Report - danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/

Report Overview

Submitted URL
danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
IP
50.116.87.44
ASN
#19871 NETWORK-SOLUTIONS-HOSTING
Submitted
2024-05-04 11:26:02
Access
public
Website Title
Sign in | Scotiabank
Final URL
danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Tags
scotiabank financial phishing
urlquery detections
Phishing - Scotiabank

Detections

urlquery
12
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.entrust.net	1208	1997-07-28	2014-01-10	2024-05-03	328 B	2.0 kB	184.24.45.171
somniture.scotiabank.com	112065	1996-04-09	2012-11-14	2023-12-01	646 B	735 B	63.140.62.27
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-03	338 B	942 B	54.230.218.11
dlslhpkfqfglo.cloudfront.net	unknown	2008-04-25	2023-08-30	2024-04-09	2.5 kB	2.5 MB	143.204.42.72
assets	597867	unknown	2015-06-13	2020-07-15	433 B	0 B	0.0.0.0
csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com	unknown	2021-08-01	2023-09-13	2024-01-15	572 B	3.3 kB	18.202.90.231
danielmartinsassessoria.com.br	unknown	unknown	No data	No data	6.3 kB	104 kB	50.116.87.44
dmtags.scotiabank.com	238686	1996-04-09	2019-04-29	2023-12-01	2.6 kB	96 kB	104.66.122.200

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	assets	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/	169 B	2024-05-01	2024-05-09
Pretty URL danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ IP 50.116.87.44 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-01 03:41:16 Last Seen2024-05-09 08:50:56 Times Seen176 Hash c6688024f007698831b2e4744a7ab707 f278b1dea5459c97e08465f66d1f8406716a75be 16b62b7805d97f47aed8b3c4f8bb3c8234bed8bfbbb7e88481035630a52cfa45 Loading...

	danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/	8.0 kB	2024-05-01	2024-05-09
Pretty URL danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ IP 50.116.87.44 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-01 03:41:17 Last Seen2024-05-09 08:50:56 Times Seen176 Hash 4b04be71901ffe5eeadf24da47a35b15 b2b4d4068246bd8d384807a57d2bd5a54eb85ef0 9eaaa8ff1906895e150fc5fbe39933a1b07b45602e242300cbbaccbdd052436f Loading...

	danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/	114 B	2024-05-01	2024-05-09
Pretty URL danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ IP 50.116.87.44 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-01 03:41:17 Last Seen2024-05-09 08:50:56 Times Seen163 Hash fd115c7b909727a3bc64ffcdcc4e1465 6846c005ef292456943403516b0b170672bd81fb 5fec99d156d4af2c4a5fb238b23cb3abe3e0f9fd8cdfffc2f0855b2604a7724d Loading...

	dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js	35 kB	2023-09-20	2024-05-17
Pretty URL dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js IP 104.66.122.200 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 09:29:32 Last Seen2024-05-17 23:56:48 Times Seen1548 Hash 208eb534ea01036a4fca64e6715ccf3f 90c85649634ff5a627023668b2e10fa01cf30315 6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf Loading...

	dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js	21 kB	2023-10-31	2024-05-09
Pretty URL dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js IP 104.66.122.200 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-31 04:12:59 Last Seen2024-05-09 08:50:56 Times Seen6808 Hash cf426cd1788c8356ee58c7abf14c38be 609b5a8f0b4c7b5d3d955152a76db699d0eb5382 6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16 Loading...

	danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/	25 kB	2024-05-01	2024-05-09
Pretty URL danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ IP 50.116.87.44 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-01 03:41:17 Last Seen2024-05-09 08:50:56 Times Seen163 Hash 32915e03f94b3dde36966fa16f09ebb4 e187cdb275e429d696c5a794497db069a8e48426 dac0f6c4f22c620c1a1cf58dcdbcf64e78c57299da355be6aeccb8aaaf6b8977 Loading...

	dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js	259 kB	2024-05-01	2024-05-09
Pretty URL dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js IP 104.66.122.200 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 03:41:17 Last Seen2024-05-09 08:50:56 Times Seen352 Hash e5954bafa35e730bc024902bc607bd1f c9e02b8d41693266321ccf5df2f195600a700487 432bdcaeac556841bbcae2c2573562ecdd13161fe8fc121fa4e5dc18ec37e707 Loading...

	dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js	3.3 kB	2023-09-20	2024-05-17
Pretty URL dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js IP 104.66.122.200 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 09:29:32 Last Seen2024-05-17 23:56:48 Times Seen1311 Hash f1e098a5dd836ea5fc9726c429c8d71d 9b9371eb2d68b1e71063cf9f848baa07347511ca bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8 Loading...

	danielmartinsassessoria.com.br/runtime.28b2f6d6a26212c51af2.js	0 B	2023-03-07	2024-05-18
Pretty URL danielmartinsassessoria.com.br/runtime.28b2f6d6a26212c51af2.js IP 50.116.87.44 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 08:59:17 Times Seen37777134 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	dlslhpkfqfglo.cloudfront.net/cdn/ca/mutha-scotia-wrapper.min.js	5.1 kB	2024-05-01	2024-05-09
Pretty URL dlslhpkfqfglo.cloudfront.net/cdn/ca/mutha-scotia-wrapper.min.js IP 143.204.42.72 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 03:41:17 Last Seen2024-05-09 08:50:56 Times Seen167 Hash 557b54e8deceb5ce8edbf8676c5a3cf0 4ca2d0e27c87536c561f4b50ac92c8f181450a24 416d9db2d794e184d13131d8fb84940dc4727c158281734eae4120a8637e96d0 Loading...

	dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js	2.4 MB	2024-05-01	2024-05-09
Pretty URL dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js IP 143.204.42.72 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 03:41:16 Last Seen2024-05-09 08:50:56 Times Seen171 Hash bc2e301ef03e451c268cc3fb283d0113 85fc788f55abd4ce09ae2f15969ec74a67027209 e24b45cf0914dc90c1a41f163118d8baf221ae51ca9c855d7da6071f15661ed6 Loading...

	unknown	3.2 kB	2024-05-01	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 03:41:16 Last Seen2024-05-09 08:50:56 Times Seen176 Hash 85d571a1d0b6748e09ced05d6bf9b146 89347e5a4fec83823f9dc2f0c6d7ea3772b05654 37c7d9a153646791579f135946bda00f7a8c0d38bc537bbcc2244d2fa613b10e Loading...

HTTP Transactions (26)

URL IP Response Size

danielmartinsassessoria.com.br/jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB

50.116.87.44

200 OK

0 B

URL GET HTTP/2
danielmartinsassessoria.com.br/jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB
IP
50.116.87.44:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerLet's Encrypt
Subject*.danielmartinsassessoria.com.br
FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6
ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Scotiabank

HTTP Headers

GET /jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:36 GMT
server: Apache
X-Firefox-Spdy: h2

danielmartinsassessoria.com.br/main.cafb241d85447b367d0c.chunk.js

50.116.87.44

200 OK

0 B

URL GET HTTP/2
danielmartinsassessoria.com.br/main.cafb241d85447b367d0c.chunk.js
IP
50.116.87.44:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerLet's Encrypt
Subject*.danielmartinsassessoria.com.br
FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6
ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Scotiabank

HTTP Headers

GET /main.cafb241d85447b367d0c.chunk.js HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:36 GMT
server: Apache
X-Firefox-Spdy: h2

danielmartinsassessoria.com.br/runtime.28b2f6d6a26212c51af2.js

50.116.87.44

200 OK

0 B

URL GET HTTP/2
danielmartinsassessoria.com.br/runtime.28b2f6d6a26212c51af2.js
IP
50.116.87.44:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerLet's Encrypt
Subject*.danielmartinsassessoria.com.br
FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6
ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Scotiabank

HTTP Headers

GET /runtime.28b2f6d6a26212c51af2.js HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:36 GMT
server: Apache
X-Firefox-Spdy: h2

danielmartinsassessoria.com.br/resource-loader.js

50.116.87.44

200 OK

0 B

URL GET HTTP/2
danielmartinsassessoria.com.br/resource-loader.js
IP
50.116.87.44:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerLet's Encrypt
Subject*.danielmartinsassessoria.com.br
FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6
ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Scotiabank

HTTP Headers

GET /resource-loader.js HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:36 GMT
server: Apache
X-Firefox-Spdy: h2

danielmartinsassessoria.com.br/styles.ef875488df3637535e09.css

50.116.87.44

200 OK

0 B

URL GET HTTP/2
danielmartinsassessoria.com.br/styles.ef875488df3637535e09.css
IP
50.116.87.44:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerLet's Encrypt
Subject*.danielmartinsassessoria.com.br
FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6
ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Scotiabank

HTTP Headers

GET /styles.ef875488df3637535e09.css HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:36 GMT
server: Apache
X-Firefox-Spdy: h2

danielmartinsassessoria.com.br/assets/8fd30bd010d9e2c7677ec339685f958b.woff

50.116.87.44

200 OK

0 B

URL GET HTTP/2
danielmartinsassessoria.com.br/assets/8fd30bd010d9e2c7677ec339685f958b.woff
IP
50.116.87.44:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerLet's Encrypt
Subject*.danielmartinsassessoria.com.br
FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6
ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Scotiabank

HTTP Headers

GET /assets/8fd30bd010d9e2c7677ec339685f958b.woff HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:36 GMT
server: Apache
X-Firefox-Spdy: h2

dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js

104.66.122.200

200 OK

68 kB

URL GET HTTP/1.1
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
IP
104.66.122.200:443
ASN
#16625 AKAMAI-AS

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerEntrust, Inc.
Subjectapps.scotiabank.com
Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88
ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT

File type
JavaScript source, ASCII text, with very long lines (32757)
Size
68 kB (67765 bytes)
Hash
e5954bafa35e730bc024902bc607bd1f
c9e02b8d41693266321ccf5df2f195600a700487
432bdcaeac556841bbcae2c2573562ecdd13161fe8fc121fa4e5dc18ec37e707

HTTP Headers

GET /launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "661438e0-3f579"
Last-Modified: Mon, 08 Apr 2024 18:35:12 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: 773864d7-2485-4256-5a57-f15ba41a0207
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 67765
Date: Sat, 04 May 2024 11:25:37 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js

104.66.122.200

200 OK

13 kB

URL GET HTTP/1.1
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
IP
104.66.122.200:443
ASN
#16625 AKAMAI-AS

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerEntrust, Inc.
Subjectapps.scotiabank.com
Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88
ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT

File type
JavaScript source, ASCII text, with very long lines (32730)
Size
13 kB (12687 bytes)
Hash
208eb534ea01036a4fca64e6715ccf3f
90c85649634ff5a627023668b2e10fa01cf30315
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

HTTP Headers

GET /launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "661438ab-8996"
Last-Modified: Mon, 08 Apr 2024 18:34:19 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: e61856c7-d650-42dc-532c-9003683bddfd
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 12687
Date: Sat, 04 May 2024 11:25:37 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js

104.66.122.200

200 OK

1.6 kB

URL GET HTTP/1.1
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js
IP
104.66.122.200:443
ASN
#16625 AKAMAI-AS

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerEntrust, Inc.
Subjectapps.scotiabank.com
Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88
ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT

File type
JavaScript source, ASCII text, with very long lines (3138)
Size
1.6 kB (1597 bytes)
Hash
f1e098a5dd836ea5fc9726c429c8d71d
9b9371eb2d68b1e71063cf9f848baa07347511ca
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8

HTTP Headers

GET /launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "661438ab-cd4"
Last-Modified: Mon, 08 Apr 2024 18:34:19 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: 566d5112-7b3e-4a90-4e42-51eb2dd04904
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 1597
Date: Sat, 04 May 2024 11:25:37 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js

104.66.122.200

200 OK

6.8 kB

URL GET HTTP/1.1
dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js
IP
104.66.122.200:443
ASN
#16625 AKAMAI-AS

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerEntrust, Inc.
Subjectapps.scotiabank.com
Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88
ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT

File type
JavaScript source, ASCII text, with very long lines (21066)
Size
6.8 kB (6793 bytes)
Hash
cf426cd1788c8356ee58c7abf14c38be
609b5a8f0b4c7b5d3d955152a76db699d0eb5382
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16

HTTP Headers

GET /aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "6556797d-524b"
Last-Modified: Thu, 16 Nov 2023 20:20:13 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: e8ed5c2b-47b3-46ef-7fd0-80e5a726ad83
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 6793
Date: Sat, 04 May 2024 11:25:37 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

danielmartinsassessoria.com.br/assets/50805f331bb1b697aafb6f0c28b09212.woff2

50.116.87.44

200 OK

0 B

URL GET HTTP/2
danielmartinsassessoria.com.br/assets/50805f331bb1b697aafb6f0c28b09212.woff2
IP
50.116.87.44:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerLet's Encrypt
Subject*.danielmartinsassessoria.com.br
FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6
ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Scotiabank

HTTP Headers

GET /assets/50805f331bb1b697aafb6f0c28b09212.woff2 HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:37 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.entrust.net/

184.24.45.171

1.6 kB

URL
ocsp.entrust.net/
IP
184.24.45.171:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
318cc7d8ccbd9f154f7b08bca4df5320
27d437b5ca82b663c36ff30c88d136efe079fe25
ff3318f327e8aa138fd9ecdd27d48ab9cadbf70d0cf3678a9084a8e1a1871579

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "FF3318F327E8AA138FD9ECDD27D48AB9CADBF70D0CF3678A9084A8E1A1871579"
Last-Modified: Fri, 03 May 2024 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2479
Expires: Sat, 04 May 2024 12:06:56 GMT
Date: Sat, 04 May 2024 11:25:37 GMT
Connection: keep-alive

somniture.scotiabank.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=86373931191423298595723151310795817229&ts=1714821937369

63.140.62.27

200 OK

48 B

URL GET HTTP/2
somniture.scotiabank.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=86373931191423298595723151310795817229&ts=1714821937369
IP
63.140.62.27:443
ASN
#16509 AMAZON-02

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerEntrust, Inc.
Subjectsomniture.scotiabank.com
FingerprintF2:96:F0:FC:08:90:5F:AC:1D:FE:74:A6:47:5F:DC:1E:0E:61:D7:1E
ValidityMon, 21 Aug 2023 20:22:41 GMT - Sat, 21 Sep 2024 20:22:40 GMT

File type
JSON text data
Size
48 B (48 bytes)
Hash
06903a8473fb6388e89bb0a63a753d8f
11ed427b997c69435fe55393661dbeefddd03905
15bef47c85e4dc5f41f479caca3aaa1fece6aaeeae270817230cce76d4ab7cce

HTTP Headers

GET /id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=86373931191423298595723151310795817229&ts=1714821937369 HTTP/1.1
Host: somniture.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://danielmartinsassessoria.com.br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://danielmartinsassessoria.com.br
access-control-allow-credentials: true
date: Sat, 04 May 2024 11:25:37 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C86373931191423298595723151310795817229; Path=/; Domain=scotiabank.com; Max-Age=63072000; Expires=Mon, 04 May 2026 11:25:25 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

danielmartinsassessoria.com.br/assets/8fd30bd010d9e2c7677ec339685f958b.woff

50.116.87.44

200 OK

0 B

URL GET HTTP/2
danielmartinsassessoria.com.br/assets/8fd30bd010d9e2c7677ec339685f958b.woff
IP
50.116.87.44:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerLet's Encrypt
Subject*.danielmartinsassessoria.com.br
FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6
ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Scotiabank

HTTP Headers

GET /assets/8fd30bd010d9e2c7677ec339685f958b.woff HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Cookie: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19848%7CMCMID%7C86373931191423298595723151310795817229%7CvVersion%7C5.5.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:37 GMT
server: Apache
X-Firefox-Spdy: h2

dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json

104.66.122.200

200 OK

1.7 kB

URL GET HTTP/1.1
dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json
IP
104.66.122.200:443
ASN
#16625 AKAMAI-AS

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerEntrust, Inc.
Subjectapps.scotiabank.com
Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88
ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT

File type
JSON text data
Size
1.7 kB (1663 bytes)
Hash
a5c83dd0c55b426a3c30b19e3a9995a0
59b982ba2cb9efd68339d546486096e553ea4b20
de125b3c6b2e6c0d7aafdca50a9d0324506829b4497bc099c167fc7d1c2fe806

HTTP Headers

GET /aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://danielmartinsassessoria.com.br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/plain
ETag: "6556797d-129c"
Last-Modified: Thu, 16 Nov 2023 20:20:13 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: 91b03c40-c76f-44ff-787c-f097dc4b1387
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sat, 04 May 2024 11:25:37 GMT
Content-Length: 1663
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: _abck=FE8A928DA59FEB5B1107CA2818462BAF~-1~YAAQFloDFxDPxSmPAQAAEDtaQwskH5AaB0Dnu9cEyh+l5xzeRLUHWGNNy7JAfgdThg6vy9m0d+myQkvji528PVIbW3h0IVMQhhoMuW6BPtlGaQdN/YemYojaSV96O2lhwHgDRJxkrN+rYO961wAFkKkimRIC5OIRxGWjkBFZ6JGdwa7ztQ1WaNIMNUZ1EVNqfL404TVoIwneh1948Za88O/TntZZ6RCnSM3UFOy013IrzCeK9fw5OMbVF8NkLnTCxvpeDdzV8mY7f1vHx0zdWVocfVxhorrpMIWDGMQ7Us1QVbBLSBrs6uLS2enpbkLhbMVu/GXLCbwRp8UL9xI5SfY5sx4yHnmLa088ForBRdYS9V0VWDB76kClULA5Hl/sI2/XnooSamV7lo8=~-1~-1~-1; Domain=.scotiabank.com; Path=/; Expires=Sun, 04 May 2025 11:25:37 GMT; Max-Age=31536000; Secure
ak_bmsc=08458FB061CBBB93B87C8EFD855CE5E0~000000000000000000000000000000~YAAQFloDFxHPxSmPAQAAEDtaQxeJZPKrj7eUyhGej5muA2jwr+wLMG3ZCyT2GvSBn3vMlUUmNx5iUXjo15LAkzicjs+hJrJ5FGXr5rqJuNtKF0MwfnMVNX8IP5FgqscLhnr5SjAFk4gDp01CcJHY0eA3BSn0SoOzen5kRb2iU9zyffXoCAdDwWCf9kuktgKgkyHJBRXDeVWZ2gJ/RjPisjOJer5J0gl2e9xk2I3NX81eSwR0crOj7548GUFotVeMXiULr1UFOZfCuE0WaU5ZRDJbPBjPZEGNUVXDLnrUXY5IzjuUU4Hrmi5fmDSQLbN4lxZzQyv4QGddIL1ABOHnu/TGlmIXnOeOcydojRmQLfGYhc4sVPXEQzmDGyp2UD+/uLRM; Domain=.scotiabank.com; Path=/; Expires=Sat, 04 May 2024 13:25:37 GMT; Max-Age=7200; HttpOnly
bm_sz=A9CF03D5769E21F895B9A07FDC7AD431~YAAQFloDFxLPxSmPAQAAEDtaQxdMn6/S/mzV618RPh3O4mbaMRboINH6JabCfpfMjVEaHIeaUY8viEDL+HpvkC7z/HZqTqWb3F64U6PXahCvfTxYBoMTIt+ex5vIkioE7Z+k6YludiyOTTJi7h2AoFudox2wt/ux955DI3CcBcVfgngW6kbrGqDTVSLyhVkZ9rFY+9Y8qSJJdOT6FZtMMeeG41XIbLkiPciR9DTGDf5qC5B0nR+/FaEXxHtH6eDmb8sKo0GMr6r4n2t6J9AYSMcEKlXF05OxiszarShMLW+Zu07CM5GKiMzThR/gq4fyILzQ00WRr1unDjSNw2JjZ46PIw0k0kGgsaQtZvf5jVM=~3228984~3223875; Domain=.scotiabank.com; Path=/; Expires=Sat, 04 May 2024 15:25:37 GMT; Max-Age=14400

danielmartinsassessoria.com.br/assets/50805f331bb1b697aafb6f0c28b09212.woff2

50.116.87.44

200 OK

0 B

URL GET HTTP/2
danielmartinsassessoria.com.br/assets/50805f331bb1b697aafb6f0c28b09212.woff2
IP
50.116.87.44:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerLet's Encrypt
Subject*.danielmartinsassessoria.com.br
FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6
ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Scotiabank

HTTP Headers

GET /assets/50805f331bb1b697aafb6f0c28b09212.woff2 HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Cookie: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19848%7CMCMID%7C86373931191423298595723151310795817229%7CMCAID%7CNONE%7CMCOPTOUT-1714829137s%7CNONE%7CvVersion%7C5.5.0; AMCVS_0AAF22CE52827A080A490D4D%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:37 GMT
server: Apache
X-Firefox-Spdy: h2

danielmartinsassessoria.com.br/favicon.ico

50.116.87.44

200 OK

0 B

URL GET HTTP/2
danielmartinsassessoria.com.br/favicon.ico
IP
50.116.87.44:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerLet's Encrypt
Subject*.danielmartinsassessoria.com.br
FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6
ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Scotiabank

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Cookie: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19848%7CMCMID%7C86373931191423298595723151310795817229%7CMCAID%7CNONE%7CMCOPTOUT-1714829137s%7CNONE%7CvVersion%7C5.5.0; AMCVS_0AAF22CE52827A080A490D4D%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:38 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
d9dfa21bc3fa6ec2882460b95172c141
26b7da8a968b2f7e1a04212f80e9e179dfe18425
d173c5f9ed616b97555a4214e1d61a9cf570b926a6bbbd6de3e098c2de9fb777

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 11:25:38 GMT
Last-Modified: Sat, 04 May 2024 10:15:18 GMT
Server: ECAcc (amb/6B67)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XZA0EwCA2C_cP872wLUUUvONUqEQMpsy8tgpa_IqAipYsTtCWzRwqA==
Age: 4220

dlslhpkfqfglo.cloudfront.net/cdn/cd/gwf

143.204.42.72

200 OK

6.1 kB

URL POST HTTP/2
dlslhpkfqfglo.cloudfront.net/cdn/cd/gwf
IP
143.204.42.72:443
ASN
#16509 AMAZON-02

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
6.1 kB (6113 bytes)
Hash
d89c324741aebf133a9b33ee0a73b994
48a3c617bc50f55871aaff753ca628b613aee1ee
5d89454a398c3696a2c876f2679839468aa8cd9ef846afb836cbdb57da4dbf2a

HTTP Headers

POST /cdn/cd/gwf HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 981
Origin: https://danielmartinsassessoria.com.br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
date: Sat, 04 May 2024 11:25:39 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-origin: https://danielmartinsassessoria.com.br
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pXipc7N73XbySmrUoc4hQVTriT_I88a9mQewMZZFgKsg7GxVjJ6Low==
X-Firefox-Spdy: h2

dlslhpkfqfglo.cloudfront.net/cdn/cd/gpk?orgID=81f541cd2f4ea9c2908b9e39b03e0a80

143.204.42.72

200 OK

767 B

URL GET HTTP/2
dlslhpkfqfglo.cloudfront.net/cdn/cd/gpk?orgID=81f541cd2f4ea9c2908b9e39b03e0a80
IP
143.204.42.72:443
ASN
#16509 AMAZON-02

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (775), with no line terminators
Size
767 B (767 bytes)
Hash
52300238c7aa600c8f27d6c23f8f3f6f
ce6b1815177d77af4d326b993531e07a66de478e
d3373a03cdc388b5c74279490bd3eb5c1020575bb7aa59bb4e310580d58d5c40

HTTP Headers

GET /cdn/cd/gpk?orgID=81f541cd2f4ea9c2908b9e39b03e0a80 HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://danielmartinsassessoria.com.br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json
date: Fri, 03 May 2024 18:12:14 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-origin: https://danielmartinsassessoria.com.br
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: G8YXvJOtGEa7aV9F1cBj3JAvvYGgF8GdM_DAyxpjpOhwZBbCVLka9g==
age: 62004
X-Firefox-Spdy: h2

assets/images/%20.jpg

0.0.0.0

0 B

URL GET
assets/images/%20.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/%20.jpg HTTP/1.1
Host: assets
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/

50.116.87.44

200 OK

102 kB

URL User Request GET HTTP/2
danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
IP
50.116.87.44:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Certificate
IssuerLet's Encrypt
Subject*.danielmartinsassessoria.com.br
FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6
ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT

File type

Size
102 kB (101816 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Scotiabank

HTTP Headers

GET /sc/NOVASCOT/0e034/ HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sat, 04 May 2024 10:29:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
date: Sat, 04 May 2024 11:25:36 GMT
server: Apache
X-Firefox-Spdy: h2

dlslhpkfqfglo.cloudfront.net/cdn/cd/l

143.204.42.72

200 OK

88 B

URL POST HTTP/2
dlslhpkfqfglo.cloudfront.net/cdn/cd/l
IP
143.204.42.72:443
ASN
#16509 AMAZON-02

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
88 B (88 bytes)
Hash
0ffff3cc22fcf9f8f91923c54a570d45
2e5e5bb5d43dabbf1d0f1d3bd34332b2938effa8
39500caf3e91131ad9aeaaa67c8cbecf9dcaa35996015ba8ef166b6c1aaa344a

HTTP Headers

POST /cdn/cd/l HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 993
Origin: https://danielmartinsassessoria.com.br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
content-length: 88
date: Sat, 04 May 2024 11:25:39 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-origin: https://danielmartinsassessoria.com.br
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MzkNqX0SIZ5Da9j9WNA-6jPbWG-SQ53CVzj-zUrEpyQTqc1SQ55f9A==
X-Firefox-Spdy: h2

dlslhpkfqfglo.cloudfront.net/cdn/ca/mutha-scotia-wrapper.min.js

143.204.42.72

200 OK

5.1 kB

URL GET HTTP/2
dlslhpkfqfglo.cloudfront.net/cdn/ca/mutha-scotia-wrapper.min.js
IP
143.204.42.72:443
ASN
#16509 AMAZON-02

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (5813), with no line terminators
Size
5.1 kB (5145 bytes)
Hash
def0fdfb38fb2897aca04aff080f055a
0eb9d645aa872829da00a9941f279289e34ec39d
2696bfd4fef5072d4dfbfa735d123e69470e1116cea8f739b155df4e7a8750d2

HTTP Headers

GET /cdn/ca/mutha-scotia-wrapper.min.js HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://danielmartinsassessoria.com.br/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 03 May 2024 18:12:12 GMT
server: nginx/1.18.0 (Ubuntu)
set-cookie: aphishCookie-1714759932585-SCOTIA=0; Max-Age=60; Expires=Fri, 03 May 2024 18:13:12 GMT; SameSite=None; Path=/; Secure
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vP_rGxsorzt-hX5v_V396czRt4LPIvWeI0eT3OfNucbQ3paZyShkhg==
age: 62004
X-Firefox-Spdy: h2

dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js

143.204.42.72

200 OK

2.4 MB

URL GET HTTP/2
dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js
IP
143.204.42.72:443
ASN
#16509 AMAZON-02

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type

Size
2.4 MB (2448888 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn/ca/jquery-3.6.1.min.js HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://danielmartinsassessoria.com.br/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 03 May 2024 18:12:13 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6EbLLj5rp915XAociXntwzflCMaiKRp-ojG2zSu2s1ut8Il_MQRX0Q==
age: 62005
X-Firefox-Spdy: h2

csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/cdn/cd/csframe.html

18.202.90.231

200 OK

2.6 kB

URL GET HTTP/2
csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/cdn/cd/csframe.html
IP
18.202.90.231:443
ASN
#16509 AMAZON-02

Requested by
https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Certificate
IssuerAmazon
Subject*.memcyco.com
FingerprintDC:2A:FA:45:92:DC:C8:0C:1D:66:96:34:6A:FC:E1:4F:09:ED:40:3E
ValiditySun, 25 Feb 2024 00:00:00 GMT - Tue, 25 Mar 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (2876), with no line terminators
Size
2.6 kB (2579 bytes)
Hash
0d5c8d9c1cf625be880f87d6f071d845
4890153d870cd9694b8068932509376013fff605
46f092fc499a2cb8358e39972167fa44134a99a9d38ea1fe9fabc10711216c9c

HTTP Headers

GET /cdn/cd/csframe.html HTTP/1.1
Host: csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://danielmartinsassessoria.com.br/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 11:25:38 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=NfGAXXVP95eBdcjDQ8hE/zxLQFASA0ghuaDJYmvKppr/hoi8rdCVLIAbeSfAKJ+8UXlRlkhJkT9P8G08lz9j3yYSEb/rGx6cdi5r5YnLD70lGDO/rkxK694IqBNg; Expires=Sat, 11 May 2024 11:25:38 GMT; Path=/
AWSALBCORS=NfGAXXVP95eBdcjDQ8hE/zxLQFASA0ghuaDJYmvKppr/hoi8rdCVLIAbeSfAKJ+8UXlRlkhJkT9P8G08lz9j3yYSEb/rGx6cdi5r5YnLD70lGDO/rkxK694IqBNg; Expires=Sat, 11 May 2024 11:25:38 GMT; Path=/; SameSite=None; Secure
server: nginx/1.23.3
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML