urlscan.io logo urlscan.io
SecurityTrails logo

ln.ser-ute.173-211-46-69.cprapid.com Open in urlscan Pro
173.211.46.69  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://verifica-dati-binance.com/wrjnms-loa
Effective URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Submission: On June 25 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 173.211.46.69, located in Los Angeles, United States and belongs to CDNEXT, GB. The main domain is ln.ser-ute.173-211-46-69.cprapid.com.
TLS certificate: Issued by R11 on June 24th 2024. Valid for: 3 months.
This is the only time ln.ser-ute.173-211-46-69.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Desio (Banking)

Domain & IP information

IP Address AS Autonomous System
2 2 159.100.6.5 44066 (DE-FIRSTC...)
3 17 173.211.46.69 212238 (CDNEXT)
2 184.24.77.47 20940 (AKAMAI-ASN1)
1 3 34.252.224.238 16509 (AMAZON-02)
2 23.212.223.254 16625 (AKAMAI-AS)
1 108.128.43.116 16509 (AMAZON-02)
1 63.140.62.17 15224 (OMNITURE)
1 1 54.194.32.70 16509 (AMAZON-02)
22 6
2    159.100.6.5 (Germany)

ASN44066 (DE-FIRSTCOLO firstcolo.net, DE)
PTR: cp5.ultahost.com
verifica-dati-binance.com
17    173.211.46.69 (Los Angeles, United States)

ASN212238 (CDNEXT, GB)
PTR: nokpsdflkonbaorcmf.healthdataco.com
ln.ser-ute.173-211-46-69.cprapid.com
2    184.24.77.47 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-47.deploy.static.akamaitechnologies.com
ds-aksb-a.akamaihd.net
3    34.252.224.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-224-238.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    23.212.223.254 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-223-254.deploy.static.akamaitechnologies.com
dmtags.scotiabank.com
1    108.128.43.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-43-116.eu-west-1.compute.amazonaws.com
scotiabank.demdex.net
1    63.140.62.17 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net
somniture.scotiabank.com
1    54.194.32.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-32-70.eu-west-1.compute.amazonaws.com
cm.everesttech.net
Apex Domain
Subdomains		 Transfer
17 cprapid.com
ln.ser-ute.173-211-46-69.cprapid.com
7 MB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 242
scotiabank.demdex.net — Cisco Umbrella Rank: 134021
4 KB
3 scotiabank.com
dmtags.scotiabank.com — Cisco Umbrella Rank: 130505
somniture.scotiabank.com — Cisco Umbrella Rank: 119877
15 KB
2 akamaihd.net
ds-aksb-a.akamaihd.net — Cisco Umbrella Rank: 8306
5 KB
2 verifica-dati-binance.com
verifica-dati-binance.com
347 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1336
490 B
22 6
Domain Requested by
17 ln.ser-ute.173-211-46-69.cprapid.com 3 redirects ln.ser-ute.173-211-46-69.cprapid.com
3 dpm.demdex.net 1 redirects ln.ser-ute.173-211-46-69.cprapid.com
2 dmtags.scotiabank.com ln.ser-ute.173-211-46-69.cprapid.com
2 ds-aksb-a.akamaihd.net ln.ser-ute.173-211-46-69.cprapid.com
2 verifica-dati-binance.com 2 redirects
1 cm.everesttech.net 1 redirects
1 somniture.scotiabank.com ln.ser-ute.173-211-46-69.cprapid.com
1 scotiabank.demdex.net ln.ser-ute.173-211-46-69.cprapid.com
22 8

This site contains links to these domains. Also see Links.

Domain
ihbnext.cedacri.it
Subject Issuer Validity Valid
cpcontacts.ln.ser-ute.173-211-46-69.cprapid.com
R11		 2024-06-24 -
2024-09-22		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-18 -
2025-04-19		 a year crt.sh
apps.scotiabank.com
Entrust Certification Authority - L1K		 2023-11-21 -
2024-12-21		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
somniture.scotiabank.com
Entrust Certification Authority - L1K		 2023-08-21 -
2024-09-21		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Frame ID: AEFBBFE448E3CB76AA6BE2683308F0ED
Requests: 21 HTTP requests in this frame

Frame: https://scotiabank.demdex.net/dest5.html?d_nsid=0
Frame ID: 9DE2D369D91E2C929F834BB6139333F6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Account | Banco Desio

Page URL History Show full URLs

  1. https://verifica-dati-binance.com/wrjnms-loa HTTP 301
    https://verifica-dati-binance.com/wrjnms-loa/ HTTP 302
    https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed HTTP 301
    https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/ HTTP 302
    https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/checkclient.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd HTTP 302
    https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Page Statistics

22
Requests

91 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

6
IPs

3
Countries

6746 kB
Transfer

6773 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://verifica-dati-binance.com/wrjnms-loa HTTP 301
    https://verifica-dati-binance.com/wrjnms-loa/ HTTP 302
    https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed HTTP 301
    https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/ HTTP 302
    https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/checkclient.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd HTTP 302
    https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1719326515376 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1719326515376
Request Chain 15
  • https://cm.everesttech.net/cm/dd?d_uuid=82670548084171270440739297106181228773 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnrXNAAAAK1lagNx

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/
Redirect Chain
  • https://verifica-dati-binance.com/wrjnms-loa
  • https://verifica-dati-binance.com/wrjnms-loa/
  • https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed
  • https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/
  • https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/checkclient.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
  • https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
53 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.211.46.69 Los Angeles, United States, ASN212238 (CDNEXT, GB),
Reverse DNS
nokpsdflkonbaorcmf.healthdataco.com
Software
Apache /
Resource Hash
e46cc6bdfd9597f8ebe594cfb61fccbe87e8b768c8abb46ae5e10de56ed67c6b

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 25 Jun 2024 14:41:53 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 25 Jun 2024 14:41:53 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5
Location
it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Pragma
no-cache
Server
Apache
styles.86a72d8001092c40e429.css
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.211.46.69 Los Angeles, United States, ASN212238 (CDNEXT, GB),
Reverse DNS
nokpsdflkonbaorcmf.healthdataco.com
Software
Apache /
Resource Hash
0d3fb2e7ae7c73168ae60ea986f26e12d61f78c9632d39b4a2c4654c00250fb8

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:54 GMT
Last-Modified
Mon, 16 Jan 2023 10:32:55 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1363500
094054a424e3-launch-edbf66c903b6.min.js
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/ 		238 KB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/094054a424e3-launch-edbf66c903b6.min.js
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.211.46.69 Los Angeles, United States, ASN212238 (CDNEXT, GB),
Reverse DNS
nokpsdflkonbaorcmf.healthdataco.com
Software
Apache /
Resource Hash
03225d14336379353bc306d8a809ea367fd0c30491c43c96918aa68783d1d9b0

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:54 GMT
Last-Modified
Mon, 16 Jan 2023 10:32:55 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
244003
aksb.min.js
ds-aksb-a.akamaihd.net/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ds-aksb-a.akamaihd.net/aksb.min.js
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.47 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-47.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Unused62
8096267
Date
Tue, 25 Jun 2024 14:41:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 18:25:26 GMT
Server
Apache
ETag
"15de19f42b35806faf815298644157e0:1535653526"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
4826
new-dmobile.png
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/new-dmobile.png
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.211.46.69 Los Angeles, United States, ASN212238 (CDNEXT, GB),
Reverse DNS
nokpsdflkonbaorcmf.healthdataco.com
Software
Apache /
Resource Hash
fde6372895f5b115abe65c37ae2a4f4769e43cfb6d826eb3f256477e6bb17fe0

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:54 GMT
Last-Modified
Mon, 16 Jan 2023 10:32:55 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
22094
icons8-region-50.png
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/icons8-region-50.png
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.211.46.69 Los Angeles, United States, ASN212238 (CDNEXT, GB),
Reverse DNS
nokpsdflkonbaorcmf.healthdataco.com
Software
Apache /
Resource Hash
647869f1f836569f0ec4de08c629ffc442525b5ea97913fd90dc009caedd5649

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:54 GMT
Last-Modified
Mon, 16 Jan 2023 10:32:55 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1131
icons8-phone-50.png
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/icons8-phone-50.png
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.211.46.69 Los Angeles, United States, ASN212238 (CDNEXT, GB),
Reverse DNS
nokpsdflkonbaorcmf.healthdataco.com
Software
Apache /
Resource Hash
114ea0b2dfbba7ae939b3b84ce79969942a5eb9a06a84d1315a05cb9b45f7341

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:54 GMT
Last-Modified
Mon, 16 Jan 2023 10:32:55 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
990
.-6643-resource-loader.js
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/ 		221 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/.-6643-resource-loader.js
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.211.46.69 Los Angeles, United States, ASN212238 (CDNEXT, GB),
Reverse DNS
nokpsdflkonbaorcmf.healthdataco.com
Software
Apache /
Resource Hash
0c4aa449c09de4bc7447e0cb5c76bb62c5bc82d3bb806678a2180165ba78a696

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:54 GMT
Last-Modified
Mon, 16 Jan 2023 10:32:55 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
221
.-6607-runtime.eff227375d548a03d4a2.js
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/.-6607-runtime.eff227375d548a03d4a2.js
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.211.46.69 Los Angeles, United States, ASN212238 (CDNEXT, GB),
Reverse DNS
nokpsdflkonbaorcmf.healthdataco.com
Software
Apache /
Resource Hash
bdcedcc0085acc0e4d5a4489b2d73c2aae3f918b17f31bafcf4d8e8b1cc772be

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:54 GMT
Last-Modified
Mon, 16 Jan 2023 10:32:55 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1492
.-6204-main.b454267499c8d1dd0ee2.chunk.js
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/ 		5 MB
5 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/.-6204-main.b454267499c8d1dd0ee2.chunk.js
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.211.46.69 Los Angeles, United States, ASN212238 (CDNEXT, GB),
Reverse DNS
nokpsdflkonbaorcmf.healthdataco.com
Software
Apache /
Resource Hash
1005d7e1cdba845abaf190203acd62ca9e994414be24e46ea8878be1374e2438

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:54 GMT
Last-Modified
Mon, 16 Jan 2023 10:32:55 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
5122630
dF0
ln.ser-ute.173-211-46-69.cprapid.com/oJ0d/zt7x/3MnMW/33wsw/EcJYmNQk/ORoxZ2Ms/cVo0BWdH/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ln.ser-ute.173-211-46-69.cprapid.com/oJ0d/zt7x/3MnMW/33wsw/EcJYmNQk/ORoxZ2Ms/cVo0BWdH/dF0
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.211.46.69 Los Angeles, United States, ASN212238 (CDNEXT, GB),
Reverse DNS
nokpsdflkonbaorcmf.healthdataco.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:54 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1719326515376
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1719326515376
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1719326515376
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Protocol
H2
Server
34.252.224.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-224-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ca4198ed60b7345e008af4c10c8ef0799d36bbd1f872d78b7e0956a1459e05b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

dcs
dcs-prod-irl1-2-v061-0c9211916.edge-irl1.demdex.com 4 ms
pragma
no-cache
date
Tue, 25 Jun 2024 14:41:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
yqf/0ktmTws=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://ln.ser-ute.173-211-46-69.cprapid.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1725
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v061-0be822b23.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Tue, 25 Jun 2024 14:41:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
9dP6cYWkQwI=
vary
Origin
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1719326515376
access-control-allow-origin
https://ln.ser-ute.173-211-46-69.cprapid.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/b7f9de2492b6/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/b7f9de2492b6/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/094054a424e3-launch-edbf66c903b6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.212.223.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-223-254.deploy.static.akamaitechnologies.com
Software
nginx/1.23.3 /
Resource Hash
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
12163
x-xss-protection
1; mode=block
Last-Modified
Wed, 12 Jun 2024 21:30:46 GMT
Server
nginx/1.23.3
ETag
"666a1386-8315"
Vary
Accept-Encoding, origin
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://scotiabank.com
x-vcap-request-id
89a3c666-b1eb-4c91-7964-4691b8111008
Cache-Control
private
Accept-Ranges
bytes
AppMeasurement_Module_ActivityMap.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/b7f9de2492b6/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/b7f9de2492b6/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/094054a424e3-launch-edbf66c903b6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.212.223.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-223-254.deploy.static.akamaitechnologies.com
Software
nginx/1.23.3 /
Resource Hash
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
1597
x-xss-protection
1; mode=block
Last-Modified
Wed, 12 Jun 2024 21:26:00 GMT
Server
nginx/1.23.3
ETag
"666a1268-ce5"
Vary
Accept-Encoding, origin
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://scotiabank.com
x-vcap-request-id
ea31cf9e-de3f-430f-6cdc-1b0720f50092
Cache-Control
private
Accept-Ranges
bytes
dest5.html
scotiabank.demdex.net/ Frame 9DE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://scotiabank.demdex.net/dest5.html?d_nsid=0
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/094054a424e3-launch-edbf66c903b6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.128.43.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-43-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 25 Jun 2024 14:41:56 GMT
dcs
dcs-prod-irl1-1-v061-0dea3b766.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 9 May 2024 11:55:32 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
HoS04ZCPSD8=
id
somniture.scotiabank.com/ 		48 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://somniture.scotiabank.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=91987909478335384540527013378069702135&ts=1719326515950
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/js/094054a424e3-launch-edbf66c903b6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.17 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-17.data.adobedc.net
Software
jag /
Resource Hash
8eebca5d5201dfffb388cb15cc50ff2b9b40b46508a557ab4e5b23b40c2f5bd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 25 Jun 2024 14:41:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://ln.ser-ute.173-211-46-69.cprapid.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZnrXNAAAAK1lagNx
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=82670548084171270440739297106181228773
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnrXNAAAAK1lagNx
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnrXNAAAAK1lagNx
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
Protocol
H2
Server
34.252.224.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-224-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

dcs
dcs-prod-irl1-2-v061-0eb52e419.edge-irl1.demdex.com 6 ms
pragma
no-cache
date
Tue, 25 Jun 2024 14:41:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
CRI6q0I1SN4=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnrXNAAAAK1lagNx
Date
Tue, 25 Jun 2024 14:41:56 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
mobile-phone.png
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/mobile-phone.png
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.211.46.69 Los Angeles, United States, ASN212238 (CDNEXT, GB),
Reverse DNS
nokpsdflkonbaorcmf.healthdataco.com
Software
Apache /
Resource Hash
4aa0cb13c447cd5d35729bf6bf5cd8a799834df440c838041646ebb8d8488926

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:58 GMT
Last-Modified
Mon, 16 Jan 2023 10:32:55 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
6142
assets-8fd30bd010d9e2c7677ec339685f958b.woff
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/fonts/assets-8fd30bd010d9e2c7677ec339685f958b.woff
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.211.46.69 Los Angeles, United States, ASN212238 (CDNEXT, GB),
Reverse DNS
nokpsdflkonbaorcmf.healthdataco.com
Software
Apache /
Resource Hash
5f45b253b0621b40b352b1ec52c4b2066bca8e71c5ac54d922459fc8109d9366

Request headers

Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
Origin
https://ln.ser-ute.173-211-46-69.cprapid.com
Accept-Language
it-IT,it;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:58 GMT
Last-Modified
Mon, 16 Jan 2023 10:32:55 GMT
Server
Apache
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
30656
assets-00cecde981e3ef7491eba946f4b95fe0.woff
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/fonts/assets-00cecde981e3ef7491eba946f4b95fe0.woff
Requested by
Host: ln.ser-ute.173-211-46-69.cprapid.com
URL: https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.211.46.69 Los Angeles, United States, ASN212238 (CDNEXT, GB),
Reverse DNS
nokpsdflkonbaorcmf.healthdataco.com
Software
Apache /
Resource Hash
5037b298c4193baf7e920bee2999d2ab852db7a3b6b09a38c25a78db92baf69b

Request headers

Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/css/styles.86a72d8001092c40e429.css
Origin
https://ln.ser-ute.173-211-46-69.cprapid.com
Accept-Language
it-IT,it;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:58 GMT
Last-Modified
Mon, 16 Jan 2023 10:32:55 GMT
Server
Apache
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
31796
favicon.ico
ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/images/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.211.46.69 Los Angeles, United States, ASN212238 (CDNEXT, GB),
Reverse DNS
nokpsdflkonbaorcmf.healthdataco.com
Software
Apache /
Resource Hash
15db266fd7466c7e8d763d0afbbe4b4fed1ed4e147682120289064c9f2e9f540

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php?&sessionid=4d07b3b6dece4d8cc66ee117a56278cd
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 25 Jun 2024 14:41:59 GMT
Last-Modified
Mon, 16 Jan 2023 10:32:55 GMT
Server
Apache
Content-Type
image/x-icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1150
b
ds-aksb-a.akamaihd.net/2/682023/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ds-aksb-a.akamaihd.net/2/682023/b?dE=0&cS=0&cE=0&rqS=1&rsS=246&rsE=543&sS=&dl=249&di=5281&fp=8190&dlS=5281&dlE=5281&dc=5673&leS=5673&leE=5674&to=&ol=0&cr=8&mt=&mb=&b=133377&u=https%3A//ln.ser-ute.173-211-46-69.cprapid.com/nu-sed/it/index.php&ua=Mozilla/5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2014_7_1%20like%20Mac%20OS%20X%29%20AppleWebKit/605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Version/14.1.2%20Mobile/15E148%20Safari/604.1&pl=iPhone&us=&gh=104.98.118.53&t=&rid=29973540&r=36315&akM=b&akN=ae&vc=14:17&bpcip=c7a7c900&akTX=1&akTI=29973540&ai=447106&pmgn=&pmgi=&pmp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.47 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ln.ser-ute.173-211-46-69.cprapid.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Pragma
no-cache
Date
Tue, 25 Jun 2024 14:41:59 GMT
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store, private
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Tue, 25 Jun 2024 14:41:59 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Desio (Banking)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| w object| d object| AKSB number| resources object| REDUX_STATE object| webpackJsonp object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| appEventData number| _dataLayerOverwriteMonitor function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s object| antiClickjack object| RT

19 Cookies

Domain/Path Name / Value
ln.ser-ute.173-211-46-69.cprapid.com/ Name: PHPSESSID
Value: 26cb7484ac0ae8064802f17a55b4b4be
.demdex.net/ Name: demdex
Value: 82670548084171270440739297106181228773
.ser-ute.173-211-46-69.cprapid.com/ Name: AMCVS_0AAF22CE52827A080A490D4D%40AdobeOrg
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 82670548084171270440739297106181228773
.ser-ute.173-211-46-69.cprapid.com/ Name: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19900%7CMCMID%7C91987909478335384540527013378069702135%7CMCAAMLH-1719931315%7C6%7CMCAAMB-1719931315%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1719333716s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19907%7CvVersion%7C5.4.0
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnQes1JcnnwsHOJoDAWv30UaYyGXLqpD6UC5kkc7rkfgg5yeTD0POuK0_B1rhA
.mathtag.com/ Name: uuid
Value: 9877667a-d735-4000-a73d-c768c3a1e9f3
.twitter.com/ Name: personalization_id
Value: "v1_5tPYkzAIdRIY1uPWudrDVQ=="
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2NrIwNjc1MLcwtRTiM9T1CIoqCTTzKs01dXYCAOFUYDMlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2NrIwNjc1MLcwtRTiM9T1CIoqCTTzKs01dXYCAOFUYDMlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFxGtobmhpbGRmamhubGABAN5abuQQAAAA
.eyeota.net/ Name: SERVERID
Value: 20696~DM
.quantserve.com/ Name: d
Value: ENABDAGWLLmvYA
.quantserve.com/ Name: mc
Value: 667ad735-95e5c-9eb38-db495
.demdex.net/ Name: dextp
Value: 269-1-1719326516333|358-1-1719326516434|601-1-1719326516535|771-1-1719326516635|822-1-1719326516736|1123-1-1719326516837|1121-1-1719326516938|903-1-1719326517038|1175-1-1719326517139|22052-1-1719326517240|30064-1-1719326517340|30646-1-1719326517441|73426-1-1719326517541|121998-1-1719326517642|144230-1-1719326517743|144231-1-1719326517844|144232-1-1719326517944|144233-1-1719326518045|144234-1-1719326518147|144235-1-1719326518248|144236-1-1719326518351|144237-1-1719326518453|161033-1-1719326518557|139200-1-1719326518657
.onaudience.com/ Name: cookie
Value: e5b63c9d68dde099
.amazon-adsystem.com/ Name: ad-id
Value: A1fIRgx3WUGIrs-G5rXDkD0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://ln.ser-ute.173-211-46-69.cprapid.com/oJ0d/zt7x/3MnMW/33wsw/EcJYmNQk/ORoxZ2Ms/cVo0BWdH/dF0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.everesttech.net
dmtags.scotiabank.com
dpm.demdex.net
ds-aksb-a.akamaihd.net
ln.ser-ute.173-211-46-69.cprapid.com
scotiabank.demdex.net
somniture.scotiabank.com
verifica-dati-binance.com
108.128.43.116
159.100.6.5
173.211.46.69
184.24.77.47
23.212.223.254
34.252.224.238
54.194.32.70
63.140.62.17
03225d14336379353bc306d8a809ea367fd0c30491c43c96918aa68783d1d9b0
0c4aa449c09de4bc7447e0cb5c76bb62c5bc82d3bb806678a2180165ba78a696
0d3fb2e7ae7c73168ae60ea986f26e12d61f78c9632d39b4a2c4654c00250fb8
1005d7e1cdba845abaf190203acd62ca9e994414be24e46ea8878be1374e2438
114ea0b2dfbba7ae939b3b84ce79969942a5eb9a06a84d1315a05cb9b45f7341
15db266fd7466c7e8d763d0afbbe4b4fed1ed4e147682120289064c9f2e9f540
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
4aa0cb13c447cd5d35729bf6bf5cd8a799834df440c838041646ebb8d8488926
5037b298c4193baf7e920bee2999d2ab852db7a3b6b09a38c25a78db92baf69b
5f45b253b0621b40b352b1ec52c4b2066bca8e71c5ac54d922459fc8109d9366
647869f1f836569f0ec4de08c629ffc442525b5ea97913fd90dc009caedd5649
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
8eebca5d5201dfffb388cb15cc50ff2b9b40b46508a557ab4e5b23b40c2f5bd6
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
bdcedcc0085acc0e4d5a4489b2d73c2aae3f918b17f31bafcf4d8e8b1cc772be
ca4198ed60b7345e008af4c10c8ef0799d36bbd1f872d78b7e0956a1459e05b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46cc6bdfd9597f8ebe594cfb61fccbe87e8b768c8abb46ae5e10de56ed67c6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fde6372895f5b115abe65c37ae2a4f4769e43cfb6d826eb3f256477e6bb17fe0