| guacari.com.co/resource-loader.js | 162.241.60.19 | 500 Internal Server Error | 668 B |
URL GET HTTP/2guacari.com.co/resource-loader.js IP162.241.60.19:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerLet's Encrypt Subjectguacari.com.co Fingerprint35:C0:E1:01:4B:BC:93:2C:1B:B6:66:87:7F:9E:6D:92:DD:63:88:8B ValidityMon, 04 Mar 2024 16:19:47 GMT - Sun, 02 Jun 2024 16:19:46 GMT
File typeHTML document, ASCII text Hashdd0588c52a56b99d7371484e1676467b 3dc2a3ca7c0d4b9ce8d4bc11c24a124097fcfaf7 201e2efcb1dfaa30a4a35b2bd3158ed80db0376ce0a13ddfe6a3e05decbe7901
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /resource-loader.js HTTP/1.1
Host: guacari.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/sc/NOVASCOT/63a3c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 668
content-type: text/html; charset=iso-8859-1
date: Sat, 04 May 2024 14:25:44 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| guacari.com.co/styles.ef875488df3637535e09.css | 162.241.60.19 | 500 Internal Server Error | 668 B |
URL GET HTTP/2guacari.com.co/styles.ef875488df3637535e09.css IP162.241.60.19:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerLet's Encrypt Subjectguacari.com.co Fingerprint35:C0:E1:01:4B:BC:93:2C:1B:B6:66:87:7F:9E:6D:92:DD:63:88:8B ValidityMon, 04 Mar 2024 16:19:47 GMT - Sun, 02 Jun 2024 16:19:46 GMT
File typeHTML document, ASCII text Hashdd0588c52a56b99d7371484e1676467b 3dc2a3ca7c0d4b9ce8d4bc11c24a124097fcfaf7 201e2efcb1dfaa30a4a35b2bd3158ed80db0376ce0a13ddfe6a3e05decbe7901
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /styles.ef875488df3637535e09.css HTTP/1.1
Host: guacari.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/sc/NOVASCOT/63a3c/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 668
content-type: text/html; charset=iso-8859-1
date: Sat, 04 May 2024 14:25:44 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| guacari.com.co/jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB | 162.241.60.19 | 500 Internal Server Error | 668 B |
URL GET HTTP/2guacari.com.co/jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB IP162.241.60.19:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerLet's Encrypt Subjectguacari.com.co Fingerprint35:C0:E1:01:4B:BC:93:2C:1B:B6:66:87:7F:9E:6D:92:DD:63:88:8B ValidityMon, 04 Mar 2024 16:19:47 GMT - Sun, 02 Jun 2024 16:19:46 GMT
File typeHTML document, ASCII text Hashdd0588c52a56b99d7371484e1676467b 3dc2a3ca7c0d4b9ce8d4bc11c24a124097fcfaf7 201e2efcb1dfaa30a4a35b2bd3158ed80db0376ce0a13ddfe6a3e05decbe7901
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB HTTP/1.1
Host: guacari.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/sc/NOVASCOT/63a3c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 668
content-type: text/html; charset=iso-8859-1
date: Sat, 04 May 2024 14:25:44 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| guacari.com.co/runtime.28b2f6d6a26212c51af2.js | 162.241.60.19 | 500 Internal Server Error | 668 B |
URL GET HTTP/2guacari.com.co/runtime.28b2f6d6a26212c51af2.js IP162.241.60.19:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerLet's Encrypt Subjectguacari.com.co Fingerprint35:C0:E1:01:4B:BC:93:2C:1B:B6:66:87:7F:9E:6D:92:DD:63:88:8B ValidityMon, 04 Mar 2024 16:19:47 GMT - Sun, 02 Jun 2024 16:19:46 GMT
File typeHTML document, ASCII text Hashdd0588c52a56b99d7371484e1676467b 3dc2a3ca7c0d4b9ce8d4bc11c24a124097fcfaf7 201e2efcb1dfaa30a4a35b2bd3158ed80db0376ce0a13ddfe6a3e05decbe7901
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /runtime.28b2f6d6a26212c51af2.js HTTP/1.1
Host: guacari.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/sc/NOVASCOT/63a3c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 668
content-type: text/html; charset=iso-8859-1
date: Sat, 04 May 2024 14:25:44 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| guacari.com.co/main.cafb241d85447b367d0c.chunk.js | 162.241.60.19 | 500 Internal Server Error | 668 B |
URL GET HTTP/2guacari.com.co/main.cafb241d85447b367d0c.chunk.js IP162.241.60.19:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerLet's Encrypt Subjectguacari.com.co Fingerprint35:C0:E1:01:4B:BC:93:2C:1B:B6:66:87:7F:9E:6D:92:DD:63:88:8B ValidityMon, 04 Mar 2024 16:19:47 GMT - Sun, 02 Jun 2024 16:19:46 GMT
File typeHTML document, ASCII text Hashdd0588c52a56b99d7371484e1676467b 3dc2a3ca7c0d4b9ce8d4bc11c24a124097fcfaf7 201e2efcb1dfaa30a4a35b2bd3158ed80db0376ce0a13ddfe6a3e05decbe7901
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /main.cafb241d85447b367d0c.chunk.js HTTP/1.1
Host: guacari.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/sc/NOVASCOT/63a3c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 668
content-type: text/html; charset=iso-8859-1
date: Sat, 04 May 2024 14:25:44 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| guacari.com.co/assets/8fd30bd010d9e2c7677ec339685f958b.woff | 162.241.60.19 | 500 Internal Server Error | 668 B |
URL GET HTTP/2guacari.com.co/assets/8fd30bd010d9e2c7677ec339685f958b.woff IP162.241.60.19:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerLet's Encrypt Subjectguacari.com.co Fingerprint35:C0:E1:01:4B:BC:93:2C:1B:B6:66:87:7F:9E:6D:92:DD:63:88:8B ValidityMon, 04 Mar 2024 16:19:47 GMT - Sun, 02 Jun 2024 16:19:46 GMT
File typeHTML document, ASCII text Hashdd0588c52a56b99d7371484e1676467b 3dc2a3ca7c0d4b9ce8d4bc11c24a124097fcfaf7 201e2efcb1dfaa30a4a35b2bd3158ed80db0376ce0a13ddfe6a3e05decbe7901
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /assets/8fd30bd010d9e2c7677ec339685f958b.woff HTTP/1.1
Host: guacari.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/sc/NOVASCOT/63a3c/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 668
content-type: text/html; charset=iso-8859-1
date: Sat, 04 May 2024 14:25:44 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| guacari.com.co/jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB | 162.241.60.19 | 500 Internal Server Error | 668 B |
URL GET HTTP/2guacari.com.co/jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB IP162.241.60.19:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerLet's Encrypt Subjectguacari.com.co Fingerprint35:C0:E1:01:4B:BC:93:2C:1B:B6:66:87:7F:9E:6D:92:DD:63:88:8B ValidityMon, 04 Mar 2024 16:19:47 GMT - Sun, 02 Jun 2024 16:19:46 GMT
File typeHTML document, ASCII text Hashdd0588c52a56b99d7371484e1676467b 3dc2a3ca7c0d4b9ce8d4bc11c24a124097fcfaf7 201e2efcb1dfaa30a4a35b2bd3158ed80db0376ce0a13ddfe6a3e05decbe7901
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB HTTP/1.1
Host: guacari.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/sc/NOVASCOT/63a3c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 668
content-type: text/html; charset=iso-8859-1
date: Sat, 04 May 2024 14:25:44 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| guacari.com.co/assets/50805f331bb1b697aafb6f0c28b09212.woff2 | 162.241.60.19 | 500 Internal Server Error | 668 B |
URL GET HTTP/2guacari.com.co/assets/50805f331bb1b697aafb6f0c28b09212.woff2 IP162.241.60.19:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerLet's Encrypt Subjectguacari.com.co Fingerprint35:C0:E1:01:4B:BC:93:2C:1B:B6:66:87:7F:9E:6D:92:DD:63:88:8B ValidityMon, 04 Mar 2024 16:19:47 GMT - Sun, 02 Jun 2024 16:19:46 GMT
File typeHTML document, ASCII text Hashdd0588c52a56b99d7371484e1676467b 3dc2a3ca7c0d4b9ce8d4bc11c24a124097fcfaf7 201e2efcb1dfaa30a4a35b2bd3158ed80db0376ce0a13ddfe6a3e05decbe7901
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /assets/50805f331bb1b697aafb6f0c28b09212.woff2 HTTP/1.1
Host: guacari.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/sc/NOVASCOT/63a3c/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 668
content-type: text/html; charset=iso-8859-1
date: Sat, 04 May 2024 14:25:44 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| guacari.com.co/assets/8fd30bd010d9e2c7677ec339685f958b.woff | 162.241.60.19 | 500 Internal Server Error | 668 B |
URL GET HTTP/2guacari.com.co/assets/8fd30bd010d9e2c7677ec339685f958b.woff IP162.241.60.19:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerLet's Encrypt Subjectguacari.com.co Fingerprint35:C0:E1:01:4B:BC:93:2C:1B:B6:66:87:7F:9E:6D:92:DD:63:88:8B ValidityMon, 04 Mar 2024 16:19:47 GMT - Sun, 02 Jun 2024 16:19:46 GMT
File typeHTML document, ASCII text Hashdd0588c52a56b99d7371484e1676467b 3dc2a3ca7c0d4b9ce8d4bc11c24a124097fcfaf7 201e2efcb1dfaa30a4a35b2bd3158ed80db0376ce0a13ddfe6a3e05decbe7901
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /assets/8fd30bd010d9e2c7677ec339685f958b.woff HTTP/1.1
Host: guacari.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/sc/NOVASCOT/63a3c/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 668
content-type: text/html; charset=iso-8859-1
date: Sat, 04 May 2024 14:25:44 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js | 104.66.122.200 | 200 OK | 68 kB |
URL GET HTTP/1.1dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js IP104.66.122.200:443
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerEntrust, Inc. Subjectapps.scotiabank.com Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88 ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT
File typeJavaScript source, ASCII text, with very long lines (32757) Hashe5954bafa35e730bc024902bc607bd1f c9e02b8d41693266321ccf5df2f195600a700487 432bdcaeac556841bbcae2c2573562ecdd13161fe8fc121fa4e5dc18ec37e707
GET /launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "661438e0-3f579"
Last-Modified: Mon, 08 Apr 2024 18:35:12 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: 773864d7-2485-4256-5a57-f15ba41a0207
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 67765
Date: Sat, 04 May 2024 14:25:44 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
|
|
| dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js | 104.66.122.200 | 200 OK | 13 kB |
URL GET HTTP/1.1dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js IP104.66.122.200:443
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerEntrust, Inc. Subjectapps.scotiabank.com Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88 ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT
File typeJavaScript source, ASCII text, with very long lines (32730) Hash208eb534ea01036a4fca64e6715ccf3f 90c85649634ff5a627023668b2e10fa01cf30315 6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
GET /launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "661438ab-8996"
Last-Modified: Mon, 08 Apr 2024 18:34:19 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: e61856c7-d650-42dc-532c-9003683bddfd
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 12687
Date: Sat, 04 May 2024 14:25:45 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
|
|
| guacari.com.co/favicon.ico | 162.241.60.19 | 500 Internal Server Error | 668 B |
URL GET HTTP/2guacari.com.co/favicon.ico IP162.241.60.19:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerLet's Encrypt Subjectguacari.com.co Fingerprint35:C0:E1:01:4B:BC:93:2C:1B:B6:66:87:7F:9E:6D:92:DD:63:88:8B ValidityMon, 04 Mar 2024 16:19:47 GMT - Sun, 02 Jun 2024 16:19:46 GMT
File typeHTML document, ASCII text Hashdd0588c52a56b99d7371484e1676467b 3dc2a3ca7c0d4b9ce8d4bc11c24a124097fcfaf7 201e2efcb1dfaa30a4a35b2bd3158ed80db0376ce0a13ddfe6a3e05decbe7901
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /favicon.ico HTTP/1.1
Host: guacari.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/sc/NOVASCOT/63a3c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 668
content-type: text/html; charset=iso-8859-1
date: Sat, 04 May 2024 14:25:45 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| guacari.com.co/assets/50805f331bb1b697aafb6f0c28b09212.woff2 | 162.241.60.19 | 500 Internal Server Error | 668 B |
URL GET HTTP/2guacari.com.co/assets/50805f331bb1b697aafb6f0c28b09212.woff2 IP162.241.60.19:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerLet's Encrypt Subjectguacari.com.co Fingerprint35:C0:E1:01:4B:BC:93:2C:1B:B6:66:87:7F:9E:6D:92:DD:63:88:8B ValidityMon, 04 Mar 2024 16:19:47 GMT - Sun, 02 Jun 2024 16:19:46 GMT
File typeHTML document, ASCII text Hashdd0588c52a56b99d7371484e1676467b 3dc2a3ca7c0d4b9ce8d4bc11c24a124097fcfaf7 201e2efcb1dfaa30a4a35b2bd3158ed80db0376ce0a13ddfe6a3e05decbe7901
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /assets/50805f331bb1b697aafb6f0c28b09212.woff2 HTTP/1.1
Host: guacari.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/sc/NOVASCOT/63a3c/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 668
content-type: text/html; charset=iso-8859-1
date: Sat, 04 May 2024 14:25:45 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js | 104.66.122.200 | 200 OK | 1.6 kB |
URL GET HTTP/1.1dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js IP104.66.122.200:443
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerEntrust, Inc. Subjectapps.scotiabank.com Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88 ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT
File typeJavaScript source, ASCII text, with very long lines (3138) Hashf1e098a5dd836ea5fc9726c429c8d71d 9b9371eb2d68b1e71063cf9f848baa07347511ca bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
GET /launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "661438ab-cd4"
Last-Modified: Mon, 08 Apr 2024 18:34:19 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: 566d5112-7b3e-4a90-4e42-51eb2dd04904
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 1597
Date: Sat, 04 May 2024 14:25:45 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
|
|
| dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js | 143.204.42.77 | 200 OK | 808 kB |
URL GET HTTP/2dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js IP143.204.42.77:443
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size808 kB (808088 bytes) Hash7a3c78d56b5a4af7adf826ea11db480d 208b4b898a117ecbc419bfd1eacf357ee220d95e 4d57d1414e66f144068891145f082f2dc05c4f72198a9a7ea2948deffd2f3f44
GET /cdn/ca/jquery-3.6.1.min.js HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://guacari.com.co/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 03 May 2024 17:39:44 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fZ1tk8LycBI2ecMcDjauteXsNsS3PEl2FJehLhuPu2Cm2Y89ngyUNQ==
age: 74761
X-Firefox-Spdy: h2
|
|
| ocsp.entrust.net/ | 23.38.202.187 | | 1.6 kB |
IP23.38.202.187:0
Hash44b439ca015f0ada1e2d4be3d45107ff 4beae40896f983d56bb19034c3a1f9a819d07a4b 518fd38ac0564fe78468e8d0155664a97c0db4e5bd24c1f429b7a8c96bc50fa9
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "518FD38AC0564FE78468E8D0155664A97C0DB4E5BD24C1F429B7A8C96BC50FA9"
Last-Modified: Sat, 04 May 2024 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=1074
Expires: Sat, 04 May 2024 14:43:39 GMT
Date: Sat, 04 May 2024 14:25:45 GMT
Connection: keep-alive
|
|
| dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json | 104.66.122.200 | 200 OK | 1.7 kB |
URL GET HTTP/1.1dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json IP104.66.122.200:443
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerEntrust, Inc. Subjectapps.scotiabank.com Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88 ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT
Hasha5c83dd0c55b426a3c30b19e3a9995a0 59b982ba2cb9efd68339d546486096e553ea4b20 de125b3c6b2e6c0d7aafdca50a9d0324506829b4497bc099c167fc7d1c2fe806
GET /aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://guacari.com.co
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/plain
ETag: "6556797d-129c"
Last-Modified: Thu, 16 Nov 2023 20:20:13 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: fda2f9ff-ddcc-4b49-703d-6e138a16069a
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sat, 04 May 2024 14:25:45 GMT
Content-Length: 1663
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: _abck=A908D63CC4E6FC85BB347E9B009B7C0C~-1~YAAQFloDF82BxymPAQAAQyX/QwuqIzmPig5gbx3P6zc7QAz7MMSf0+BjaORm/dPEbqlIUcZji/j6TMV+mNKTk7MGsy0f9xv8oYY3Wzclux/taLPD0FwJ57hRox5O4LwUMh7MFD9MHknmDvEO07FfYQeQoiA4cAfiO/+hE5N22peNmV7OlmRb/PZhKhO3BQZPGtYyZflec+/zaVK+K2KZhRzIbkzQ9dFOjoH4ZulSv1nU32o54WOdXeqPkcxWdi7VL3r4KS5kHEl2W3pxLVLdc2xyrUW34S/zUfBXnfPIXnqGQhIJtUDiXvgEOffgTzjXPsI59+yRCRzjv8grtBoe8v8nK/hxrxm+cpQ6YVVZU/rrnTEhDVQG3plKA6yQmPSFN1AOB5z6rhcsE4A=~-1~-1~-1; Domain=.scotiabank.com; Path=/; Expires=Sun, 04 May 2025 14:25:45 GMT; Max-Age=31536000; Secure
ak_bmsc=41819A6F33BD6F7015EEAB5FE5A3EB8C~000000000000000000000000000000~YAAQFloDF86BxymPAQAAQyX/QxeI26l1cFqLvsZgm9uFe8ubXLgj9CcbGpKI+9y1Cy3+XZH8prO/s8a8a5524J+JzEKDw/dXfIfpK1OXhp8KQlrs6/uc/7L2cooEN9xZBBIVVDgjbmmB2pwMB+a81DoBPGxevIokI8TCTiTxN2bTx5yT8/acdhX6ZnbH4cfFnQYEVejP3M9Kh4OKoHzzRis4ejH13hzvKvwemg7A2VxZTVozF40L6u5p/v5EA68vGuzVo/1aI4p5H12e+0zpHqKf5xUEafK0cXA9MZqeh5zY4wNPjDqc1zoxD8rZY00BbbPpR1h4kF0mw5M1udr1Ee/PtXyl2xTKzaCWpJbPZmK1wqBHYMxmI/RqGM7y77awV2fE; Domain=.scotiabank.com; Path=/; Expires=Sat, 04 May 2024 16:25:45 GMT; Max-Age=7200; HttpOnly
bm_sz=04F653597EAB8A334D91F78715E4DD0B~YAAQFloDF8+BxymPAQAAQyX/QxdnBHhwRcArKDvB4+T5cn7i+OA9xYNCRhWnxkOFx1wrasoym+l90K1IIScxKdpgzWkWMlzjAmMZS3KBqtG6dJaLU7vKFuTjHcRJxX/gAoulpg8Gp74Fwir9RoS7yWATwuywOaWGbfu5G/rbblCkwR9dgZ4DpTgWnjukBURRaIdaMVxWNNX0tTtHP14a7vdTOuhQW+qPxmHfG/5S703wtlXJ0da3AKz0MtvtoP4epjmG4nQ9tP6teFnGAo1iuwGIgMuqCJMCxDokul31YNloNidyTBZFnm+2qXN97z6zR2W3ijv4vS++SmToZzvF4+61wfScJKAJk8CGvpzUhIg=~3355714~3686705; Domain=.scotiabank.com; Path=/; Expires=Sat, 04 May 2024 18:25:45 GMT; Max-Age=14400
|
|
| somniture.scotiabank.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=85254749360895596790909631882256008275&ts=1714832745260 | 63.140.62.17 | 200 OK | 48 B |
URL GET HTTP/2somniture.scotiabank.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=85254749360895596790909631882256008275&ts=1714832745260 IP63.140.62.17:443
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerEntrust, Inc. Subjectsomniture.scotiabank.com FingerprintF2:96:F0:FC:08:90:5F:AC:1D:FE:74:A6:47:5F:DC:1E:0E:61:D7:1E ValidityMon, 21 Aug 2023 20:22:41 GMT - Sat, 21 Sep 2024 20:22:40 GMT
Hash49460138e6ee1963179156ab7aca1334 c2eefa192e2bb76940131bbd218015caa8fee1b4 495e3c04b89825ccfe922a3021e042e1e067b6d8b4064a1fe71737270defa849
GET /id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=85254749360895596790909631882256008275&ts=1714832745260 HTTP/1.1
Host: somniture.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://guacari.com.co
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://guacari.com.co
access-control-allow-credentials: true
date: Sat, 04 May 2024 14:25:45 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C85254749360895596790909631882256008275; Path=/; Domain=scotiabank.com; Max-Age=63072000; Expires=Mon, 04 May 2026 14:25:25 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 54.230.218.11 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP54.230.218.11:0
Hashd9dfa21bc3fa6ec2882460b95172c141 26b7da8a968b2f7e1a04212f80e9e179dfe18425 d173c5f9ed616b97555a4214e1d61a9cf570b926a6bbbd6de3e098c2de9fb777
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 14:25:46 GMT
Last-Modified: Sat, 04 May 2024 14:05:27 GMT
Server: ECAcc (amb/6A94)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TMcz_N_V1U5lHtSRMTxHAa7jesLfGEEDTFbfJJPHWDgIzWmT1y6FQA==
Age: 1219
|
|
| dlslhpkfqfglo.cloudfront.net/cdn/cd/l | 143.204.42.77 | 200 OK | 88 B |
URL POST HTTP/2dlslhpkfqfglo.cloudfront.net/cdn/cd/l IP143.204.42.77:443
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashd0f59d88c0a76606b7f8980a61d84a8c 31d5e4f5b22e28b3a492a9640aa0a28a1fdc56e1 9e5423d494cfbe6ad533606c08d599d8ac0d5305f0d0698259c805199c155a73
POST /cdn/cd/l HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 963
Origin: https://guacari.com.co
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
content-length: 88
date: Sat, 04 May 2024 14:25:47 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-origin: https://guacari.com.co
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: H7d3baedEMSJW9fnEpmiJt-L7praQfGVsVvqM82SnXfSE_EmtyMSqw==
X-Firefox-Spdy: h2
|
|
| csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/cdn/cd/csframe.html | 52.210.155.25 | 200 OK | 20 kB |
URL GET HTTP/2csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/cdn/cd/csframe.html IP52.210.155.25:443
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerAmazon Subject*.memcyco.com FingerprintDC:2A:FA:45:92:DC:C8:0C:1D:66:96:34:6A:FC:E1:4F:09:ED:40:3E ValiditySun, 25 Feb 2024 00:00:00 GMT - Tue, 25 Mar 2025 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash91ae991605838268495f54ccc21fb6ce e6b242cd7245434e4ca3d714b972e6508cbadbc5 3751927ca7b0268a4c2b20dafebde04f8e0c6c67e9a9531e4002a2c1eef5df9f
GET /cdn/cd/csframe.html HTTP/1.1
Host: csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://guacari.com.co/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:25:46 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=RZ5nyar6bPmmNKmIWL03SKAEbRQIMspi6hX4LrTJG0z8QByX08h8xUIWJZR5tB3g78tHfo2Hlhlu5dW8MFTjl72XgAaHVZYm/opk/km9LAttIYBdKVMK1H2nPL4f; Expires=Sat, 11 May 2024 14:25:46 GMT; Path=/
AWSALBCORS=RZ5nyar6bPmmNKmIWL03SKAEbRQIMspi6hX4LrTJG0z8QByX08h8xUIWJZR5tB3g78tHfo2Hlhlu5dW8MFTjl72XgAaHVZYm/opk/km9LAttIYBdKVMK1H2nPL4f; Expires=Sat, 11 May 2024 14:25:46 GMT; Path=/; SameSite=None; Secure
server: nginx/1.23.3
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| assets/images/%20.jpg | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/%20.jpg HTTP/1.1
Host: assets
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| dlslhpkfqfglo.cloudfront.net/cdn/cd/gwf | 143.204.42.77 | 200 OK | 7.9 kB |
URL POST HTTP/2dlslhpkfqfglo.cloudfront.net/cdn/cd/gwf IP143.204.42.77:443
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (7872), with no line terminators Hashfd42fc7f14ad7296642ad7ca7497ca8b e27aba0ced7649e440af1bbe4bd7ce2e62cf5751 40df8bb20e1b4e4945315bbf02795d6463a4dc8753b2f1e0f750d9e70533ee23
POST /cdn/cd/gwf HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 913
Origin: https://guacari.com.co
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
date: Sat, 04 May 2024 14:25:46 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-origin: https://guacari.com.co
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kgq_WpEQZCa3N9d5kgofDRWrCW9EU3rMpV5Kra9PiWuEsZjQ3aXpMg==
X-Firefox-Spdy: h2
|
|
| guacari.com.co/sc/NOVASCOT/63a3c/ | 162.241.60.19 | 200 OK | 102 kB |
URL User Request GET HTTP/2guacari.com.co/sc/NOVASCOT/63a3c/ IP162.241.60.19:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
CertificateIssuerLet's Encrypt Subjectguacari.com.co Fingerprint35:C0:E1:01:4B:BC:93:2C:1B:B6:66:87:7F:9E:6D:92:DD:63:88:8B ValidityMon, 04 Mar 2024 16:19:47 GMT - Sun, 02 Jun 2024 16:19:46 GMT
Size102 kB (101816 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Scotiabank |
GET /sc/NOVASCOT/63a3c/ HTTP/1.1
Host: guacari.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Sat, 04 May 2024 13:55:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
date: Sat, 04 May 2024 14:25:44 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| dlslhpkfqfglo.cloudfront.net/cdn/ca/mutha-scotia-wrapper.min.js | 143.204.42.77 | 200 OK | 5.1 kB |
URL GET HTTP/2dlslhpkfqfglo.cloudfront.net/cdn/ca/mutha-scotia-wrapper.min.js IP143.204.42.77:443
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (5813), with no line terminators Hashdef0fdfb38fb2897aca04aff080f055a 0eb9d645aa872829da00a9941f279289e34ec39d 2696bfd4fef5072d4dfbfa735d123e69470e1116cea8f739b155df4e7a8750d2
GET /cdn/ca/mutha-scotia-wrapper.min.js HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://guacari.com.co/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 03 May 2024 17:39:44 GMT
server: nginx/1.18.0 (Ubuntu)
set-cookie: aphishCookie-1714757984020-SCOTIA=0; Max-Age=60; Expires=Fri, 03 May 2024 17:40:44 GMT; SameSite=None; Path=/; Secure
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: faCE7XfO1n_NkoenDI0uMSHd7-MaUWzlnJvUuda4FCOyfajI9pOzXg==
age: 74760
X-Firefox-Spdy: h2
|
|
| dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js | 104.66.122.200 | 200 OK | 21 kB |
URL GET HTTP/1.1dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js IP104.66.122.200:443
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerEntrust, Inc. Subjectapps.scotiabank.com Fingerprint0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88 ValidityTue, 21 Nov 2023 14:23:22 GMT - Sat, 21 Dec 2024 14:23:21 GMT
File typeJavaScript source, ASCII text, with very long lines (21066) Hashcf426cd1788c8356ee58c7abf14c38be 609b5a8f0b4c7b5d3d955152a76db699d0eb5382 6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
GET /aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js HTTP/1.1
Host: dmtags.scotiabank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "6556797d-524b"
Last-Modified: Thu, 16 Nov 2023 20:20:13 GMT
Server: nginx/1.23.3
X-Vcap-Request-Id: e8ed5c2b-47b3-46ef-7fd0-80e5a726ad83
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 6793
Date: Sat, 04 May 2024 14:25:45 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://scotiabank.com
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Vary: Accept-Encoding, origin
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
|
|
| dlslhpkfqfglo.cloudfront.net/cdn/cd/gpk?orgID=81f541cd2f4ea9c2908b9e39b03e0a80 | 143.204.42.77 | 200 OK | 767 B |
URL GET HTTP/2dlslhpkfqfglo.cloudfront.net/cdn/cd/gpk?orgID=81f541cd2f4ea9c2908b9e39b03e0a80 IP143.204.42.77:443
Requested byhttps://guacari.com.co/sc/NOVASCOT/63a3c/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (775), with no line terminators Hash52300238c7aa600c8f27d6c23f8f3f6f ce6b1815177d77af4d326b993531e07a66de478e d3373a03cdc388b5c74279490bd3eb5c1020575bb7aa59bb4e310580d58d5c40
GET /cdn/cd/gpk?orgID=81f541cd2f4ea9c2908b9e39b03e0a80 HTTP/1.1
Host: dlslhpkfqfglo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://guacari.com.co
DNT: 1
Connection: keep-alive
Referer: https://guacari.com.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
date: Fri, 03 May 2024 17:39:45 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-origin: https://guacari.com.co
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yFZZFE1rqPZNypqRhX-_UTqtzsxzzPnRUuIPZ_tb06QWPZ3nNfjV0g==
age: 74760
X-Firefox-Spdy: h2
|
|