| code.jquery.com/jquery-3.6.0.min.js |  151.101.2.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.0.min.js IP151.101.2.137:443
Requested byhttps://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1scotiaonlinehelp.com
DNT: 1
Connection: keep-alive
Referer: https://1scotiaonlinehelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 03 May 2024 22:40:53 GMT
age: 632235
x-served-by: cache-lga21931-LGA, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 3, 482918
x-timer: S1714776054.928033,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| 1scotiaonlinehelp.com/views/go/assets/loading.gif |  188.114.97.1 | 200 OK | 166 kB |
URL GET HTTP/31scotiaonlinehelp.com/views/go/assets/loading.gif IP188.114.97.1:443
Requested byhttps://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J CertificateIssuerLet's Encrypt Subject1scotiaonlinehelp.com FingerprintB3:2E:FE:71:B4:91:80:C6:73:EE:70:B4:EE:22:9F:9B:1A:97:B4:32 ValiditySat, 27 Apr 2024 19:22:40 GMT - Fri, 26 Jul 2024 19:22:39 GMT
File typeGIF image data, version 89a, 498 x 498 Size166 kB (166466 bytes) Hasha742721ea2075bc3956a2ff62c9bfeef bb72fc6b492cfd37d36a2dca0730c1ccf2e97e06 e07efed33aec4356ba72efae1eea9fbe1e922bd270ddbd0dd1a028b5a6db4140
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Scotiabank |
GET /views/go/assets/loading.gif HTTP/1.1
Host: 1scotiaonlinehelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J
Cookie: PHPSESSID=lnduri177fmr4m3olu48s2lu7u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:40:54 GMT
content-type: image/gif
content-length: 166466
last-modified: Thu, 02 May 2024 05:53:17 GMT
etag: "66332a4d-28a42"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycI3KO0Z9%2BNYo8J4x4wN9eT1OsN9OZQd4%2FW6bacM%2BQLuY6RYSHTWyTYXK0XqM%2FrjBO0dfBrit4%2BQFSfW1xZEdBXN4jjtGgxU4Hi%2BE5STsi%2BYSujs3W7uzgMgq59Rfx1p1YM%2F7wBSWmE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3c16078da56c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1scotiaonlinehelp.com/views/go/assets/files/styles.52548c4754293a7f0b9b.css | 188.114.97.1 | 200 OK | 37 kB |
URL GET HTTP/31scotiaonlinehelp.com/views/go/assets/files/styles.52548c4754293a7f0b9b.css IP188.114.97.1:443
Requested byhttps://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J CertificateIssuerLet's Encrypt Subject1scotiaonlinehelp.com FingerprintB3:2E:FE:71:B4:91:80:C6:73:EE:70:B4:EE:22:9F:9B:1A:97:B4:32 ValiditySat, 27 Apr 2024 19:22:40 GMT - Fri, 26 Jul 2024 19:22:39 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashcb4ab7955b49cc49b21ac8466be621f8 a553d52365e835ea966c1c72234d535f6603b240 2050e3c25a4c2810d0e8d4c3384bc5d362fb6e3e9af73d0da73722c2c1ec7c08
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Scotiabank |
GET /views/go/assets/files/styles.52548c4754293a7f0b9b.css HTTP/1.1
Host: 1scotiaonlinehelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J
Cookie: PHPSESSID=lnduri177fmr4m3olu48s2lu7u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:40:54 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 05:53:17 GMT
etag: W/"66332a4d-245d1"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iF5AsPIFfR74Czm0S8xTeDndofeU8dbeAITLZcZ%2B5lXkxl70Ly8CoNeFvq4P3UVYxfMczh%2FfbXH3tJp6FeBbbMZPll1xcr9ILbpfNhxCaICcx613HbmNNOQdihWGWoeV6zIjMpCw%2BeI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3c16078d856c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1scotiaonlinehelp.com/favicon.ico | 188.114.97.1 | 200 OK | 3.7 kB |
URL GET HTTP/31scotiaonlinehelp.com/favicon.ico IP188.114.97.1:443
Requested byhttps://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J CertificateIssuerLet's Encrypt Subject1scotiaonlinehelp.com FingerprintB3:2E:FE:71:B4:91:80:C6:73:EE:70:B4:EE:22:9F:9B:1A:97:B4:32 ValiditySat, 27 Apr 2024 19:22:40 GMT - Fri, 26 Jul 2024 19:22:39 GMT
File typeJavaScript source, ASCII text, with very long lines (3900), with no line terminators Hash967982d3cc10813dd5c6300408bda927 81f1e77080aa96b1a4f522a73f5d3f5056c2ab89 6680f785e82a7b1b89c215688f29029ec214f2fab79dd9952cd0416d5b4d82e6
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Scotiabank |
GET /favicon.ico HTTP/1.1
Host: 1scotiaonlinehelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J
Cookie: PHPSESSID=lnduri177fmr4m3olu48s2lu7u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:40:55 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oFDHzcHWbHAo3DM7h3NBjg%2BNUqGgcRi0W34BV%2BnVzxSt6L%2B6iMaj5seUNhOlbbNn7QLBdU12KN0kucNoY7BPTONKaVhMDO%2FPFVLXG5pbDLg1Hj0QSMz5YmQ3eteeW4DCdxZumvlSbGg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3c1648bb556c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1scotiaonlinehelp.com/views/go/assets/login.css | 188.114.97.1 | 200 OK | 119 kB |
URL GET HTTP/31scotiaonlinehelp.com/views/go/assets/login.css IP188.114.97.1:443
Requested byhttps://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J CertificateIssuerLet's Encrypt Subject1scotiaonlinehelp.com FingerprintB3:2E:FE:71:B4:91:80:C6:73:EE:70:B4:EE:22:9F:9B:1A:97:B4:32 ValiditySat, 27 Apr 2024 19:22:40 GMT - Fri, 26 Jul 2024 19:22:39 GMT
Size119 kB (118914 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Scotiabank |
GET /views/go/assets/login.css HTTP/1.1
Host: 1scotiaonlinehelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J
Cookie: PHPSESSID=lnduri177fmr4m3olu48s2lu7u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:40:54 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 05:53:17 GMT
etag: W/"66332a4d-1d082"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WDsmKP7luUroU3kfHrk4MhOxOQm55qQBy%2FKcZJrL%2FNmoK5FzAvyHRSg9OmCLDxjS0ogfJ2eIfPw7W20jdy0wyUbxHlANSUFTso9dFDXzh%2BVe3IqpiLS9CbUARZ54ltxaZYLDyqCc5Uo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3c16078d756c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1scotiaonlinehelp.com/app/php/updateVisitor.php | 188.114.97.1 | 200 OK | 349 B |
URL POST HTTP/31scotiaonlinehelp.com/app/php/updateVisitor.php IP188.114.97.1:443
Requested byhttps://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J CertificateIssuerLet's Encrypt Subject1scotiaonlinehelp.com FingerprintB3:2E:FE:71:B4:91:80:C6:73:EE:70:B4:EE:22:9F:9B:1A:97:B4:32 ValiditySat, 27 Apr 2024 19:22:40 GMT - Fri, 26 Jul 2024 19:22:39 GMT
File typeASCII text, with very long lines (362), with no line terminators Hashc5558550aea0525551ceeeb9af2a7c30 1ff25fb5b973a623905e086e15b375d5f5042571 26e97ede5bfc792c8b08397bcd833cbdfadef06f8897fe51f7b635d0b9cd8c70
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Scotiabank |
POST /app/php/updateVisitor.php HTTP/1.1
Host: 1scotiaonlinehelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 230
Origin: https://1scotiaonlinehelp.com
DNT: 1
Connection: keep-alive
Referer: https://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J
Cookie: PHPSESSID=lnduri177fmr4m3olu48s2lu7u
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:40:54 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nb2TYTXAIO1sImEE9g%2BSskcVDnhPRLgT63vH0%2B5IYi3%2BCDyCBu3tk3kHXXnBHXAppjPLx%2FVSKx%2FBmT5GkGGdLR29OZSft6zp9QYodBpCBg4AST4rHZ7dDaJIi7S%2B4vGIuqayLGbnCXA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3c162ba7a56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1scotiaonlinehelp.com/app/php/check_activity.php | 188.114.97.1 | 200 OK | 349 B |
URL POST HTTP/31scotiaonlinehelp.com/app/php/check_activity.php IP188.114.97.1:443
Requested byhttps://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J CertificateIssuerLet's Encrypt Subject1scotiaonlinehelp.com FingerprintB3:2E:FE:71:B4:91:80:C6:73:EE:70:B4:EE:22:9F:9B:1A:97:B4:32 ValiditySat, 27 Apr 2024 19:22:40 GMT - Fri, 26 Jul 2024 19:22:39 GMT
File typeASCII text, with very long lines (362), with no line terminators Hashc5558550aea0525551ceeeb9af2a7c30 1ff25fb5b973a623905e086e15b375d5f5042571 26e97ede5bfc792c8b08397bcd833cbdfadef06f8897fe51f7b635d0b9cd8c70
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Scotiabank |
POST /app/php/check_activity.php HTTP/1.1
Host: 1scotiaonlinehelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 234
Origin: https://1scotiaonlinehelp.com
DNT: 1
Connection: keep-alive
Referer: https://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J
Cookie: PHPSESSID=lnduri177fmr4m3olu48s2lu7u
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:41:04 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VimKvIzG0cNc4gf95DeeBMDoXGDULNfNpxJX9E9zkb7fPliI53Q71RtiwqFo%2Bfa4V9I9SoegnLn8ZqbZjnhOttJADlKoKQ%2B5sbijuSSTLr0g26oJsNrR4mlBwx0WyUMzCyYGydn05lY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3c1a15be356c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J | 188.114.97.1 | 200 OK | 34 kB |
URL User Request GET HTTP/21scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subject1scotiaonlinehelp.com FingerprintB3:2E:FE:71:B4:91:80:C6:73:EE:70:B4:EE:22:9F:9B:1A:97:B4:32 ValiditySat, 27 Apr 2024 19:22:40 GMT - Fri, 26 Jul 2024 19:22:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Scotiabank |
GET /views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J HTTP/1.1
Host: 1scotiaonlinehelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 22:40:53 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=lnduri177fmr4m3olu48s2lu7u; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w9fbUtbHmnOAYL7U5LO8NmBJrWjnoZVwTeNbufopJsvDri0WundoUBNhPp0CpQ2UG1st7e6Djp%2FQVKuAYDwg5ZMk3OfXh2cxlPzXO6o5%2F%2FGG9O4fp3WPgoZZkz1wzZ9DfDGt2Yihgbk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3c15daeaa0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 1scotiaonlinehelp.com/views/go/assets/files/7c428f63a00e5bd025fa159e8c94389f.svg | 188.114.97.1 | 200 OK | 537 B |
URL GET HTTP/31scotiaonlinehelp.com/views/go/assets/files/7c428f63a00e5bd025fa159e8c94389f.svg IP188.114.97.1:443
Requested byhttps://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J CertificateIssuerLet's Encrypt Subject1scotiaonlinehelp.com FingerprintB3:2E:FE:71:B4:91:80:C6:73:EE:70:B4:EE:22:9F:9B:1A:97:B4:32 ValiditySat, 27 Apr 2024 19:22:40 GMT - Fri, 26 Jul 2024 19:22:39 GMT
File typeSVG Scalable Vector Graphics image Hash21964c75c9df207aaa6ced01ca0e9e2e 6e16dc09cb3b133f5cc0dc8ef94122b9cfa07910 a8a8077f949904335cd10ef2a80db51b2ce0ce4874f1b84b6052bcbe2fbe3358
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Scotiabank |
GET /views/go/assets/files/7c428f63a00e5bd025fa159e8c94389f.svg HTTP/1.1
Host: 1scotiaonlinehelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J
Cookie: PHPSESSID=lnduri177fmr4m3olu48s2lu7u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:40:53 GMT
content-type: image/svg+xml
last-modified: Thu, 02 May 2024 05:53:17 GMT
etag: W/"66332a4d-219"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJU4PPOWyWgHYAHC1xaqgX7PSTzO4RYcQ93%2BM21SscP1UwwEiD%2BekTYgff%2BsDeStBjTvJsFGvDfJPPBEL3EO8oqjBeO9SxLeFnn8FDv%2FH8348u7FwdP5Y8X0a8BZ0iu9B%2FK2XMde1zg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3c16078d956c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1scotiaonlinehelp.com/app/php/check_activity.php | 188.114.97.1 | 200 OK | 349 B |
URL POST HTTP/31scotiaonlinehelp.com/app/php/check_activity.php IP188.114.97.1:443
Requested byhttps://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J CertificateIssuerLet's Encrypt Subject1scotiaonlinehelp.com FingerprintB3:2E:FE:71:B4:91:80:C6:73:EE:70:B4:EE:22:9F:9B:1A:97:B4:32 ValiditySat, 27 Apr 2024 19:22:40 GMT - Fri, 26 Jul 2024 19:22:39 GMT
File typeASCII text, with very long lines (362), with no line terminators Hashc5558550aea0525551ceeeb9af2a7c30 1ff25fb5b973a623905e086e15b375d5f5042571 26e97ede5bfc792c8b08397bcd833cbdfadef06f8897fe51f7b635d0b9cd8c70
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Scotiabank |
POST /app/php/check_activity.php HTTP/1.1
Host: 1scotiaonlinehelp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 232
Origin: https://1scotiaonlinehelp.com
DNT: 1
Connection: keep-alive
Referer: https://1scotiaonlinehelp.com/views/go/start.php?sslchannel=true&sessionid=lm0LFChKvhNoDYAcLOh8uo0UKN8pl29Wq3SbAKyTNfueXxi2qW5luISvb5jvIhUGYVYTj4vlzkdlu3ycWk8h8vagBDyfPJvFdqL4zb0zNF2SYpkBXcoCQKNlWf7rIJVZ5J
Cookie: PHPSESSID=lnduri177fmr4m3olu48s2lu7u
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:40:55 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mk83I5ul85HMxnJKLDmO3NKiqRvtxDAy%2Bo%2Byo5dkHBuvbLHSBwMsxiR1jILES9qxXjh4GJOUGgU5LpRaEhGh0s8FK641b%2F%2Frxo8XGRkX72W6sSB14HmM0SppCc1VW2koxRmHoXOBZQQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3c162da9956c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|