sc0tiareferencealert4.com Open in urlscan Pro
104.131.167.45 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sc0tiareferencealert4.com/
Effective URL:
https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
Submission: On January 23 via manual (January 23rd 2021, 2:36:37 am UTC) from CA

Summary HTTP 28 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 4 domains to perform 28 HTTP transactions. The main IP is 104.131.167.45, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is sc0tiareferencealert4.com.
TLS certificate: Issued by R3 on January 22nd 2021. Valid for: 3 months.

This is the only time sc0tiareferencealert4.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Scotiabank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 20	104.131.167.45 104.131.167.45	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a02:26f0:6c0... 2a02:26f0:6c00:294::51e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.111.252.149 104.111.252.149	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	52.49.92.20 52.49.92.20	16509 (AMAZON-02) (AMAZON-02)
1	34.251.184.34 34.251.184.34	16509 (AMAZON-02) (AMAZON-02)
1	15.237.76.117 15.237.76.117	16509 (AMAZON-02) (AMAZON-02)
1 1	99.81.11.244 99.81.11.244	16509 (AMAZON-02) (AMAZON-02)
28	7

20 104.131.167.45 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sc0tiareferencealert4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:294::51e (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

dmtags.scotiabank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.252.149 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-252-149.deploy.static.akamaitechnologies.com

auth.scotiaonline.scotiabank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.92.20 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-92-20.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.184.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-184-34.eu-west-1.compute.amazonaws.com

scotiabank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

somniture.scotiabank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.11.244 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-11-244.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	sc0tiareferencealert4.com 1 redirects sc0tiareferencealert4.com	16 KB
5	scotiabank.com dmtags.scotiabank.com auth.scotiaonline.scotiabank.com somniture.scotiabank.com	67 KB
4	demdex.net 1 redirects dpm.demdex.net scotiabank.demdex.net	4 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
28	4

	Domain	Requested by
20	sc0tiareferencealert4.com	1 redirects sc0tiareferencealert4.com
3	dpm.demdex.net	1 redirects sc0tiareferencealert4.com
3	dmtags.scotiabank.com	sc0tiareferencealert4.com dmtags.scotiabank.com
1	cm.everesttech.net	1 redirects
1	somniture.scotiabank.com	dmtags.scotiabank.com
1	scotiabank.demdex.net	dmtags.scotiabank.com
1	auth.scotiaonline.scotiabank.com	sc0tiareferencealert4.com
28	7

This site contains links to these domains. Also see Links.

Domain
www.scotiabank.com
assets.kampyle.com

Subject Issuer	Validity	Valid
sc0tiareferencealert4.com R3	`2021-01-22` - `2021-04-22`	3 months	crt.sh
apps.scotiabank.com Entrust Certification Authority - L1K	`2020-08-21` - `2022-11-20`	2 years	crt.sh
auth.scotiabank.com Entrust Certification Authority - L1K	`2020-02-27` - `2022-02-27`	2 years	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
somniture.scotiabank.com Entrust Certification Authority - L1K	`2020-07-29` - `2022-09-29`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
Frame ID: 3A054F843B40F6428703F4E05B198894
Requests: 27 HTTP requests in this frame

Frame: https://scotiabank.demdex.net/dest5.html?d_nsid=0
Frame ID: 3CE9455B546D5E9E13EE5448C48A483B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sc0tiareferencealert4.com/ HTTP 301
https://sc0tiareferencealert4.com/ Page URL
https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef Page URL

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Page Statistics

28
Requests

96 %
HTTPS

14 %
IPv6

4
Domains

7
Subdomains

7
IPs

5
Countries

86 kB
Transfer

304 kB
Size

4
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.scotiabank.com/ca/en/personal.html
Title: Scotiabank

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/personal/contact-us.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/about/contact-us/security.html
Title: Security

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/about/contact-us/legal.html
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/about/contact-us/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.scotiabank.com/ca/en/personal/accessibility.html
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://assets.kampyle.com/resources/direct/form.html?region=prodCanada&websiteId=11757&formId=1127&bgclr=white
Title: Feedback

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sc0tiareferencealert4.com/ HTTP 301
https://sc0tiareferencealert4.com/ Page URL
https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://sc0tiareferencealert4.com/ HTTP 301
https://sc0tiareferencealert4.com/

Request Chain 9

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1611369378922 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1611369378922

Request Chain 14

https://cm.everesttech.net/cm/dd?d_uuid=80357556384140002414335042827172929839 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YAuLowAAAJEK5CTQ

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
sc0tiareferencealert4.com/
Redirect Chain

http://sc0tiareferencealert4.com/
https://sc0tiareferencealert4.com/

334 B
501 B

437ms
145ms

Document
text/html

104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 660e1b388e44e7f62e72121ef535cd316c543475a704888e4d7f130de0eedd7b

Request headers

Host: sc0tiareferencealert4.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:18 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 249
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sat, 23 Jan 2021 02:36:17 GMT
Server: Apache/2.4.25 (Debian)
Location: https://sc0tiareferencealert4.com/
Content-Length: 333
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET index91484101498.html
sc0tiareferencealert4.com/ 0
0

GET
H/1.1 200
OK Primary Request index91484101498.html Show response
sc0tiareferencealert4.com/ 80 KB
16 KB 146ms
145ms Document
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: aaceea64ee81bc59d7e3b274d995e0a1e88e0aed37e5d51fbda1189feb722ac5

Request headers

Host: sc0tiareferencealert4.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:18 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Thu, 15 Oct 2020 15:56:28 GMT
ETag: "13e3b-5b1b7b0dda300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15679
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK launch-edbf66c903b6.min.js Show response
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/ 182 KB
51 KB 132ms
16ms Script
application/x-javascript 2a02:26f0:6c00:294::51e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js

Requested by

Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a02:26f0:6c00:294::51e , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

aee4623510fc8eb29da73b6e2ab79d118f9a04598078afc51766e8b9e6118d3c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src 'self' .scotiabank.com .scotiabank.bns .kampyle.com; frame-ancestors .scotiabank.com *.scotiabank.com.mx fiu.mx
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Jan 2021 02:30:31 GMT
Server: nginx/1.19.1
ETag: "5ffd09c7-2d9f7"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Vcap-Request-Id: b14a5f0e-41cd-4c72-5bcd-3e1f39114d5d
Connection: keep-alive
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src 'self' *.scotiabank.com *.scotiabank.bns *.kampyle.com; frame-ancestors *.scotiabank.com *.scotiabank.com.mx fiu.mx
Strict-Transport-Security: max-age=600 ; includeSubDomains
Accept-Ranges: bytes
Content-Length: 51184
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 7c428f63a00e5bd025fa159e8c94389f.svg
auth.scotiaonline.scotiabank.com/assets/ 537 B
889 B 542ms
428ms Image
image/svg+xml 104.111.252.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.scotiaonline.scotiabank.com/assets/7c428f63a00e5bd025fa159e8c94389f.svg

Requested by

Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

104.111.252.149 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-252-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

51bf40e3535dee036bec3df6d4b279b4373fb22cdd40632535932d6999f7e37e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
X-Content-Type-Options: nosniff
Content-Language: en-US
X-Vcap-Request-Id: 6fd7c4df-775d-4022-44d3-0c2ea2e9bae7
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 537
X-Xss-Protection: 1; mode=block

GET
H/1.1 404
Not Found resource-loader.js
sc0tiareferencealert4.com/ 0
0 144ms
143ms Script
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/resource-loader.js
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Referer: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:18 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found runtime.6a56e9d9c8681dee3c24.js
sc0tiareferencealert4.com/ 0
0 269ms
143ms Script
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/runtime.6a56e9d9c8681dee3c24.js
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Referer: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found main.a8bf77b7a9385c624a8d.chunk.js
sc0tiareferencealert4.com/ 0
0 378ms
126ms Script
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/main.a8bf77b7a9385c624a8d.chunk.js
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Referer: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 3855b6f925rn166fe78bc4a41fd90c6d
sc0tiareferencealert4.com/resources/ 0
0 388ms
129ms Script
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/resources/3855b6f925rn166fe78bc4a41fd90c6d
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Referer: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found styles.0707e8a14e8f4598c453.css
sc0tiareferencealert4.com/ 0
0 398ms
132ms Stylesheet
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/styles.0707e8a14e8f4598c453.css
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Referer: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1611369378922
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1611369378922

5 KB
2 KB

72ms
72ms

XHR
application/json

52.49.92.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1611369378922

Requested by

Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.92.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-92-20.eu-west-1.compute.amazonaws.com

Software

Resource Hash

27003cb4bc3d4671f4a5799201e1db1a7a577d45abc8d812e12c34b16011b50f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v088-00779698a.edge-irl1.demdex.com 5.80.5.20210120122710 2ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: Wz8pb+jmSzA=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://sc0tiareferencealert4.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1598
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://sc0tiareferencealert4.com
X-TID: FlTPSb5bT/M=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1611369378922
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK AppMeasurement.min.js Show response
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/ecc159fc6086/hostedLibFiles/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
13 KB 11ms
10ms Script
application/x-javascript 2a02:26f0:6c00:294::51e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/ecc159fc6086/hostedLibFiles/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js

Requested by

Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a02:26f0:6c00:294::51e , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src 'self' .scotiabank.com .scotiabank.bns .kampyle.com; frame-ancestors .scotiabank.com *.scotiabank.com.mx fiu.mx
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Jan 2021 02:22:59 GMT
Server: nginx/1.19.1
ETag: "5ffd0803-82b6"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Vcap-Request-Id: be609c3b-034d-4876-74e3-d22249547ed1
Connection: keep-alive
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src 'self' *.scotiabank.com *.scotiabank.bns *.kampyle.com; frame-ancestors *.scotiabank.com *.scotiabank.com.mx fiu.mx
Strict-Transport-Security: max-age=600 ; includeSubDomains
Accept-Ranges: bytes
Content-Length: 12184
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK AppMeasurement_Module_ActivityMap.min.js Show response
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/ecc159fc6086/hostedLibFiles/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 21ms
9ms Script
application/x-javascript 2a02:26f0:6c00:294::51e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/ecc159fc6086/hostedLibFiles/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js

Requested by

Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a02:26f0:6c00:294::51e , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src 'self' .scotiabank.com .scotiabank.bns .kampyle.com; frame-ancestors .scotiabank.com *.scotiabank.com.mx fiu.mx
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Jan 2021 02:29:37 GMT
Server: nginx/1.19.1
ETag: "5ffd0991-ce7"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Vcap-Request-Id: 87e57d92-4e25-46b9-7181-dd5d9e4067ed
Connection: keep-alive
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src 'self' *.scotiabank.com *.scotiabank.bns *.kampyle.com; frame-ancestors *.scotiabank.com *.scotiabank.com.mx fiu.mx
Strict-Transport-Security: max-age=600 ; includeSubDomains
Accept-Ranges: bytes
Content-Length: 1594
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set dest5.html
scotiabank.demdex.net/ Frame 3CE9 0
0 270ms
65ms Document
text/html 34.251.184.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.demdex.net/dest5.html?d_nsid=0

Requested by

Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.251.184.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-184-34.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: scotiabank.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=80357556384140002414335042827172929839
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 21 Jan 2021 11:34:19 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=80357556384140002414335042827172929839;Path=/;Domain=.demdex.net;Expires=Thu, 22-Jul-2021 02:36:19 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: G1Fbgd9cQzQ=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
somniture.scotiabank.com/ 48 B
516 B 229ms
64ms XHR
application/x-javascript 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://somniture.scotiabank.com/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=71039842120852719073547705481045625917&ts=1611369379281

Requested by

Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

ecefa632b409f50e7fc0fcfe6c55c14c7e0f15a32f4cf1cbba2943baa581ac54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 23 Jan 2021 02:36:19 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-75ffb878dc-ltrpt
vary: Origin
x-c: main-1414.Id04486.M0-474
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://sc0tiareferencealert4.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YAuLowAAAJEK5CTQ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=80357556384140002414335042827172929839
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YAuLowAAAJEK5CTQ

42 B
915 B

70ms
70ms

Image
image/gif

52.49.92.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YAuLowAAAJEK5CTQ

Requested by

Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.92.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-92-20.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v088-0d7e7eca2.edge-irl1.demdex.com 5.80.5.20210120122710 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 6FFWfL38QDA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YAuLowAAAJEK5CTQ
Date: Sat, 23 Jan 2021 02:36:19 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 404
Not Found 15243e297f5364bd59f4088a864abbf7.woff
sc0tiareferencealert4.com/assets/ 0
0 130ms
129ms Font
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/assets/15243e297f5364bd59f4088a864abbf7.woff
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Origin: https://sc0tiareferencealert4.com
Referer: https://sc0tiareferencealert4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 8fd30bd010d9e2c7677ec339685f958b.woff
sc0tiareferencealert4.com/assets/ 0
0 127ms
125ms Font
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/assets/8fd30bd010d9e2c7677ec339685f958b.woff
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Origin: https://sc0tiareferencealert4.com
Referer: https://sc0tiareferencealert4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 00cecde981e3ef7491eba946f4b95fe0.woff
sc0tiareferencealert4.com/assets/ 0
0 144ms
143ms Font
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/assets/00cecde981e3ef7491eba946f4b95fe0.woff
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Origin: https://sc0tiareferencealert4.com
Referer: https://sc0tiareferencealert4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 8424a042624210828b0fbe7a8c533b2a.woff2
sc0tiareferencealert4.com/assets/ 0
0 142ms
141ms Font
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/assets/8424a042624210828b0fbe7a8c533b2a.woff2
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Origin: https://sc0tiareferencealert4.com
Referer: https://sc0tiareferencealert4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 1e98970fd9c76545bbf1e1a377f4f3c2.woff2
sc0tiareferencealert4.com/assets/ 0
0 140ms
132ms Font
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/assets/1e98970fd9c76545bbf1e1a377f4f3c2.woff2
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Origin: https://sc0tiareferencealert4.com
Referer: https://sc0tiareferencealert4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 50805f331bb1b697aafb6f0c28b09212.woff2
sc0tiareferencealert4.com/assets/ 0
0 126ms
126ms Font
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/assets/50805f331bb1b697aafb6f0c28b09212.woff2
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Origin: https://sc0tiareferencealert4.com
Referer: https://sc0tiareferencealert4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 3ca6c3facf3966b88b55118f7821ee72.woff2
sc0tiareferencealert4.com/assets/ 0
0 129ms
129ms Font
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/assets/3ca6c3facf3966b88b55118f7821ee72.woff2
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Origin: https://sc0tiareferencealert4.com
Referer: https://sc0tiareferencealert4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 7e2a698e9980c7ba52f69a2717e97b86.woff
sc0tiareferencealert4.com/assets/ 0
0 132ms
132ms Font
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/assets/7e2a698e9980c7ba52f69a2717e97b86.woff
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Origin: https://sc0tiareferencealert4.com
Referer: https://sc0tiareferencealert4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 0a9f36f23c26fbad0827f0a8ec86c908.woff
sc0tiareferencealert4.com/assets/ 0
0 141ms
141ms Font
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/assets/0a9f36f23c26fbad0827f0a8ec86c908.woff
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Origin: https://sc0tiareferencealert4.com
Referer: https://sc0tiareferencealert4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 64a8523319c68ca5e492309a68af4a9e.woff2
sc0tiareferencealert4.com/assets/ 0
0 144ms
143ms Font
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/assets/64a8523319c68ca5e492309a68af4a9e.woff2
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Origin: https://sc0tiareferencealert4.com
Referer: https://sc0tiareferencealert4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 12b6c5fcbc2e61c7ba17f51cd9c2b8c0.ttf
sc0tiareferencealert4.com/assets/ 0
0 132ms
132ms Font
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/assets/12b6c5fcbc2e61c7ba17f51cd9c2b8c0.ttf
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Origin: https://sc0tiareferencealert4.com
Referer: https://sc0tiareferencealert4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 811a29d581fc684aa63616499cad4782.ttf
sc0tiareferencealert4.com/assets/ 0
0 141ms
141ms Font
text/html 104.131.167.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sc0tiareferencealert4.com/assets/811a29d581fc684aa63616499cad4782.ttf
Requested by: Host: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.131.167.45 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Origin: https://sc0tiareferencealert4.com
Referer: https://sc0tiareferencealert4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 02:36:19 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sc0tiareferencealert4.com
URL: https://sc0tiareferencealert4.com/index91484101498.html?02ef4e007115965e34fb62cf5c1b3eef

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Scotiabank (Banking)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 19:55:21	Name: demdex Value: 80357556384140002414335042827172929839
.sc0tiareferencealert4.com/	1970-01-20 09:07:21	Name: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg Value: 359503849%7CMCIDTS%7C18651%7CMCMID%7C71039842120852719073547705481045625917%7CMCAAMLH-1611974179%7C6%7CMCAAMB-1611974179%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1611376579s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18658%7CvVersion%7C5.0.1
.demdex.net/	1970-01-19 19:55:21	Name: dextp Value: 269-1-1611369379565\|358-1-1611369379666
.sc0tiareferencealert4.com/	1969-12-31 23:59:59	Name: AMCVS_0AAF22CE52827A080A490D4D%40AdobeOrg Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.scotiaonline.scotiabank.com
cm.everesttech.net
dmtags.scotiabank.com
dpm.demdex.net
sc0tiareferencealert4.com
scotiabank.demdex.net
somniture.scotiabank.com
sc0tiareferencealert4.com
104.111.252.149
104.131.167.45
15.237.76.117
2a02:26f0:6c00:294::51e
34.251.184.34
52.49.92.20
99.81.11.244
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
27003cb4bc3d4671f4a5799201e1db1a7a577d45abc8d812e12c34b16011b50f
51bf40e3535dee036bec3df6d4b279b4373fb22cdd40632535932d6999f7e37e
660e1b388e44e7f62e72121ef535cd316c543475a704888e4d7f130de0eedd7b
aaceea64ee81bc59d7e3b274d995e0a1e88e0aed37e5d51fbda1189feb722ac5
aee4623510fc8eb29da73b6e2ab79d118f9a04598078afc51766e8b9e6118d3c
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
ecefa632b409f50e7fc0fcfe6c55c14c7e0f15a32f4cf1cbba2943baa581ac54
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

sc0tiareferencealert4.com Open in urlscan Pro 104.131.167.45 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

96 %HTTPS

14 %IPv6

4 Domains

7 Subdomains

7 IPs

5 Countries

86 kBTransfer

304 kBSize

4 Cookies

7 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

sc0tiareferencealert4.com Open in urlscan Pro
104.131.167.45 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

96 %
HTTPS

14 %
IPv6

4
Domains

7
Subdomains

7
IPs

5
Countries

86 kB
Transfer

304 kB
Size

4
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!