.win/virtual/login/Scotia_W_Headline.5a532caa3319ee5c.woff Requested by Host: api.scotiacolpseguro.win URL: https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.151 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `259699b7407833766a8f4e931644d014f145653439a62fc1a7167f1d3a940e25` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f Origin https://api.scotiacolpseguro.win Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 22:56:09 GMT cf-cache-status REVALIDATED last-modified Tue, 03 Oct 2023 19:41:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "7e08-606d5124b7640" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bBSEY9TIOX5OV6PsYlbZRIW53JHkzM0PgDzwL9YA%2BZOLYkWOnzvaETYx9dkJgabMoI0k3m3KF%2FjDfSed0f%2FUVA8BfKhx3W5O%2FTOJZjj%2BuX%2FR128dUwWwAhzRFRb%2Fr7kpONKMVlfq3MzSHAE%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 896f59b8adde4d7f-FRA alt-svc h3=":443"; ma=86400 content-length 32264
GET H3	200	Scotia_W_Rg.a53c6af4aaff8c13.woff api.scotiacolpseguro.win/virtual/login/	30 KB 30 KB	653ms 652ms	Font font/woff	172.67.145.151 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.scotiacolpseguro.win/virtual/login/Scotia_W_Rg.a53c6af4aaff8c13.woff Requested by Host: api.scotiacolpseguro.win URL: https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.151 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5f45b253b0621b40b352b1ec52c4b2066bca8e71c5ac54d922459fc8109d9366` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f Origin https://api.scotiacolpseguro.win Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 22:56:09 GMT cf-cache-status REVALIDATED last-modified Tue, 03 Oct 2023 19:41:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "77c0-606d51269fac0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d6irdKv7cTqcSwmFO936m4ahBdcyXT8gREAVlWLaZtCqv%2FUmFHgKK%2BPnireIKD%2FOLJE6ceWQrnzcbhfEXAB67BeKap%2B8g91eco%2BiY9qHBnQS%2BkYEyP8c3dY8vceihp7ZcbMuzVXk84NZnww%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 896f59b8addf4d7f-FRA alt-svc h3=":443"; ma=86400 content-length 30656
GET H3	200	Scotia_W_Bd.627aff1c32d06c15.woff api.scotiacolpseguro.win/virtual/login/	31 KB 32 KB	666ms 665ms	Font font/woff	172.67.145.151 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.scotiacolpseguro.win/virtual/login/Scotia_W_Bd.627aff1c32d06c15.woff Requested by Host: api.scotiacolpseguro.win URL: https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.151 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5037b298c4193baf7e920bee2999d2ab852db7a3b6b09a38c25a78db92baf69b` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f Origin https://api.scotiacolpseguro.win Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 22:56:09 GMT cf-cache-status REVALIDATED last-modified Tue, 03 Oct 2023 19:41:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "7c34-606d5121daf80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frDGAoFOahCn34ylCw4OwuvylJIs9%2BbXCHNMCZ%2Fo7lRzgi1oVasYqbrMuI79WVEfujszUXQZ8%2FPAQtrLoUyBlu35j1cJWyIarhZQO7LL2HqXb%2BNjoWT54paRw7lSgfnj7GYNaGLV1FlpHh0%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 896f59b8cdeb4d7f-FRA alt-svc h3=":443"; ma=86400 content-length 31796
GET H3	200	favicon.ico api.scotiacolpseguro.win/	16 KB 2 KB	49ms 49ms	Other image/x-icon	172.67.145.151 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.scotiacolpseguro.win/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.151 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fe40e89bbfd0f07f717648028b9683f75944795160154613862773353316b2aa` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://api.scotiacolpseguro.win/virtual/login/?key=7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.7ff509deb4048ab5a83c68affa30838f.1&__hssc=7ff509deb4048ab5a83c68affa30838f.1.7ff509deb4048ab5a83c68affa30838f&__hsfp=7ff509deb4048ab5a83c68affa30838f Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 22:56:09 GMT content-encoding br cf-cache-status HIT last-modified Tue, 03 Oct 2023 19:41:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6945 etag W/"403e-606d511ff2b00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fzGDOOhnQ83J6VSCBoVh2Ix7Kvh0PRlmGSpvBVnHtRPb94JyANuOr7fr6TTf0lY%2Fe0YQdmSfPwd9uSycqO9LiOc21JvSdJfoPL7NmnUWLfHnFH0WqrliWWxbln6ZCU%2F3gQ9SXAVyKADCuPY%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 896f59bd6acc4d7f-FRA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Scotiabank (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.scotiacolpseguro.win
172.67.145.151
192acd11e276a8a6131abbf54aa56e6563eaf3203ea4b7394ad2c88227e358b8
1d7a6cb684ffc4acfcbf4060bdc868bd21453124fa667c757e5839057288790a
259699b7407833766a8f4e931644d014f145653439a62fc1a7167f1d3a940e25
2933c5c27784b1869ba9534af1f8ebd72d151dd5a7e581b588d5a36406c8956e
5037b298c4193baf7e920bee2999d2ab852db7a3b6b09a38c25a78db92baf69b
5f45b253b0621b40b352b1ec52c4b2066bca8e71c5ac54d922459fc8109d9366
fe40e89bbfd0f07f717648028b9683f75944795160154613862773353316b2aa

api.scotiacolpseguro.win Open in urlscan Pro 172.67.145.151 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

110 kBTransfer

181 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

Indicators

api.scotiacolpseguro.win Open in urlscan Pro
172.67.145.151 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

110 kB
Transfer

181 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!