www.teatroeuropa.it Open in urlscan Pro
178.33.197.38  Malicious Activity! Public Scan

URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Submission: On May 10 via automatic, source phishtank

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 178.33.197.38, located in France and belongs to OVH, FR. The main domain is www.teatroeuropa.it.
This is the only time www.teatroeuropa.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Scotiabank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 178.33.197.38 16276 (OVH)
17 104.108.59.155 16625 (AKAMAI-AS)
2 216.58.207.42 15169 (GOOGLE)
1 104.19.195.151 13335 (CLOUDFLAR...)
21 4
Domain Requested by
17 www1.scotiabank.com.uy www.teatroeuropa.it
ajax.googleapis.com
2 ajax.googleapis.com www.teatroeuropa.it
1 cdnjs.cloudflare.com www.teatroeuropa.it
1 www.teatroeuropa.it
21 4

This site contains links to these domains. Also see Links.

Domain
www1.scotiabank.com.uy
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Frame ID: 4D967A146A92B965A2D36AA55E194518
Requests: 21 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
  • env /^Modernizr$/i

Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

21
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

172 kB
Transfer

603 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.0.6/jquery.mousewheel.min.js HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.0.6/jquery.mousewheel.min.js

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request scotiabank.com.htm
www.teatroeuropa.it/2011-2012/colorbox2/images/
45 KB
10 KB
Document
General
Full URL
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
178.33.197.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.2.16 (Debian) /
Resource Hash
84e79f5ee907254dd9e6009ea55f60ae9a8b07c14725e1128eab82be4ad74847

Request headers

Host
www.teatroeuropa.it
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4D967A146A92B965A2D36AA55E194518

Response headers

Date
Thu, 10 May 2018 23:51:31 GMT
Server
Apache/2.2.16 (Debian)
Last-Modified
Thu, 10 May 2018 14:11:07 GMT
ETag
"745c7-b3c6-56bda972e74c0"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
10067
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
reset.css;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/css/
1 KB
950 B
Stylesheet
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/css/reset.css;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ea82df41db4fc5c3423f2ae6031d293212d22941e18b747b2853fcdc750091c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"1153-1524603370000"
X-Frame-Options
DENY
Content-Type
text/css
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
593
colorbox.css;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/css/colorbox.css;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
71c1b7cc50ae3b4f0215207557fd4a6c33c48b826562ee55b5ddfb11baf4746b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"3596-1524603370000"
X-Frame-Options
DENY
Content-Type
text/css
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1304
jquery.mCustomScrollbar.css;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/css/
13 KB
2 KB
Stylesheet
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/css/jquery.mCustomScrollbar.css;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a367d803b204114ac08981bb2b974ea60e97a7a96e3ab5be22b34883dec65146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"13734-1524603370000"
X-Frame-Options
DENY
Content-Type
text/css
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1679
tooltipster.css;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/css/tooltipster.css;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8264bc4e1e39f0ace3bde23d7b501619b5e885610475c1ac8188f72ff1d1d759
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"9048-1524603370000"
X-Frame-Options
DENY
Content-Type
text/css
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1692
styles.css;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/css/
116 KB
17 KB
Stylesheet
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/css/styles.css;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d78b69e3cf0c8ae1c8dbca0ee2455f184b3a53b30e349b9ab8feb23355dfc959
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"118803-1524603370000"
X-Frame-Options
DENY
Content-Type
text/css
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17153
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/
91 KB
33 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
216.58.207.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f10.1e100.net
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 13 Mar 2018 20:48:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
5021761
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33621
X-XSS-Protection
1; mode=block
Expires
Wed, 13 Mar 2019 20:48:04 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/
223 KB
60 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
216.58.207.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f10.1e100.net
Software
sffe /
Resource Hash
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 09 May 2018 03:55:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
157717
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
61441
X-XSS-Protection
1; mode=block
Expires
Thu, 09 May 2019 03:55:28 GMT
jquery.mCustomScrollbar.min.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/js/
24 KB
6 KB
Script
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/js/jquery.mCustomScrollbar.min.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f537cdd2beb179044f60d79ea8edf106cc0719f80555409eaad617777dc6244e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"24925-1524603370000"
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5881
Expires
Thu, 10 May 2018 23:44:05 GMT
jquery.ui.datepicker-es.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/js/
2 KB
1 KB
Script
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/js/jquery.ui.datepicker-es.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
26629af5a173413b2b3721a167d113d4122c4ffe3ddfd54602a32e90084e4e5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"1616-1524603370000"
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
594
Expires
Thu, 10 May 2018 23:44:05 GMT
jquery.restrict.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/js/
1 KB
919 B
Script
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/js/jquery.restrict.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8b34eebcf04c6d458d6bb738cce044d36e63802f7ef33c6b5b13ff18814cc6aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"1438-1524603370000"
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
436
Expires
Thu, 10 May 2018 23:44:05 GMT
jquery.colorbox-min.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/js/
11 KB
5 KB
Script
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/js/jquery.colorbox-min.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3e0cdf76f5922e57e5374a90e9c11bd31eca69adb1110e047665bdc9f0ac987a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"11095-1524603370000"
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4646
Expires
Thu, 10 May 2018 23:44:05 GMT
jquery.tooltipster.min.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/js/
17 KB
5 KB
Script
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/js/jquery.tooltipster.min.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f7179f930aab0b91e477718f932171ab5207e92f76ddaccf9afc7f998929ad7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"16944-1524603370000"
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4713
Expires
Thu, 10 May 2018 23:44:05 GMT
modernizr.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/js/
14 KB
6 KB
Script
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/js/modernizr.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
41f2eef416262a856ec978dbb9c938ab2bb3ebab9a00833d2516f4207a3f170a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"14338-1524603370000"
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5856
Expires
Thu, 10 May 2018 23:44:05 GMT
formParser.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/js/
13 KB
3 KB
Script
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/js/formParser.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
323eb7d6491cb010c35f1c57a7eecb6a6d26a16f3a8071cb92266d8b8aeda1af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"13385-1524603370000"
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2590
Expires
Thu, 10 May 2018 23:44:05 GMT
teclado.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/js/
4 KB
2 KB
Script
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/js/teclado.js;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
081c846ea6b34b9bcdfac16460c29502aaf695dd41157b8b4e5fb5bfca0e36b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"4190-1524603370000"
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1116
Expires
Thu, 10 May 2018 23:44:05 GMT
loading-over-red.gif;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/img/
2 KB
2 KB
Image
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/img/loading-over-red.gif;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d517fcfff51ecb5f27e696661d6287beb2214f720f96742a6cd0117b028aebac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"1737-1524603370000"
X-Frame-Options
DENY
Content-Type
image/gif
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1737
loading-over-dark.gif;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
www1.scotiabank.com.uy/scotiaenlinea/img/
2 KB
2 KB
Image
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/img/loading-over-dark.gif;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d46ab5053670a35208290d2703feb1f3a4cf6c607a964e58fdaed03cdaaad0a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"1737-1524603370000"
X-Frame-Options
DENY
Content-Type
image/gif
Date
Thu, 10 May 2018 23:44:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1737
jquery.mousewheel.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.0.6/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.0.6/jquery.mousewheel.min.js
  • https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.0.6/jquery.mousewheel.min.js
1 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.0.6/jquery.mousewheel.min.js
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
SPDY
Server
104.19.195.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8104390115f92b27003b1e4e503ef59343ccfef4ac19751093544e8cfaeae26
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 23:44:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Jun 2016 14:42:30 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
419045927a6027aa-FRA
expires
Tue, 30 Apr 2019 23:44:05 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.0.6/jquery.mousewheel.min.js
Non-Authoritative-Reason
HSTS
bank-logo.png
www1.scotiabank.com.uy/scotiaenlinea/img/
9 KB
9 KB
Image
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/img/bank-logo.png
Requested by
Host: www.teatroeuropa.it
URL: http://www.teatroeuropa.it/2011-2012/colorbox2/images/scotiabank.com.htm
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8f756ffff82e69657835616f1e4e36fa86bd178c219a53badbf0ddc26ddcb6a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://www1.scotiabank.com.uy/scotiaenlinea/css/styles.css;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"8960-1524603370000"
X-Frame-Options
DENY
Content-Type
image/png
Date
Thu, 10 May 2018 23:44:06 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8960
virtual-keyboard.png
www1.scotiabank.com.uy/scotiaenlinea/img/
1 KB
1 KB
Image
General
Full URL
https://www1.scotiabank.com.uy/scotiaenlinea/img/virtual-keyboard.png
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
HTTP/1.1
Server
104.108.59.155 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dbde13c2a28b434449970de268b6d46dcecfdad75032ea240aaee496079120bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://www1.scotiabank.com.uy/scotiaenlinea/css/styles.css;jsessionid=A2DE36A8C06F1017988097E81A68ABA4.node1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 24 Apr 2018 20:56:10 GMT
ETag
W/"1185-1524603370000"
X-Frame-Options
DENY
Content-Type
image/png
Date
Thu, 10 May 2018 23:44:06 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1185

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Scotiabank (Banking)

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| html5 object| Modernizr function| yepnope number| cant number| slideSpeed number| scrollSpeed function| hideOptions function| refreshSelect function| refreshCheckbox function| generateTabIndex function| selectFirstValue function| resizeList function| toNumber function| formatFloat function| setOrderAndSearch function| submitSearch function| submitData function| getData undefined| colorboxClosing function| globalErrorHandling function| buildParamHash boolean| mayuscula string| selField function| focusOn function| insertAtCursor function| backAtCursor function| clickKey string| idEnvironment string| url function| validateEmptyFields function| login function| showMessage function| markChecks function| chackRowmarkStatus function| startsWith function| displayErrorField function| removeErrorField function| removeAllErrorFields function| startWorking function| stopAllWorkingIndicators function| stopWorking function| isJSON function| handleHashedMessages function| handleMessageResponse function| confirmEndState function| confirmEndErrorState function| sortList function| markSortedColumn function| pad function| errorPostProcessing function| checkPIN function| checkTransactionPIN function| selectCheckDigit

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
www.teatroeuropa.it
www1.scotiabank.com.uy
104.108.59.155
104.19.195.151
178.33.197.38
216.58.207.42
081c846ea6b34b9bcdfac16460c29502aaf695dd41157b8b4e5fb5bfca0e36b9
26629af5a173413b2b3721a167d113d4122c4ffe3ddfd54602a32e90084e4e5e
323eb7d6491cb010c35f1c57a7eecb6a6d26a16f3a8071cb92266d8b8aeda1af
3e0cdf76f5922e57e5374a90e9c11bd31eca69adb1110e047665bdc9f0ac987a
41f2eef416262a856ec978dbb9c938ab2bb3ebab9a00833d2516f4207a3f170a
71c1b7cc50ae3b4f0215207557fd4a6c33c48b826562ee55b5ddfb11baf4746b
8264bc4e1e39f0ace3bde23d7b501619b5e885610475c1ac8188f72ff1d1d759
84e79f5ee907254dd9e6009ea55f60ae9a8b07c14725e1128eab82be4ad74847
8b34eebcf04c6d458d6bb738cce044d36e63802f7ef33c6b5b13ff18814cc6aa
8f756ffff82e69657835616f1e4e36fa86bd178c219a53badbf0ddc26ddcb6a2
9ea82df41db4fc5c3423f2ae6031d293212d22941e18b747b2853fcdc750091c
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
a367d803b204114ac08981bb2b974ea60e97a7a96e3ab5be22b34883dec65146
c8104390115f92b27003b1e4e503ef59343ccfef4ac19751093544e8cfaeae26
d46ab5053670a35208290d2703feb1f3a4cf6c607a964e58fdaed03cdaaad0a4
d517fcfff51ecb5f27e696661d6287beb2214f720f96742a6cd0117b028aebac
d78b69e3cf0c8ae1c8dbca0ee2455f184b3a53b30e349b9ab8feb23355dfc959
dbde13c2a28b434449970de268b6d46dcecfdad75032ea240aaee496079120bb
f537cdd2beb179044f60d79ea8edf106cc0719f80555409eaad617777dc6244e
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f7179f930aab0b91e477718f932171ab5207e92f76ddaccf9afc7f998929ad7a