g4officeinstallations.com Open in urlscan Pro
69.49.247.240 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline...
Submission: On March 18 via manual (March 18th 2023, 2:48:29 pm UTC) from IN — Scanned from DE

Summary HTTP 22 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 22 HTTP transactions. The main IP is 69.49.247.240, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is g4officeinstallations.com.
TLS certificate: Issued by R3 on March 16th 2023. Valid for: 3 months.

This is the only time g4officeinstallations.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Scotiabank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
22	69.49.247.240 69.49.247.240		19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
22	1

22 69.49.247.240 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 69-49-247-240.webhostbox.net

g4officeinstallations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	g4officeinstallations.com g4officeinstallations.com	709 KB
22	1

	Domain	Requested by
22	g4officeinstallations.com	g4officeinstallations.com
22	1

This site contains links to these domains. Also see Links.

Domain
www.scotiabank.com
assets.kampyle.com

Subject Issuer	Validity	Valid
webmail.g4officeinstallations.com R3	`2023-03-16` - `2023-06-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en
Frame ID: 88486BF6AF0892AB4D2EB11803FFC5DD
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in | ScotiabankScotiabankScotiabank

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

709 kB
Transfer

708 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.scotiabank.com/ca/en/personal.html
Title: Scotiabank

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/personal/contact-us.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/about/contact-us/security.html
Title: Security

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/about/contact-us/legal.html
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/about/contact-us/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/personal/accessibility.html
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://assets.kampyle.com/resources/direct/form.html?region=prodCanada&websiteId=11757&formId=1127&bgclr=white
Title: Feedback

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.php Show response g4officeinstallations.com/press/	82 KB 82 KB	355ms 113ms	Document text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash `72bad2d6bc89bd373eb170e3e826a31bf8c12df5edfa9f1123540069db9de696` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Sat, 18 Mar 2023 14:48:22 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	styles.css g4officeinstallations.com/press/files/	626 KB 626 KB	147ms 109ms	Stylesheet text/css	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/files/styles.css Requested by Host: g4officeinstallations.com URL: https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash `d45f0960d5c02ef3ad47d795c25cdbbcd83625ca225d5593b4e2134b5ae4a5fa` Request headers accept-language de-DE,de;q=0.9 Referer https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Last-Modified Sat, 12 Jun 2021 10:07:40 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 640527
GET H/1.1	200 OK	7c428f63a00e5bd025fa159e8c94389f.svg g4officeinstallations.com/press/files/	537 B 783 B	326ms 109ms	Image image/svg+xml	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://g4officeinstallations.com/press/files/7c428f63a00e5bd025fa159e8c94389f.svg Requested by Host: g4officeinstallations.com URL: https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash `51bf40e3535dee036bec3df6d4b279b4373fb22cdd40632535932d6999f7e37e` Request headers accept-language de-DE,de;q=0.9 Referer https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Last-Modified Sat, 12 Jun 2021 10:07:40 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 537
GET H/1.1	404 Not Found	79cc1505bcf15f59a89c759511622c04.svg g4officeinstallations.com/press/files/assets/	315 B 315 B	109ms 109ms	Image text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://g4officeinstallations.com/press/files/assets/79cc1505bcf15f59a89c759511622c04.svg Requested by Host: g4officeinstallations.com URL: https://g4officeinstallations.com/press/files/styles.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language de-DE,de;q=0.9 Referer https://g4officeinstallations.com/press/files/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	15243e297f5364bd59f4088a864abbf7.woff g4officeinstallations.com/press/files/assets/	0 0	109ms 109ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/files/assets/15243e297f5364bd59f4088a864abbf7.woff Requested by Host: g4officeinstallations.com URL: https://g4officeinstallations.com/press/files/styles.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/files/styles.css Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	fd1c0f449fc8540f82c47e1629cbd5dd.woff2 g4officeinstallations.com/press/files/assets/	0 0	109ms 109ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/files/assets/fd1c0f449fc8540f82c47e1629cbd5dd.woff2 Requested by Host: g4officeinstallations.com URL: https://g4officeinstallations.com/press/files/styles.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/files/styles.css Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	8fd30bd010d9e2c7677ec339685f958b.woff g4officeinstallations.com/press/files/assets/	0 0	220ms 108ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/files/assets/8fd30bd010d9e2c7677ec339685f958b.woff Requested by Host: g4officeinstallations.com URL: https://g4officeinstallations.com/press/files/styles.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/files/styles.css Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	00cecde981e3ef7491eba946f4b95fe0.woff g4officeinstallations.com/press/files/assets/	0 0	220ms 109ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/files/assets/00cecde981e3ef7491eba946f4b95fe0.woff Requested by Host: g4officeinstallations.com URL: https://g4officeinstallations.com/press/files/styles.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/files/styles.css Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	3ca6c3facf3966b88b55118f7821ee72.woff2 g4officeinstallations.com/press/files/assets/	0 0	110ms 109ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/files/assets/3ca6c3facf3966b88b55118f7821ee72.woff2 Requested by Host: g4officeinstallations.com URL: https://g4officeinstallations.com/press/files/styles.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/files/styles.css Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	a214561fc17b4b34b7a363dea6547e20.woff g4officeinstallations.com/press/files/assets/	0 0	217ms 109ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/files/assets/a214561fc17b4b34b7a363dea6547e20.woff Requested by Host: g4officeinstallations.com URL: https://g4officeinstallations.com/press/files/styles.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/files/styles.css Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	50805f331bb1b697aafb6f0c28b09212.woff2 g4officeinstallations.com/press/files/assets/	0 0	109ms 108ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/files/assets/50805f331bb1b697aafb6f0c28b09212.woff2 Requested by Host: g4officeinstallations.com URL: https://g4officeinstallations.com/press/files/styles.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/files/styles.css Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	64a8523319c68ca5e492309a68af4a9e.woff2 g4officeinstallations.com/press/files/assets/	0 0	111ms 111ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/files/assets/64a8523319c68ca5e492309a68af4a9e.woff2 Requested by Host: g4officeinstallations.com URL: https://g4officeinstallations.com/press/files/styles.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/files/styles.css Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	15243e297f5364bd59f4088a864abbf7.woff g4officeinstallations.com/press/assets/	0 0	109ms 108ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/assets/15243e297f5364bd59f4088a864abbf7.woff Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	b80f217d987e2499bbeda3a508530b4f.ttf g4officeinstallations.com/press/files/assets/	0 0	109ms 108ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/files/assets/b80f217d987e2499bbeda3a508530b4f.ttf Requested by Host: g4officeinstallations.com URL: https://g4officeinstallations.com/press/files/styles.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/files/styles.css Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	8fd30bd010d9e2c7677ec339685f958b.woff g4officeinstallations.com/press/assets/	0 0	109ms 108ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/assets/8fd30bd010d9e2c7677ec339685f958b.woff Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	00cecde981e3ef7491eba946f4b95fe0.woff g4officeinstallations.com/press/assets/	0 0	109ms 109ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/assets/00cecde981e3ef7491eba946f4b95fe0.woff Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	3ca6c3facf3966b88b55118f7821ee72.woff2 g4officeinstallations.com/press/assets/	0 0	108ms 108ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/assets/3ca6c3facf3966b88b55118f7821ee72.woff2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=95 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	fd1c0f449fc8540f82c47e1629cbd5dd.woff2 g4officeinstallations.com/press/assets/	0 0	108ms 108ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/assets/fd1c0f449fc8540f82c47e1629cbd5dd.woff2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:24 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	50805f331bb1b697aafb6f0c28b09212.woff2 g4officeinstallations.com/press/assets/	0 0	109ms 108ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/assets/50805f331bb1b697aafb6f0c28b09212.woff2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:24 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	64a8523319c68ca5e492309a68af4a9e.woff2 g4officeinstallations.com/press/assets/	0 0	109ms 109ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/assets/64a8523319c68ca5e492309a68af4a9e.woff2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:24 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=95 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	a214561fc17b4b34b7a363dea6547e20.woff g4officeinstallations.com/press/assets/	0 0	109ms 109ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/assets/a214561fc17b4b34b7a363dea6547e20.woff Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:24 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	b80f217d987e2499bbeda3a508530b4f.ttf g4officeinstallations.com/press/assets/	0 0	109ms 109ms	Font text/html	69.49.247.240 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://g4officeinstallations.com/press/assets/b80f217d987e2499bbeda3a508530b4f.ttf Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.247.240 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-247-240.webhostbox.net Software Apache / Resource Hash Request headers Referer https://g4officeinstallations.com/press/login.php?page=%2Fuser-management%2Fconfirmation&returnURL=https%3A%2F%2Fwww1.scotiaonline.scotiabank.com%2Fonline%2Fauthentication%2Fauthentication.bns%3Flanguage%3DEnglish&setLng=en Origin https://g4officeinstallations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Sat, 18 Mar 2023 14:48:24 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 315 Content-Type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Scotiabank (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://g4officeinstallations.com/press/files/assets/79cc1505bcf15f59a89c759511622c04.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/files/assets/15243e297f5364bd59f4088a864abbf7.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/files/assets/fd1c0f449fc8540f82c47e1629cbd5dd.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/files/assets/8fd30bd010d9e2c7677ec339685f958b.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/files/assets/00cecde981e3ef7491eba946f4b95fe0.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/files/assets/3ca6c3facf3966b88b55118f7821ee72.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/files/assets/a214561fc17b4b34b7a363dea6547e20.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/files/assets/50805f331bb1b697aafb6f0c28b09212.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/files/assets/64a8523319c68ca5e492309a68af4a9e.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/assets/15243e297f5364bd59f4088a864abbf7.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/files/assets/b80f217d987e2499bbeda3a508530b4f.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/assets/8fd30bd010d9e2c7677ec339685f958b.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/assets/00cecde981e3ef7491eba946f4b95fe0.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/assets/3ca6c3facf3966b88b55118f7821ee72.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/assets/fd1c0f449fc8540f82c47e1629cbd5dd.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/assets/50805f331bb1b697aafb6f0c28b09212.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/assets/64a8523319c68ca5e492309a68af4a9e.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/assets/a214561fc17b4b34b7a363dea6547e20.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://g4officeinstallations.com/press/assets/b80f217d987e2499bbeda3a508530b4f.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

g4officeinstallations.com
69.49.247.240
51bf40e3535dee036bec3df6d4b279b4373fb22cdd40632535932d6999f7e37e
72bad2d6bc89bd373eb170e3e826a31bf8c12df5edfa9f1123540069db9de696
d45f0960d5c02ef3ad47d795c25cdbbcd83625ca225d5593b4e2134b5ae4a5fa
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

g4officeinstallations.com Open in urlscan Pro 69.49.247.240 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

709 kBTransfer

708 kBSize

0 Cookies

7 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

19 Console Messages

Indicators

g4officeinstallations.com Open in urlscan Pro
69.49.247.240 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

709 kB
Transfer

708 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!