et.interac-nb1.com Open in urlscan Pro
82.180.162.217 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://et.interac-nb1.com/sh/9j304I/scotiaonline/
Effective URL:
https://et.interac-nb1.com/sh/9j304I/scotiaonline/login.php?cmd=login_submit&id=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd...
Submission: On July 13 via manual (July 13th 2022, 12:39:11 am UTC) from PH — Scanned from DE

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 82.180.162.217, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is et.interac-nb1.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 12th 2022. Valid for: 3 months.

This is the only time et.interac-nb1.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Scotiabank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
8 11	82.180.162.217 82.180.162.217	47583 (AS-HOSTINGER) (AS-HOSTINGER)
7 7	45.60.115.208 45.60.115.208	19551 (INCAPSULA) (INCAPSULA)
7	45.60.87.208 45.60.87.208	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
11	3

11 82.180.162.217 (Germany) 8 redirects

ASN47583 (AS-HOSTINGER, CY)

et.interac-nb1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.60.115.208 (United States) 7 redirects

ASN19551 (INCAPSULA, US)

interac.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.60.87.208 (United States)

ASN19551 (INCAPSULA, US)

www.interac.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	interac.ca 7 redirects interac.ca — Cisco Umbrella Rank: 109536 www.interac.ca — Cisco Umbrella Rank: 504525	285 B
11	interac-nb1.com 8 redirects et.interac-nb1.com	254 KB
1	gstatic.com fonts.gstatic.com	17 KB
11	3

	Domain	Requested by
11	et.interac-nb1.com	8 redirects et.interac-nb1.com
7	www.interac.ca	et.interac-nb1.com
7	interac.ca	7 redirects
1	fonts.gstatic.com	et.interac-nb1.com
11	4

This site contains links to these domains. Also see Links.

Domain
mobilebanking4.scotiabank.com

Subject Issuer	Validity	Valid
et.interac-nb1.com cPanel, Inc. Certification Authority	`2022-07-12` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://et.interac-nb1.com/sh/9j304I/scotiaonline/login.php?cmd=login_submit&id=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065&session=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065
Frame ID: A11C13C348846F865EC2238BE4F9477D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Scotiabank-BankingWeb

Page URL History Show full URLs

https://et.interac-nb1.com/sh/9j304I/scotiaonline/ HTTP 302
https://et.interac-nb1.com/sh/9j304I/scotiaonline/login.php?cmd=login_submit&id=d344deb66dd8eea310f7d4a... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

11
Requests

36 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

269 kB
Transfer

268 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://mobilebanking4.scotiabank.com/bankingweb/
Title: Need help signing in?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://et.interac-nb1.com/sh/9j304I/scotiaonline/ HTTP 302
https://et.interac-nb1.com/sh/9j304I/scotiaonline/login.php?cmd=login_submit&id=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065&session=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://et.interac-nb1.com/sh/9j304I/scotiaonline/files/gtm.js.t%C3%A9l%C3%A9chargement HTTP 302
https://interac.ca/error HTTP 301
https://www.interac.ca/error

Request Chain 2

https://et.interac-nb1.com/sh/9j304I/scotiaonline/files/analytics.js.t%C3%A9l%C3%A9chargement HTTP 302
https://interac.ca/error HTTP 301
https://www.interac.ca/error

Request Chain 5

https://et.interac-nb1.com/sh/9j304I/scotiaonline/images/star-inactive.svg HTTP 302
https://interac.ca/error HTTP 301
https://www.interac.ca/error

Request Chain 6

https://et.interac-nb1.com/sh/9j304I/scotiaonline/images/location.png HTTP 302
https://interac.ca/error HTTP 301
https://www.interac.ca/error

Request Chain 7

https://et.interac-nb1.com/sh/9j304I/scotiaonline/images/contact.png HTTP 302
https://interac.ca/error HTTP 301
https://www.interac.ca/error

Request Chain 8

https://et.interac-nb1.com/sh/9j304I/scotiaonline/images/guarantee.png HTTP 302
https://interac.ca/error HTTP 301
https://www.interac.ca/error

Request Chain 9

https://et.interac-nb1.com/sh/9j304I/scotiaonline/images/verify.png HTTP 302
https://interac.ca/error HTTP 301
https://www.interac.ca/error

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.php Show response
et.interac-nb1.com/sh/9j304I/scotiaonline/
Redirect Chain

https://et.interac-nb1.com/sh/9j304I/scotiaonline/
https://et.interac-nb1.com/sh/9j304I/scotiaonline/login.php?cmd=login_submit&id=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065&session=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8...

11 KB
11 KB

189ms
186ms

Document
text/html

82.180.162.217
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://et.interac-nb1.com/sh/9j304I/scotiaonline/login.php?cmd=login_submit&id=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065&session=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.180.162.217 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: Apache /
Resource Hash: 0a78da58babddb651b51f1fccda38e727b9fa6aef612899b495c77cdabfb82cc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 13 Jul 2022 00:39:04 GMT
Keep-Alive: timeout=5, max=99
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 13 Jul 2022 00:39:04 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked
location: login.php?cmd=login_submit&id=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065&session=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065

GET
H/1.1 200
OK css.css
et.interac-nb1.com/sh/9j304I/scotiaonline/files/ 236 KB
236 KB 242ms
147ms Stylesheet
text/css 82.180.162.217
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://et.interac-nb1.com/sh/9j304I/scotiaonline/files/css.css
Requested by: Host: et.interac-nb1.com
URL: https://et.interac-nb1.com/sh/9j304I/scotiaonline/login.php?cmd=login_submit&id=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065&session=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.180.162.217 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: Apache /
Resource Hash: a4bdb96b753b074042b4f6bba5a25fd0dd39e410dd1599783329319ebf32b0e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://et.interac-nb1.com/sh/9j304I/scotiaonline/login.php?cmd=login_submit&id=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065&session=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 00:39:04 GMT
Last-Modified: Fri, 08 Nov 2019 12:30:06 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 241656

GET
H2

404

error
www.interac.ca/
Redirect Chain

https://et.interac-nb1.com/sh/9j304I/scotiaonline/files/gtm.js.t%C3%A9l%C3%A9chargement
https://interac.ca/error
https://www.interac.ca/error

0
0

1282ms
1214ms

Script
text/html

45.60.87.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.interac.ca/error
Requested by: Host: et.interac-nb1.com
URL: https://et.interac-nb1.com/sh/9j304I/scotiaonline/login.php?cmd=login_submit&id=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065&session=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065
Protocol: H2
Server: 45.60.87.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://et.interac-nb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

location: https://www.interac.ca/error
strict-transport-security: max-age=31536000
content-length: 0

GET
H2

404

error
www.interac.ca/
Redirect Chain

https://et.interac-nb1.com/sh/9j304I/scotiaonline/files/analytics.js.t%C3%A9l%C3%A9chargement
https://interac.ca/error
https://www.interac.ca/error

0
0

1212ms
1212ms

Script
text/html

45.60.87.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.interac.ca/error
Requested by: Host: et.interac-nb1.com
URL: https://et.interac-nb1.com/sh/9j304I/scotiaonline/login.php?cmd=login_submit&id=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065&session=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065
Protocol: H2
Server: 45.60.87.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://et.interac-nb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

location: https://www.interac.ca/error
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1 200
OK login-logo.png
et.interac-nb1.com/sh/9j304I/scotiaonline/files/ 5 KB
5 KB 148ms
148ms Image
image/png 82.180.162.217
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://et.interac-nb1.com/sh/9j304I/scotiaonline/files/login-logo.png
Requested by: Host: et.interac-nb1.com
URL: https://et.interac-nb1.com/sh/9j304I/scotiaonline/login.php?cmd=login_submit&id=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065&session=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.180.162.217 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: Apache /
Resource Hash: 474e71b90809fee123704b882a237b6013fcc6d3f9520fb9b54d386017c61129

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://et.interac-nb1.com/sh/9j304I/scotiaonline/login.php?cmd=login_submit&id=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065&session=d344deb66dd8eea310f7d4a20f6d3065d344deb66dd8eea310f7d4a20f6d3065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 00:39:05 GMT
Last-Modified: Fri, 08 Nov 2019 12:30:06 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5321

GET
H2 200 MDadn8DQ_3oT6kvnUq_2r_esZW2xOQ-xsNqO47m55DA.woff2
fonts.gstatic.com/s/lato/v11/ 16 KB
17 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v11/MDadn8DQ_3oT6kvnUq_2r_esZW2xOQ-xsNqO47m55DA.woff2

Requested by

Host: et.interac-nb1.com
URL: https://et.interac-nb1.com/sh/9j304I/scotiaonline/files/css.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c414806e659b347c31f9205558d257b959cb5a465ba7c83943a3a8ca6aa59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://et.interac-nb1.com/
Origin: https://et.interac-nb1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 17:04:47 GMT
x-content-type-options: nosniff
age: 27258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16436
x-xss-protection: 0
last-modified: Mon, 06 Oct 2014 20:38:14 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Jul 2023 17:04:47 GMT

GET
H2

404

error
www.interac.ca/
Redirect Chain

https://et.interac-nb1.com/sh/9j304I/scotiaonline/images/star-inactive.svg
https://interac.ca/error
https://www.interac.ca/error

0
0

1174ms
1174ms

Image
text/html

45.60.87.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.interac.ca/error
Requested by: Host: et.interac-nb1.com
URL: https://et.interac-nb1.com/sh/9j304I/scotiaonline/files/css.css
Protocol: H2
Server: 45.60.87.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://et.interac-nb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

location: https://www.interac.ca/error
strict-transport-security: max-age=31536000
content-length: 0

GET
H2

404

error
www.interac.ca/
Redirect Chain

https://et.interac-nb1.com/sh/9j304I/scotiaonline/images/location.png
https://interac.ca/error
https://www.interac.ca/error

0
0

1185ms
1184ms

Image
text/html

45.60.87.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.interac.ca/error
Requested by: Host: et.interac-nb1.com
URL: https://et.interac-nb1.com/sh/9j304I/scotiaonline/files/css.css
Protocol: H2
Server: 45.60.87.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://et.interac-nb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

location: https://www.interac.ca/error
strict-transport-security: max-age=31536000
content-length: 0

GET
H2

404

error
www.interac.ca/
Redirect Chain

https://et.interac-nb1.com/sh/9j304I/scotiaonline/images/contact.png
https://interac.ca/error
https://www.interac.ca/error

0
0

1142ms
1141ms

Image
text/html

45.60.87.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.interac.ca/error
Requested by: Host: et.interac-nb1.com
URL: https://et.interac-nb1.com/sh/9j304I/scotiaonline/files/css.css
Protocol: H2
Server: 45.60.87.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://et.interac-nb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

location: https://www.interac.ca/error
strict-transport-security: max-age=31536000
content-length: 0

GET
H2

404

error
www.interac.ca/
Redirect Chain

https://et.interac-nb1.com/sh/9j304I/scotiaonline/images/guarantee.png
https://interac.ca/error
https://www.interac.ca/error

0
0

1366ms
1365ms

Image
text/html

45.60.87.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.interac.ca/error
Requested by: Host: et.interac-nb1.com
URL: https://et.interac-nb1.com/sh/9j304I/scotiaonline/files/css.css
Protocol: H2
Server: 45.60.87.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://et.interac-nb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

location: https://www.interac.ca/error
strict-transport-security: max-age=31536000
content-length: 0

GET
H2

404

error
www.interac.ca/
Redirect Chain

https://et.interac-nb1.com/sh/9j304I/scotiaonline/images/verify.png
https://interac.ca/error
https://www.interac.ca/error

0
0

1094ms
1093ms

Image
text/html

45.60.87.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.interac.ca/error
Requested by: Host: et.interac-nb1.com
URL: https://et.interac-nb1.com/sh/9j304I/scotiaonline/files/css.css
Protocol: H2
Server: 45.60.87.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://et.interac-nb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

location: https://www.interac.ca/error
strict-transport-security: max-age=31536000
content-length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Scotiabank (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.interac.ca/	1970-01-20 13:13:20	Name: visid_incap_1659541 Value: hoQrqDLUTveQFNJAQnfadSgUzmIAAAAAQUIPAAAAAAAGS5OU3J7w5un+JyoGzijf
.interac.ca/	1969-12-31 23:59:59	Name: nlbi_1659541 Value: 4+3Gf+9Y6mIvIM/fpXbVZgAAAADFBQFPfv0xxJAsHvLXSdsV
.interac.ca/	1969-12-31 23:59:59	Name: incap_ses_1104_1659541 Value: ff74O1v/i06+F1GN1zJSDyoUzmIAAAAAqu0oUUtLoZ7IdzSDVfwLmg==
www.interac.ca/	1970-01-20 04:37:57	Name: AWSALBCORS Value: P5nSdRDiIGKntaYkuUdpUpW3/u5HIMevayKFfuPkyUMtWVk2NvW4eJY7hbtY8gmIiWWuHZX52a+33s58tcybPd2PYau6d28MBfidbj6e7yHyle0pquC1h9YQ2r7X

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.interac.ca/error Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.interac.ca/error Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.interac.ca/error Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.interac.ca/error Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.interac.ca/error Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.interac.ca/error Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.interac.ca/error Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

et.interac-nb1.com
fonts.gstatic.com
interac.ca
www.interac.ca
2a00:1450:4001:82a::2003
45.60.115.208
45.60.87.208
82.180.162.217
0a78da58babddb651b51f1fccda38e727b9fa6aef612899b495c77cdabfb82cc
474e71b90809fee123704b882a237b6013fcc6d3f9520fb9b54d386017c61129
a4bdb96b753b074042b4f6bba5a25fd0dd39e410dd1599783329319ebf32b0e8
b3c414806e659b347c31f9205558d257b959cb5a465ba7c83943a3a8ca6aa59f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

et.interac-nb1.com Open in urlscan Pro 82.180.162.217 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

36 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

269 kBTransfer

268 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

4 Cookies

7 Console Messages

Indicators

et.interac-nb1.com Open in urlscan Pro
82.180.162.217 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

36 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

269 kB
Transfer

268 kB
Size

4
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!