| danielmartinsassessoria.com.br/jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB | 50.116.87.44 | 200 OK | 0 B |
URL GET HTTP/2danielmartinsassessoria.com.br/jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB IP50.116.87.44:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerLet's Encrypt Subject*.danielmartinsassessoria.com.br FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6 ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:36 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| danielmartinsassessoria.com.br/main.cafb241d85447b367d0c.chunk.js | 50.116.87.44 | 200 OK | 0 B |
URL GET HTTP/2danielmartinsassessoria.com.br/main.cafb241d85447b367d0c.chunk.js IP50.116.87.44:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerLet's Encrypt Subject*.danielmartinsassessoria.com.br FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6 ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /main.cafb241d85447b367d0c.chunk.js HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:36 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| danielmartinsassessoria.com.br/runtime.28b2f6d6a26212c51af2.js | 50.116.87.44 | 200 OK | 0 B |
URL GET HTTP/2danielmartinsassessoria.com.br/runtime.28b2f6d6a26212c51af2.js IP50.116.87.44:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerLet's Encrypt Subject*.danielmartinsassessoria.com.br FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6 ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /runtime.28b2f6d6a26212c51af2.js HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:36 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| danielmartinsassessoria.com.br/resource-loader.js | 50.116.87.44 | 200 OK | 0 B |
URL GET HTTP/2danielmartinsassessoria.com.br/resource-loader.js IP50.116.87.44:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerLet's Encrypt Subject*.danielmartinsassessoria.com.br FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6 ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /resource-loader.js HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:36 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| danielmartinsassessoria.com.br/styles.ef875488df3637535e09.css | 50.116.87.44 | 200 OK | 0 B |
URL GET HTTP/2danielmartinsassessoria.com.br/styles.ef875488df3637535e09.css IP50.116.87.44:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerLet's Encrypt Subject*.danielmartinsassessoria.com.br FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6 ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /styles.ef875488df3637535e09.css HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:36 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| danielmartinsassessoria.com.br/assets/8fd30bd010d9e2c7677ec339685f958b.woff | 50.116.87.44 | 200 OK | 0 B |
URL GET HTTP/2danielmartinsassessoria.com.br/assets/8fd30bd010d9e2c7677ec339685f958b.woff IP50.116.87.44:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerLet's Encrypt Subject*.danielmartinsassessoria.com.br FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6 ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /assets/8fd30bd010d9e2c7677ec339685f958b.woff HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:36 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js | 104.66.122.200 | 200 OK | 68 kB |
URL GET HTTP/1.1dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js IP104.66.122.200:443
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerEntrust, Inc. Subjectapps.scotiabank.com Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88 ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT
File typeJavaScript source, ASCII text, with very long lines (32757) Hashe5954bafa35e730bc024902bc607bd1f c9e02b8d41693266321ccf5df2f195600a700487 432bdcaeac556841bbcae2c2573562ecdd13161fe8fc121fa4e5dc18ec37e707
GET /launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "661438e0-3f579"
Last-Modified: Mon, 08 Apr 2024 18:35:12 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: 773864d7-2485-4256-5a57-f15ba41a0207
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 67765
Date: Sat, 04 May 2024 11:25:37 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
|
|
| dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js | 104.66.122.200 | 200 OK | 13 kB |
URL GET HTTP/1.1dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js IP104.66.122.200:443
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerEntrust, Inc. Subjectapps.scotiabank.com Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88 ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT
File typeJavaScript source, ASCII text, with very long lines (32730) Hash208eb534ea01036a4fca64e6715ccf3f 90c85649634ff5a627023668b2e10fa01cf30315 6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
GET /launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "661438ab-8996"
Last-Modified: Mon, 08 Apr 2024 18:34:19 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: e61856c7-d650-42dc-532c-9003683bddfd
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 12687
Date: Sat, 04 May 2024 11:25:37 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
|
|
| dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js | 104.66.122.200 | 200 OK | 1.6 kB |
URL GET HTTP/1.1dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js IP104.66.122.200:443
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerEntrust, Inc. Subjectapps.scotiabank.com Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88 ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT
File typeJavaScript source, ASCII text, with very long lines (3138) Hashf1e098a5dd836ea5fc9726c429c8d71d 9b9371eb2d68b1e71063cf9f848baa07347511ca bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
GET /launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "661438ab-cd4"
Last-Modified: Mon, 08 Apr 2024 18:34:19 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: 566d5112-7b3e-4a90-4e42-51eb2dd04904
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 1597
Date: Sat, 04 May 2024 11:25:37 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
|
|
| dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js | 104.66.122.200 | 200 OK | 6.8 kB |
URL GET HTTP/1.1dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js IP104.66.122.200:443
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerEntrust, Inc. Subjectapps.scotiabank.com Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88 ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT
File typeJavaScript source, ASCII text, with very long lines (21066) Hashcf426cd1788c8356ee58c7abf14c38be 609b5a8f0b4c7b5d3d955152a76db699d0eb5382 6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
GET /aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "6556797d-524b"
Last-Modified: Thu, 16 Nov 2023 20:20:13 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: e8ed5c2b-47b3-46ef-7fd0-80e5a726ad83
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 6793
Date: Sat, 04 May 2024 11:25:37 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
|
|
| danielmartinsassessoria.com.br/assets/50805f331bb1b697aafb6f0c28b09212.woff2 | 50.116.87.44 | 200 OK | 0 B |
URL GET HTTP/2danielmartinsassessoria.com.br/assets/50805f331bb1b697aafb6f0c28b09212.woff2 IP50.116.87.44:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerLet's Encrypt Subject*.danielmartinsassessoria.com.br FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6 ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /assets/50805f331bb1b697aafb6f0c28b09212.woff2 HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:37 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| ocsp.entrust.net/ | 184.24.45.171 | | 1.6 kB |
IP184.24.45.171:0
Hash318cc7d8ccbd9f154f7b08bca4df5320 27d437b5ca82b663c36ff30c88d136efe079fe25 ff3318f327e8aa138fd9ecdd27d48ab9cadbf70d0cf3678a9084a8e1a1871579
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "FF3318F327E8AA138FD9ECDD27D48AB9CADBF70D0CF3678A9084A8E1A1871579"
Last-Modified: Fri, 03 May 2024 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2479
Expires: Sat, 04 May 2024 12:06:56 GMT
Date: Sat, 04 May 2024 11:25:37 GMT
Connection: keep-alive
|
|
| somniture.scotiabank.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=86373931191423298595723151310795817229&ts=1714821937369 | 63.140.62.27 | 200 OK | 48 B |
URL GET HTTP/2somniture.scotiabank.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=86373931191423298595723151310795817229&ts=1714821937369 IP63.140.62.27:443
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerEntrust, Inc. Subjectsomniture.scotiabank.com FingerprintF2:96:F0:FC:08:90:5F:AC:1D:FE:74:A6:47:5F:DC:1E:0E:61:D7:1E ValidityMon, 21 Aug 2023 20:22:41 GMT - Sat, 21 Sep 2024 20:22:40 GMT
Hash06903a8473fb6388e89bb0a63a753d8f 11ed427b997c69435fe55393661dbeefddd03905 15bef47c85e4dc5f41f479caca3aaa1fece6aaeeae270817230cce76d4ab7cce
GET /id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=86373931191423298595723151310795817229&ts=1714821937369 HTTP/1.1
Host: somniture.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://danielmartinsassessoria.com.br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://danielmartinsassessoria.com.br
access-control-allow-credentials: true
date: Sat, 04 May 2024 11:25:37 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C86373931191423298595723151310795817229; Path=/; Domain=scotiabank.com; Max-Age=63072000; Expires=Mon, 04 May 2026 11:25:25 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| danielmartinsassessoria.com.br/assets/8fd30bd010d9e2c7677ec339685f958b.woff | 50.116.87.44 | 200 OK | 0 B |
URL GET HTTP/2danielmartinsassessoria.com.br/assets/8fd30bd010d9e2c7677ec339685f958b.woff IP50.116.87.44:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerLet's Encrypt Subject*.danielmartinsassessoria.com.br FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6 ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /assets/8fd30bd010d9e2c7677ec339685f958b.woff HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Cookie: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19848%7CMCMID%7C86373931191423298595723151310795817229%7CvVersion%7C5.5.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:37 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json | 104.66.122.200 | 200 OK | 1.7 kB |
URL GET HTTP/1.1dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json IP104.66.122.200:443
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerEntrust, Inc. Subjectapps.scotiabank.com Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88 ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT
Hasha5c83dd0c55b426a3c30b19e3a9995a0 59b982ba2cb9efd68339d546486096e553ea4b20 de125b3c6b2e6c0d7aafdca50a9d0324506829b4497bc099c167fc7d1c2fe806
GET /aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://danielmartinsassessoria.com.br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/plain
ETag: "6556797d-129c"
Last-Modified: Thu, 16 Nov 2023 20:20:13 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: 91b03c40-c76f-44ff-787c-f097dc4b1387
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sat, 04 May 2024 11:25:37 GMT
Content-Length: 1663
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: _abck=FE8A928DA59FEB5B1107CA2818462BAF~-1~YAAQFloDFxDPxSmPAQAAEDtaQwskH5AaB0Dnu9cEyh+l5xzeRLUHWGNNy7JAfgdThg6vy9m0d+myQkvji528PVIbW3h0IVMQhhoMuW6BPtlGaQdN/YemYojaSV96O2lhwHgDRJxkrN+rYO961wAFkKkimRIC5OIRxGWjkBFZ6JGdwa7ztQ1WaNIMNUZ1EVNqfL404TVoIwneh1948Za88O/TntZZ6RCnSM3UFOy013IrzCeK9fw5OMbVF8NkLnTCxvpeDdzV8mY7f1vHx0zdWVocfVxhorrpMIWDGMQ7Us1QVbBLSBrs6uLS2enpbkLhbMVu/GXLCbwRp8UL9xI5SfY5sx4yHnmLa088ForBRdYS9V0VWDB76kClULA5Hl/sI2/XnooSamV7lo8=~-1~-1~-1; Domain=.scotiabank.com; Path=/; Expires=Sun, 04 May 2025 11:25:37 GMT; Max-Age=31536000; Secure
ak_bmsc=08458FB061CBBB93B87C8EFD855CE5E0~000000000000000000000000000000~YAAQFloDFxHPxSmPAQAAEDtaQxeJZPKrj7eUyhGej5muA2jwr+wLMG3ZCyT2GvSBn3vMlUUmNx5iUXjo15LAkzicjs+hJrJ5FGXr5rqJuNtKF0MwfnMVNX8IP5FgqscLhnr5SjAFk4gDp01CcJHY0eA3BSn0SoOzen5kRb2iU9zyffXoCAdDwWCf9kuktgKgkyHJBRXDeVWZ2gJ/RjPisjOJer5J0gl2e9xk2I3NX81eSwR0crOj7548GUFotVeMXiULr1UFOZfCuE0WaU5ZRDJbPBjPZEGNUVXDLnrUXY5IzjuUU4Hrmi5fmDSQLbN4lxZzQyv4QGddIL1ABOHnu/TGlmIXnOeOcydojRmQLfGYhc4sVPXEQzmDGyp2UD+/uLRM; Domain=.scotiabank.com; Path=/; Expires=Sat, 04 May 2024 13:25:37 GMT; Max-Age=7200; HttpOnly
bm_sz=A9CF03D5769E21F895B9A07FDC7AD431~YAAQFloDFxLPxSmPAQAAEDtaQxdMn6/S/mzV618RPh3O4mbaMRboINH6JabCfpfMjVEaHIeaUY8viEDL+HpvkC7z/HZqTqWb3F64U6PXahCvfTxYBoMTIt+ex5vIkioE7Z+k6YludiyOTTJi7h2AoFudox2wt/ux955DI3CcBcVfgngW6kbrGqDTVSLyhVkZ9rFY+9Y8qSJJdOT6FZtMMeeG41XIbLkiPciR9DTGDf5qC5B0nR+/FaEXxHtH6eDmb8sKo0GMr6r4n2t6J9AYSMcEKlXF05OxiszarShMLW+Zu07CM5GKiMzThR/gq4fyILzQ00WRr1unDjSNw2JjZ46PIw0k0kGgsaQtZvf5jVM=~3228984~3223875; Domain=.scotiabank.com; Path=/; Expires=Sat, 04 May 2024 15:25:37 GMT; Max-Age=14400
|
|
| danielmartinsassessoria.com.br/assets/50805f331bb1b697aafb6f0c28b09212.woff2 | 50.116.87.44 | 200 OK | 0 B |
URL GET HTTP/2danielmartinsassessoria.com.br/assets/50805f331bb1b697aafb6f0c28b09212.woff2 IP50.116.87.44:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerLet's Encrypt Subject*.danielmartinsassessoria.com.br FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6 ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /assets/50805f331bb1b697aafb6f0c28b09212.woff2 HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Cookie: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19848%7CMCMID%7C86373931191423298595723151310795817229%7CMCAID%7CNONE%7CMCOPTOUT-1714829137s%7CNONE%7CvVersion%7C5.5.0; AMCVS_0AAF22CE52827A080A490D4D%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:37 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| danielmartinsassessoria.com.br/favicon.ico | 50.116.87.44 | 200 OK | 0 B |
URL GET HTTP/2danielmartinsassessoria.com.br/favicon.ico IP50.116.87.44:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerLet's Encrypt Subject*.danielmartinsassessoria.com.br FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6 ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /favicon.ico HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Cookie: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19848%7CMCMID%7C86373931191423298595723151310795817229%7CMCAID%7CNONE%7CMCOPTOUT-1714829137s%7CNONE%7CvVersion%7C5.5.0; AMCVS_0AAF22CE52827A080A490D4D%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 11:25:38 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 54.230.218.11 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP54.230.218.11:0
Hashd9dfa21bc3fa6ec2882460b95172c141 26b7da8a968b2f7e1a04212f80e9e179dfe18425 d173c5f9ed616b97555a4214e1d61a9cf570b926a6bbbd6de3e098c2de9fb777
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 11:25:38 GMT
Last-Modified: Sat, 04 May 2024 10:15:18 GMT
Server: ECAcc (amb/6B67)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XZA0EwCA2C_cP872wLUUUvONUqEQMpsy8tgpa_IqAipYsTtCWzRwqA==
Age: 4220
|
|
| dlslhpkfqfglo.cloudfront.net/cdn/cd/gwf | 143.204.42.72 | 200 OK | 6.1 kB |
URL POST HTTP/2dlslhpkfqfglo.cloudfront.net/cdn/cd/gwf IP143.204.42.72:443
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashd89c324741aebf133a9b33ee0a73b994 48a3c617bc50f55871aaff753ca628b613aee1ee 5d89454a398c3696a2c876f2679839468aa8cd9ef846afb836cbdb57da4dbf2a
POST /cdn/cd/gwf HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 981
Origin: https://danielmartinsassessoria.com.br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
date: Sat, 04 May 2024 11:25:39 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-origin: https://danielmartinsassessoria.com.br
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pXipc7N73XbySmrUoc4hQVTriT_I88a9mQewMZZFgKsg7GxVjJ6Low==
X-Firefox-Spdy: h2
|
|
| dlslhpkfqfglo.cloudfront.net/cdn/cd/gpk?orgID=81f541cd2f4ea9c2908b9e39b03e0a80 | 143.204.42.72 | 200 OK | 767 B |
URL GET HTTP/2dlslhpkfqfglo.cloudfront.net/cdn/cd/gpk?orgID=81f541cd2f4ea9c2908b9e39b03e0a80 IP143.204.42.72:443
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (775), with no line terminators Hash52300238c7aa600c8f27d6c23f8f3f6f ce6b1815177d77af4d326b993531e07a66de478e d3373a03cdc388b5c74279490bd3eb5c1020575bb7aa59bb4e310580d58d5c40
GET /cdn/cd/gpk?orgID=81f541cd2f4ea9c2908b9e39b03e0a80 HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://danielmartinsassessoria.com.br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
date: Fri, 03 May 2024 18:12:14 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-origin: https://danielmartinsassessoria.com.br
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: G8YXvJOtGEa7aV9F1cBj3JAvvYGgF8GdM_DAyxpjpOhwZBbCVLka9g==
age: 62004
X-Firefox-Spdy: h2
|
|
| assets/images/%20.jpg | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/%20.jpg HTTP/1.1
Host: assets
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ | 50.116.87.44 | 200 OK | 102 kB |
URL User Request GET HTTP/2danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ IP50.116.87.44:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
CertificateIssuerLet's Encrypt Subject*.danielmartinsassessoria.com.br FingerprintE9:AC:E9:67:50:85:16:FA:C5:15:41:41:6B:26:09:52:80:5A:C0:E6 ValiditySun, 24 Mar 2024 14:29:52 GMT - Sat, 22 Jun 2024 14:29:51 GMT
Size102 kB (101816 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /sc/NOVASCOT/0e034/ HTTP/1.1
Host: danielmartinsassessoria.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Sat, 04 May 2024 10:29:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
date: Sat, 04 May 2024 11:25:36 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| dlslhpkfqfglo.cloudfront.net/cdn/cd/l | 143.204.42.72 | 200 OK | 88 B |
URL POST HTTP/2dlslhpkfqfglo.cloudfront.net/cdn/cd/l IP143.204.42.72:443
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash0ffff3cc22fcf9f8f91923c54a570d45 2e5e5bb5d43dabbf1d0f1d3bd34332b2938effa8 39500caf3e91131ad9aeaaa67c8cbecf9dcaa35996015ba8ef166b6c1aaa344a
POST /cdn/cd/l HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 993
Origin: https://danielmartinsassessoria.com.br
DNT: 1
Connection: keep-alive
Referer: https://danielmartinsassessoria.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
content-length: 88
date: Sat, 04 May 2024 11:25:39 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-origin: https://danielmartinsassessoria.com.br
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MzkNqX0SIZ5Da9j9WNA-6jPbWG-SQ53CVzj-zUrEpyQTqc1SQ55f9A==
X-Firefox-Spdy: h2
|
|
| dlslhpkfqfglo.cloudfront.net/cdn/ca/mutha-scotia-wrapper.min.js | 143.204.42.72 | 200 OK | 5.1 kB |
URL GET HTTP/2dlslhpkfqfglo.cloudfront.net/cdn/ca/mutha-scotia-wrapper.min.js IP143.204.42.72:443
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (5813), with no line terminators Hashdef0fdfb38fb2897aca04aff080f055a 0eb9d645aa872829da00a9941f279289e34ec39d 2696bfd4fef5072d4dfbfa735d123e69470e1116cea8f739b155df4e7a8750d2
GET /cdn/ca/mutha-scotia-wrapper.min.js HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://danielmartinsassessoria.com.br/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 03 May 2024 18:12:12 GMT
server: nginx/1.18.0 (Ubuntu)
set-cookie: aphishCookie-1714759932585-SCOTIA=0; Max-Age=60; Expires=Fri, 03 May 2024 18:13:12 GMT; SameSite=None; Path=/; Secure
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vP_rGxsorzt-hX5v_V396czRt4LPIvWeI0eT3OfNucbQ3paZyShkhg==
age: 62004
X-Firefox-Spdy: h2
|
|
| dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js | 143.204.42.72 | 200 OK | 2.4 MB |
URL GET HTTP/2dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js IP143.204.42.72:443
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
Size2.4 MB (2448888 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/ca/jquery-3.6.1.min.js HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://danielmartinsassessoria.com.br/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 03 May 2024 18:12:13 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6EbLLj5rp915XAociXntwzflCMaiKRp-ojG2zSu2s1ut8Il_MQRX0Q==
age: 62005
X-Firefox-Spdy: h2
|
|
| csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/cdn/cd/csframe.html | 18.202.90.231 | 200 OK | 2.6 kB |
URL GET HTTP/2csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/cdn/cd/csframe.html IP18.202.90.231:443
Requested byhttps://danielmartinsassessoria.com.br/sc/NOVASCOT/0e034/ CertificateIssuerAmazon Subject*.memcyco.com FingerprintDC:2A:FA:45:92:DC:C8:0C:1D:66:96:34:6A:FC:E1:4F:09:ED:40:3E ValiditySun, 25 Feb 2024 00:00:00 GMT - Tue, 25 Mar 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (2876), with no line terminators Hash0d5c8d9c1cf625be880f87d6f071d845 4890153d870cd9694b8068932509376013fff605 46f092fc499a2cb8358e39972167fa44134a99a9d38ea1fe9fabc10711216c9c
GET /cdn/cd/csframe.html HTTP/1.1
Host: csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://danielmartinsassessoria.com.br/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 11:25:38 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=NfGAXXVP95eBdcjDQ8hE/zxLQFASA0ghuaDJYmvKppr/hoi8rdCVLIAbeSfAKJ+8UXlRlkhJkT9P8G08lz9j3yYSEb/rGx6cdi5r5YnLD70lGDO/rkxK694IqBNg; Expires=Sat, 11 May 2024 11:25:38 GMT; Path=/
AWSALBCORS=NfGAXXVP95eBdcjDQ8hE/zxLQFASA0ghuaDJYmvKppr/hoi8rdCVLIAbeSfAKJ+8UXlRlkhJkT9P8G08lz9j3yYSEb/rGx6cdi5r5YnLD70lGDO/rkxK694IqBNg; Expires=Sat, 11 May 2024 11:25:38 GMT; Path=/; SameSite=None; Secure
server: nginx/1.23.3
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
content-encoding: gzip
X-Firefox-Spdy: h2
|
|