r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18103
Expires: Sun, 11 Dec 2022 07:41:19 GMT
Date: Sun, 11 Dec 2022 02:39:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15779
Expires: Sun, 11 Dec 2022 07:02:35 GMT
Date: Sun, 11 Dec 2022 02:39:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 11 Dec 2022 02:08:29 GMT
content-type: application/json
age: 1868
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12671
Expires: Sun, 11 Dec 2022 06:10:48 GMT
Date: Sun, 11 Dec 2022 02:39:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NOqIIG1wye9ysh7BWJVrh6xV+eE7HXVtJHMb4LQlRVenj2ywrUbDLWzmIuwaMp9s9AXivLLgGRA=
x-amz-request-id: ZDV8JGYTF82EHCCE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 11 Dec 2022 01:49:01 GMT
age: 3036
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Dec 2022 02:39:37 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
international.ueh.edu.vn/wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=-
203.113.172.41301 Moved Permanently 317 B URL HTTP/1.1 international.ueh.edu.vn/wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=-
IP 203.113.172.41:0
ASN #38731 CHT Compamy Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 74a93f37608d343e781463afb120c56f
0a1d47c2e3cc45885e2a23b9dca3784f8cf4eee4
ab3893f45901746896ff3df4e4bb443cf0ff466522fd6c54d584022dc59f93a3
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=- HTTP/1.1
Host: international.ueh.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 11 Dec 2022 02:39:37 GMT
Server: Apache/2.4.54
Location: http://international.ueh.edu.vn/wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=-/
Content-Length: 317
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 11 Dec 2022 02:07:55 GMT
age: 1902
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 44d4574b46375a2d215ae74bc5eae610
5257ed3edeb56231a9bee921671bb2e0c566000e
923454b28e4fa10085df809768a75c2d9f58f104afa016c06ccca7a26479073b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 429
Cache-Control: max-age=110062
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 02:39:37 GMT
Etag: "63944c2a-1d7"
Expires: Mon, 12 Dec 2022 09:13:59 GMT
Last-Modified: Sat, 10 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
international.ueh.edu.vn/wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=-/
203.113.172.41302 Found 0 B URL HTTP/1.1 international.ueh.edu.vn/wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=-/
IP 203.113.172.41:0
ASN #38731 CHT Compamy Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=-/ HTTP/1.1
Host: international.ueh.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 11 Dec 2022 02:39:37 GMT
Server: Apache/2.4.54
Location: authentication.php
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
34.216.88.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.88.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GkHGdX8IZIjrTmOojGgiAQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: D47w5DgflHTPjuCWy2OfPt6Fx3U=
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash d70d0f5e2b4259993739943dce4fb8ba
8f761e6f14d502928059fa1270e9b42970eda29b
fa12fac4f741dc0a276b9d4d0da455d4421a10ce5ab9d598b9e4df89faa58892
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "FA12FAC4F741DC0A276B9D4D0DA455D4421A10CE5AB9D598B9E4DF89FAA58892"
Last-Modified: Sat, 10 Dec 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=1763
Expires: Sun, 11 Dec 2022 03:09:01 GMT
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash d70d0f5e2b4259993739943dce4fb8ba
8f761e6f14d502928059fa1270e9b42970eda29b
fa12fac4f741dc0a276b9d4d0da455d4421a10ce5ab9d598b9e4df89faa58892
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "FA12FAC4F741DC0A276B9D4D0DA455D4421A10CE5AB9D598B9E4DF89FAA58892"
Last-Modified: Sat, 10 Dec 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=1658
Expires: Sun, 11 Dec 2022 03:07:16 GMT
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash d70d0f5e2b4259993739943dce4fb8ba
8f761e6f14d502928059fa1270e9b42970eda29b
fa12fac4f741dc0a276b9d4d0da455d4421a10ce5ab9d598b9e4df89faa58892
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "FA12FAC4F741DC0A276B9D4D0DA455D4421A10CE5AB9D598B9E4DF89FAA58892"
Last-Modified: Sat, 10 Dec 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=1658
Expires: Sun, 11 Dec 2022 03:07:16 GMT
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash d70d0f5e2b4259993739943dce4fb8ba
8f761e6f14d502928059fa1270e9b42970eda29b
fa12fac4f741dc0a276b9d4d0da455d4421a10ce5ab9d598b9e4df89faa58892
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "FA12FAC4F741DC0A276B9D4D0DA455D4421A10CE5AB9D598B9E4DF89FAA58892"
Last-Modified: Sat, 10 Dec 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=1658
Expires: Sun, 11 Dec 2022 03:07:16 GMT
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash d70d0f5e2b4259993739943dce4fb8ba
8f761e6f14d502928059fa1270e9b42970eda29b
fa12fac4f741dc0a276b9d4d0da455d4421a10ce5ab9d598b9e4df89faa58892
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "FA12FAC4F741DC0A276B9D4D0DA455D4421A10CE5AB9D598B9E4DF89FAA58892"
Last-Modified: Sat, 10 Dec 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=1763
Expires: Sun, 11 Dec 2022 03:09:01 GMT
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www1.scotiaonline.scotiabank.com/css/loader.css
184.86.50.154302 Moved Temporarily 0 B URL HTTP/1.1 www1.scotiaonline.scotiabank.com/css/loader.css
IP 184.86.50.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/loader.css HTTP/1.1
Host: www1.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://www.scotiaonline.scotiabank.com/css/loader.css
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www1.scotiaonline.scotiabank.com/css/blitzer/jquery-ui-1.8.2.custom.css
184.86.50.154302 Moved Temporarily 0 B URL HTTP/1.1 www1.scotiaonline.scotiabank.com/css/blitzer/jquery-ui-1.8.2.custom.css
IP 184.86.50.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/blitzer/jquery-ui-1.8.2.custom.css HTTP/1.1
Host: www1.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://www.scotiaonline.scotiabank.com/css/blitzer/jquery-ui-1.8.2.custom.css
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www1.scotiaonline.scotiabank.com/js/s_code.js
184.86.50.154302 Moved Temporarily 0 B URL HTTP/1.1 www1.scotiaonline.scotiabank.com/js/s_code.js
IP 184.86.50.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/s_code.js HTTP/1.1
Host: www1.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://www.scotiaonline.scotiabank.com/js/s_code.js
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www1.scotiaonline.scotiabank.com/css/c2c/plugin/c2c-loader.css
184.86.50.154302 Moved Temporarily 0 B URL HTTP/1.1 www1.scotiaonline.scotiabank.com/css/c2c/plugin/c2c-loader.css
IP 184.86.50.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/c2c/plugin/c2c-loader.css HTTP/1.1
Host: www1.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://www.scotiaonline.scotiabank.com/css/c2c/plugin/c2c-loader.css
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www1.scotiaonline.scotiabank.com/js/richfaces/org/ajax4jsf/framework.pack.js
184.86.50.154302 Moved Temporarily 0 B URL HTTP/1.1 www1.scotiaonline.scotiabank.com/js/richfaces/org/ajax4jsf/framework.pack.js
IP 184.86.50.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/richfaces/org/ajax4jsf/framework.pack.js HTTP/1.1
Host: www1.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://www.scotiaonline.scotiabank.com/js/richfaces/org/ajax4jsf/framework.pack.js
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www1.scotiaonline.scotiabank.com/js/jquery/c2c/c2c-loader.js
184.86.50.154302 Moved Temporarily 0 B URL HTTP/1.1 www1.scotiaonline.scotiabank.com/js/jquery/c2c/c2c-loader.js
IP 184.86.50.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/jquery/c2c/c2c-loader.js HTTP/1.1
Host: www1.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://www.scotiaonline.scotiabank.com/js/jquery/c2c/c2c-loader.js
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www1.scotiaonline.scotiabank.com/js/jquery/bns-jquery-1.4.2.js
184.86.50.154302 Moved Temporarily 0 B URL HTTP/1.1 www1.scotiaonline.scotiabank.com/js/jquery/bns-jquery-1.4.2.js
IP 184.86.50.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/jquery/bns-jquery-1.4.2.js HTTP/1.1
Host: www1.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://www.scotiaonline.scotiabank.com/js/jquery/bns-jquery-1.4.2.js
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www1.scotiaonline.scotiabank.com/js/baseFramework_en.js
184.86.50.154302 Moved Temporarily 0 B URL HTTP/1.1 www1.scotiaonline.scotiabank.com/js/baseFramework_en.js
IP 184.86.50.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/baseFramework_en.js HTTP/1.1
Host: www1.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://www.scotiaonline.scotiabank.com/js/baseFramework_en.js
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www.scotiaonline.scotiabank.com/js/s_code.js
184.86.50.154200 OK 18 kB URL HTTP/1.1 www.scotiaonline.scotiabank.com/js/s_code.js
IP 184.86.50.154:0
File type ASCII text, with very long lines (404)
Hash 718701757026f596dcbcae5db32de257
98d7c61b6ef51f2333b4f9481985052685ac5a13
8345dd9871bf57c171700db6982c249492ef76f6deb34cba77b2bdb7ac1531b5
GET /js/s_code.js HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://international.ueh.edu.vn/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: application/javascript
Last-Modified: Sun, 04 Dec 2022 02:23:28 GMT
ETag: "638c04a0-bc08"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-2097234428"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18518
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www.scotiaonline.scotiabank.com/js/richfaces/org/ajax4jsf/framework.pack.js
184.86.50.154200 OK 17 kB URL HTTP/1.1 www.scotiaonline.scotiabank.com/js/richfaces/org/ajax4jsf/framework.pack.js
IP 184.86.50.154:0
File type ASCII text, with very long lines (383)
Hash fa675b69e11892cc0c8b88c7f8508da4
9decf3248f7dfb75db4a842c724b808d6c286439
15ac3b91eb7d77d73b9dac733b3b97ea7ae6cadf763dd0499a81bdca826fd18b
GET /js/richfaces/org/ajax4jsf/framework.pack.js HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://international.ueh.edu.vn/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: application/javascript
Last-Modified: Sun, 04 Dec 2022 02:23:38 GMT
ETag: "638c04aa-e5a4"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1919902976"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16643
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www.scotiaonline.scotiabank.com/css/loader.css
184.86.50.154200 OK 68 kB URL HTTP/1.1 www.scotiaonline.scotiabank.com/css/loader.css
IP 184.86.50.154:0
File type Unicode text, UTF-8 text, with very long lines (941)
Hash 78f2a13b525c918de1f2b69f5978a459
d26ce758b9c7e84883027a08a682bb8d5cef2721
87b2fb10f48ca17d4814478d2f4a6b3b71ac3b68cac796f6a9e00807e9e1d9a3
GET /css/loader.css HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://international.ueh.edu.vn/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: text/css
Last-Modified: Sun, 04 Dec 2022 02:23:32 GMT
ETag: "638c04a4-62e75"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1131316549"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 68327
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www.scotiaonline.scotiabank.com/css/c2c/plugin/c2c-loader.css
184.86.50.154200 OK 113 B URL HTTP/1.1 www.scotiaonline.scotiabank.com/css/c2c/plugin/c2c-loader.css
IP 184.86.50.154:0
Hash e2705e71ec9ca016b2a67b217088267e
9013e5f71b0bbe7266dbc7cd13774bb6c6b88be6
b87d642509b61d349868d2da02462199a947d849326984be85b14d7a91f82997
GET /css/c2c/plugin/c2c-loader.css HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://international.ueh.edu.vn/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: text/css
Last-Modified: Sun, 04 Dec 2022 02:23:30 GMT
ETag: "638c04a2-6f"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="200640142"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 113
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www.scotiaonline.scotiabank.com/css/blitzer/jquery-ui-1.8.2.custom.css
184.86.50.154200 OK 2.4 kB URL HTTP/1.1 www.scotiaonline.scotiabank.com/css/blitzer/jquery-ui-1.8.2.custom.css
IP 184.86.50.154:0
Hash cf20b49ca86117e0eef9f0b7e06c25ee
950f37a6b6461907399014f4702f1972e9f2f300
43aa8c839d3603657e099f5285093842f5208b83e5fb04e75854860f2d33fa35
GET /css/blitzer/jquery-ui-1.8.2.custom.css HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://international.ueh.edu.vn/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: text/css
Last-Modified: Sun, 04 Dec 2022 02:23:30 GMT
ETag: "638c04a2-26f6"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-349619410"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2352
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www.scotiaonline.scotiabank.com/js/jquery/bns-jquery-1.4.2.js
184.86.50.154200 OK 86 kB URL HTTP/1.1 www.scotiaonline.scotiabank.com/js/jquery/bns-jquery-1.4.2.js
IP 184.86.50.154:0
File type ASCII text, with very long lines (1305)
Hash 7f140cb948ab1f75c40dbcb328d7b706
0386d8deb2b507784cc318358239eea3c81a269a
97b3c91e4af26f3527f948855d8fbb6b9e59e7f46926d409e8cbc6fe4ba88d2d
GET /js/jquery/bns-jquery-1.4.2.js HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://international.ueh.edu.vn/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: application/javascript
Last-Modified: Sun, 04 Dec 2022 02:23:28 GMT
ETag: "638c04a0-4e7f1"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1511691179"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 86348
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
apps.scotiabank.com/max/js/mmcore.js
104.110.7.118503 Service Unavailable 268 B URL HTTP/1.1 apps.scotiabank.com/max/js/mmcore.js
IP 104.110.7.118:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 18d1d0ae527358c9147e0b7e8f3869b4
b488c9e4b0dc50dc3407f0e79827d840739aad46
71a27bb3ec6023f413ee414aaade65fb327f70d872c12d2e7aa9002e469a7e8e
GET /max/js/mmcore.js HTTP/1.1
Host: apps.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 503 Service Unavailable
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 268
Expires: Sun, 11 Dec 2022 02:39:38 GMT
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Feature-Policy: autoplay 'none'; camera 'none'
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src 'self' *.scotiabank.com *.scotiabank.bns *.kampyle.com; frame-ancestors *.scotiabank.com *.scotiabank.com.mx fiu.mx *.scotiafunds.com *.scotiaitrade.com *.scotialifefinancial.com *.bns
Set-Cookie: site=dc2; secure; HttpOnly
ak_bmsc=FADA2D949E9624E7F40239D9C5874C7E~000000000000000000000000000000~YAAQjE8kF53ed4OEAQAA5mMN/xJWOuXajJGGS5+jYq+eatYHA2e0SMqrA1V8nhCLZ+mzS+oz7eYmrLnSv7kNh8xrj/y4LZl3fLbkLr0Q/2qJn7Ga6AIlKllvogAwNMagU47/xiofc4w5Wahbwg6Lg6h8+pscRJhJq5ABtS+rbCZEO/6zeBpP+PTb0KrIZ38g8Pc/6LjXRTlgBAMt1/DqeLVsRpmXK3+/ISAovpKzNLd0rpbzLeFoyhdmtIfcv2LKihCk1+qWDPnFxLaPlOFZikcrpw11QZsxmzDT7y4I/uuSOCwKfAJucpeHS4JnAwfcUbcaK7m+s2JkkraVxb8DzIjTsbzKNy3iYRj2ug4y8kvwMXzereeLAtEYE2GM/PQUq7eB; Domain=.scotiabank.com; Path=/; Expires=Sun, 11 Dec 2022 04:39:38 GMT; Max-Age=7200; HttpOnly
www.scotiaonline.scotiabank.com/js/baseFramework_en.js
184.86.50.154200 OK 6.5 kB URL HTTP/1.1 www.scotiaonline.scotiabank.com/js/baseFramework_en.js
IP 184.86.50.154:0
File type ASCII text, with very long lines (536)
Hash 13aa47a20b801c3f8277063e8304d51a
bb7900771f9739ca4e555422387594fd48ac557c
85d52f0dec348a175919de5990232fafae2067e1fefbec2d994e3fb9d3426663
GET /js/baseFramework_en.js HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://international.ueh.edu.vn/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: application/javascript
Last-Modified: Sun, 04 Dec 2022 02:23:36 GMT
ETag: "638c04a8-762e"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="687126260"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6531
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
international.ueh.edu.vn/wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=-/authentication.php
203.113.172.41200 OK 35 kB URL HTTP/1.1 international.ueh.edu.vn/wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=-/authentication.php
IP 203.113.172.41:0
ASN #38731 CHT Compamy Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1300), with CRLF line terminators
Hash b2d5cfb136bedb9eb338b5c113213b4a
5076026a6bba727d18561e100f7adff06a496b37
b636f5b3cf4d84facd8fba6a1fc16efe33715d4c7bafa357e76de82b9d4501c9
Analyzer Verdict Alert openphish Scotiabank
fortinet Phishing
GET /wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=-/authentication.php HTTP/1.1
Host: international.ueh.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 02:39:37 GMT
Server: Apache/2.4.54
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www1.scotiaonline.scotiabank.com/images/icons/icon_help.png
184.86.50.154302 Moved Temporarily 0 B URL HTTP/1.1 www1.scotiaonline.scotiabank.com/images/icons/icon_help.png
IP 184.86.50.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/icons/icon_help.png HTTP/1.1
Host: www1.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://www.scotiaonline.scotiabank.com/images/icons/icon_help.png
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www1.scotiaonline.scotiabank.com/contentdocs/SOL_Publishing/Marketing/2017/01-Jan/ad-ssaa-newyear-mass-loginright-en.png
184.86.50.154302 Moved Temporarily 0 B URL HTTP/1.1 www1.scotiaonline.scotiabank.com/contentdocs/SOL_Publishing/Marketing/2017/01-Jan/ad-ssaa-newyear-mass-loginright-en.png
IP 184.86.50.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /contentdocs/SOL_Publishing/Marketing/2017/01-Jan/ad-ssaa-newyear-mass-loginright-en.png HTTP/1.1
Host: www1.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://www.scotiaonline.scotiabank.com/contentdocs/SOL_Publishing/Marketing/2017/01-Jan/ad-ssaa-newyear-mass-loginright-en.png
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www1.scotiaonline.scotiabank.com/images/icons/icon_success.png
184.86.50.154302 Moved Temporarily 0 B URL HTTP/1.1 www1.scotiaonline.scotiabank.com/images/icons/icon_success.png
IP 184.86.50.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/icons/icon_success.png HTTP/1.1
Host: www1.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://www.scotiaonline.scotiabank.com/images/icons/icon_success.png
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www.scotiaonline.scotiabank.com/images/icons/icon_help.png
184.86.50.154200 OK 643 B URL HTTP/1.1 www.scotiaonline.scotiabank.com/images/icons/icon_help.png
IP 184.86.50.154:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 2c1dae3a01fec907fa52b17e94760ab1
8539da68f886f49cca96d0324f42e9885e6ccc4a
408f07113d8d08430067b70f17a6b248ce774dbe7fbf5fefd9037ff517889fd5
GET /images/icons/icon_help.png HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://international.ueh.edu.vn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: image/png
Content-Length: 643
Last-Modified: Sun, 04 Dec 2022 02:20:46 GMT
ETag: "638c03fe-283"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-877124197"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www1.scotiaonline.scotiabank.com/contentdocs/SOL_Publishing/Marketing/2015/01-Jan/ad-amex-gold-mass-loginright-en.png
184.86.50.154302 Moved Temporarily 0 B URL HTTP/1.1 www1.scotiaonline.scotiabank.com/contentdocs/SOL_Publishing/Marketing/2015/01-Jan/ad-amex-gold-mass-loginright-en.png
IP 184.86.50.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /contentdocs/SOL_Publishing/Marketing/2015/01-Jan/ad-amex-gold-mass-loginright-en.png HTTP/1.1
Host: www1.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://www.scotiaonline.scotiabank.com/contentdocs/SOL_Publishing/Marketing/2015/01-Jan/ad-amex-gold-mass-loginright-en.png
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www.scotiaonline.scotiabank.com/images/icons/icon_success.png
184.86.50.154200 OK 711 B URL HTTP/1.1 www.scotiaonline.scotiabank.com/images/icons/icon_success.png
IP 184.86.50.154:0
File type PNG image data, 14 x 14, 8-bit/color RGBA, interlaced\012- data
Hash a2c1b2e9133ec759ce9f69c14f582ba2
6cc164f5d48dbec6c51005d7baed707f59be2a4a
a95fbdabc8d66f969f2e7c05e92b757dcc436c432c69eb4b45192aa68d90c9fd
GET /images/icons/icon_success.png HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://international.ueh.edu.vn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: image/png
Content-Length: 711
Last-Modified: Sun, 04 Dec 2022 02:20:46 GMT
ETag: "638c03fe-2c7"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="445523470"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www.scotiaonline.scotiabank.com/contentdocs/SOL_Publishing/Marketing/2017/01-Jan/ad-ssaa-newyear-mass-loginright-en.png
184.86.50.154200 OK 14 kB URL HTTP/1.1 www.scotiaonline.scotiabank.com/contentdocs/SOL_Publishing/Marketing/2017/01-Jan/ad-ssaa-newyear-mass-loginright-en.png
IP 184.86.50.154:0
File type PNG image data, 470 x 200, 8-bit colormap, non-interlaced\012- data
Hash b906f6c96aba454a2b608edc4abd8607
2751589e1b09e1955487c87cc297c50216be60c7
99888ef111c8dff79057a92e40c8ada710f70e7b70286121abb509e88219111a
GET /contentdocs/SOL_Publishing/Marketing/2017/01-Jan/ad-ssaa-newyear-mass-loginright-en.png HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://international.ueh.edu.vn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: image/png
Content-Length: 14066
Last-Modified: Sun, 14 Nov 2021 15:23:48 GMT
ETag: "61912a04-36f2"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
apps.scotiabank.com/max/js/mmcore.js
104.110.7.118503 Service Unavailable 268 B URL HTTP/1.1 apps.scotiabank.com/max/js/mmcore.js
IP 104.110.7.118:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash fad2166488efe495d813f7a881a26f67
f53934cf4466c4f16483dc490aaa3ee2ddc80ae8
a5fe33af2e72e4709ff528e2aa15fa0d57324202f8da5868701853e4f259f8a0
GET /max/js/mmcore.js HTTP/1.1
Host: apps.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 503 Service Unavailable
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 268
Expires: Sun, 11 Dec 2022 02:39:38 GMT
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Feature-Policy: autoplay 'none'; camera 'none'
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src 'self' *.scotiabank.com *.scotiabank.bns *.kampyle.com; frame-ancestors *.scotiabank.com *.scotiabank.com.mx fiu.mx *.scotiafunds.com *.scotiaitrade.com *.scotialifefinancial.com *.bns
Set-Cookie: site=dc1; secure; HttpOnly
ak_bmsc=5B588E8F649B77EA2586001AAD02C69E~000000000000000000000000000000~YAAQjE8kF57ed4OEAQAAJWUN/xLVNHLI5mp2n+IpkoGF2k5mTcRm33qHruc31wfzexPKWk6Wi5trwcsGWzH95IuXrtnwicoBDbo3ocgj0M8WEMf27qnXsSkVKcHz6nXB4Ry2Yoj7u33529gUbG5XxKeWvQd/19d0r1EwkR50AhCRoAA+5ELgWoTBRmAMjqnttYRsgyWwSZaAd/UOYhTZmcqxUEE8NmSmUgEle89NnHMcv69cpH4ZJeRgJ5saCA+QPn9mtZKUwK4x4D78ixLC6F9d6fo9WwHyT7ZMWYa1XjlzBb4PXkFCf1B1P6e2K0tQXqKWqUKTeIRx+jFEzZaXveqYTBX6ryXNfvMy6n46yDx5VTE/+M7VGwpkksmwPR/V1Qkx; Domain=.scotiabank.com; Path=/; Expires=Sun, 11 Dec 2022 04:39:38 GMT; Max-Age=7200; HttpOnly
www.scotiaonline.scotiabank.com/images/backgrounds/bg_vertical_dotted_line1.png
184.86.50.154200 OK 77 B URL HTTP/1.1 www.scotiaonline.scotiabank.com/images/backgrounds/bg_vertical_dotted_line1.png
IP 184.86.50.154:0
File type PNG image data, 1 x 37, 8-bit/color RGB, non-interlaced\012- data
Hash 6c6b754d896ae9e8e6b3ec96c2cf8e81
55160e1e2fecf86605e6137bcdf42ad7f961e2d4
c6cbdb8e854f700eeb987e01ff817004ed07596e74675b628f1611fe91213369
GET /images/backgrounds/bg_vertical_dotted_line1.png HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.scotiaonline.scotiabank.com/css/loader.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: image/png
Content-Length: 77
Last-Modified: Sun, 04 Dec 2022 02:20:46 GMT
ETag: "638c03fe-4d"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-498907166"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www.scotiaonline.scotiabank.com/images/nav/nav-bg.png
184.86.50.154200 OK 2.9 kB URL HTTP/1.1 www.scotiaonline.scotiabank.com/images/nav/nav-bg.png
IP 184.86.50.154:0
File type PNG image data, 1 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash f3d1d19d836e5a80ecc943cbbe0e7ee0
033a5ab264207d00c9d83a0e506be7a3d73c79d0
2290c1d1c885e7ffc5213c5f84fa864552c3640e35b5bfb45140d9f4356a6093
GET /images/nav/nav-bg.png HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.scotiaonline.scotiabank.com/css/loader.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: image/png
Content-Length: 2876
Last-Modified: Sun, 04 Dec 2022 02:20:46 GMT
ETag: "638c03fe-b3c"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="201313810"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www.scotiaonline.scotiabank.com/contentdocs/SOL_Publishing/Marketing/2015/01-Jan/ad-amex-gold-mass-loginright-en.png
184.86.50.154200 OK 13 kB URL HTTP/1.1 www.scotiaonline.scotiabank.com/contentdocs/SOL_Publishing/Marketing/2015/01-Jan/ad-amex-gold-mass-loginright-en.png
IP 184.86.50.154:0
File type PNG image data, 470 x 200, 8-bit colormap, non-interlaced\012- data
Hash 148b5d1636b08fcce237ac53aa529f5a
60588fb799ae741ae0db79b39a59ad6d3f457796
3b305a41f23bcd0c37c312a316113d277ea079b57dc5494451ec4196116ee64c
GET /contentdocs/SOL_Publishing/Marketing/2015/01-Jan/ad-amex-gold-mass-loginright-en.png HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://international.ueh.edu.vn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: image/png
Content-Length: 12781
Last-Modified: Sun, 14 Nov 2021 15:22:47 GMT
ETag: "619129c7-31ed"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
www.scotiaonline.scotiabank.com/images/branding/scotiabank-group.gif
184.86.50.154200 OK 861 B URL HTTP/1.1 www.scotiaonline.scotiabank.com/images/branding/scotiabank-group.gif
IP 184.86.50.154:0
File type GIF image data, version 89a, 215 x 26\012- data
Hash f3c7c93fc6073072fa1c2702496f2bed
f39b6f6d98dd579c586f90241996e05f15cbf676
8388159a4f63c206a065bf97754a7c1af6f8ed84c8dea706e829867bacde7350
GET /images/branding/scotiabank-group.gif HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.scotiaonline.scotiabank.com/css/loader.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: image/gif
Content-Length: 861
Last-Modified: Sun, 04 Dec 2022 02:20:46 GMT
ETag: "638c03fe-35d"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-352733423"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Date: Sun, 11 Dec 2022 02:39:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6630
Expires: Sun, 11 Dec 2022 04:30:09 GMT
Date: Sun, 11 Dec 2022 02:39:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6630
Expires: Sun, 11 Dec 2022 04:30:09 GMT
Date: Sun, 11 Dec 2022 02:39:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6630
Expires: Sun, 11 Dec 2022 04:30:09 GMT
Date: Sun, 11 Dec 2022 02:39:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6630
Expires: Sun, 11 Dec 2022 04:30:09 GMT
Date: Sun, 11 Dec 2022 02:39:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb266513b-5a87-4b7e-9bfc-60ed68652453.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb266513b-5a87-4b7e-9bfc-60ed68652453.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a146b9e7b0130daeb7bcf91d4b545fcc
62114dc02a4714b2dde82307f9ebb1961f7b5d90
a28a870548c16d49aef2548c509b2f0d8e3396fe29d229b7919193a231dd2f41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb266513b-5a87-4b7e-9bfc-60ed68652453.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5466
x-amzn-requestid: 65d5dc78-85ed-4506-ad29-d1169d840951
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cqSyQHabIAMF1MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d980e-5330b08233c2bfc30d5cc555;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 07:04:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2AKXN0B8-jU-tgVmVTytXGGU8bEfV15OIpY0xH7o-dJ8tEnU0W6xbg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 09:33:56 GMT
age: 61543
etag: "62114dc02a4714b2dde82307f9ebb1961f7b5d90"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e773796-2162-4678-a8ea-5676f25b53b5.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e773796-2162-4678-a8ea-5676f25b53b5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28dc3abb6e431d24dbcadd668b065b96
1585a0b53247103e4ef2a785f34980068e0576af
42d19784bba0276d47ff749dbb048bf4be9d4b37a0cc091bb8e7570cae5e933a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e773796-2162-4678-a8ea-5676f25b53b5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7387
x-amzn-requestid: 3fef1465-1a90-4925-82b2-4edbb089aec3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xUFHtzoAMFr2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc19-448ecfe9514a656078eb9f76;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6I5kzR60cvAzHkw6afJ2gQgHWdZ4TyZgx247O74J3aFxXqVfnQo0Dw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:38:41 GMT
etag: "1585a0b53247103e4ef2a785f34980068e0576af"
content-type: image/jpeg
age: 18058
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2020df3404a4b7c3e142af4a1330b848
2fe69b52fe03128e86550bf08474ecac82682384
37a52c158d5cfdf3589e19163cf446c02ce1466f444656080b02da82d2bcefae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6311
x-amzn-requestid: 46ccaee0-bde8-4be6-9dc8-46e3ae356dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xUYH10oAMF8Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc1b-2440251f06cb950a57489555;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SG-8rL_rUN3MpXHhkAaHmIqKf7mSHtv0kEAkBOAIPcqq755Qh-mc3Q==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:38:41 GMT
etag: "2fe69b52fe03128e86550bf08474ecac82682384"
content-type: image/jpeg
age: 18058
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ef6b75d-8f79-40b3-b1dd-ab0caa833119.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ef6b75d-8f79-40b3-b1dd-ab0caa833119.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b4cdf7ea5a907bcc30f80b24da0bfb1
4cd560ae03884699f3106a89964fa5f080032c27
bf99c79318c810799becd698b9b279ac32c8b5f613991d2522a6bc5bff3f80fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ef6b75d-8f79-40b3-b1dd-ab0caa833119.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9176
x-amzn-requestid: e3dc0128-ed9a-4ebb-8b42-6d07c16f9218
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cs2z4EmkIAMFldg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e9e7f-5a2bbb8815a56bf04816cece;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 01:44:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: axHVqcCbO7horByHHPR-Fz2R05MM227zZodZGpbTo4tFNrvlzIY48g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 04:11:43 GMT
age: 80876
etag: "4cd560ae03884699f3106a89964fa5f080032c27"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 05:47:56 GMT
age: 75103
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe639b598-228d-4b74-8dab-25ae9f33b0b6.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe639b598-228d-4b74-8dab-25ae9f33b0b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2a89767acaa7b09e7cf2d0d5e833644
0f796dfeb88f997c3b7640d79983110795b64f41
fde35b6974b53a3a5d452af68614ee559152ed76e492c9ebaa16b1a9e487aa4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe639b598-228d-4b74-8dab-25ae9f33b0b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5953
x-amzn-requestid: e878d66a-0fe4-4411-a0b4-816facb42707
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2dgiEAAoAMFquQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63927603-71491d8613419cc708f3396e;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 23:40:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _VSA7qRooH64GG6Gwx6rYZaSZpxhTNPDCQY31AVzZGmQVTGcqqklRg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:38:41 GMT
age: 18058
etag: "0f796dfeb88f997c3b7640d79983110795b64f41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
international.ueh.edu.vn/online/com_sun_faces_sunjsf.js.bns
203.113.172.41200 OK 18 kB URL HTTP/1.1 international.ueh.edu.vn/online/com_sun_faces_sunjsf.js.bns
IP 203.113.172.41:0
ASN #38731 CHT Compamy Ltd
File type HTML document, Unicode text, UTF-8 text, with very long lines (1902), with CRLF, LF line terminators
Hash 3434d886eee6be2a78a82f9d1c285f14
dc3c527c347c7c04ad442337090a8b5fdd9cdfcc
68f6ed7b71a080a7155b1e7c215e55c9b2bea3bbfddf6687766c3c4280727938
Analyzer Verdict Alert fortinet Phishing
GET /online/com_sun_faces_sunjsf.js.bns HTTP/1.1
Host: international.ueh.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://international.ueh.edu.vn/wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=-/authentication.php
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 02:39:38 GMT
Server: Apache/2.4.54
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www1.scotiaonline.scotiabank.com/favicon/scotiabank.ico
184.86.50.154302 Moved Temporarily 0 B URL HTTP/1.1 www1.scotiaonline.scotiabank.com/favicon/scotiabank.ico
IP 184.86.50.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon/scotiabank.ico HTTP/1.1
Host: www1.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://www.scotiaonline.scotiabank.com/favicon/scotiabank.ico
Date: Sun, 11 Dec 2022 02:39:40 GMT
Connection: keep-alive
www.livehelp.scotiabank.com/dcjs/c2c-dcdef.js?v=1/0
104.110.13.78200 OK 146 B URL HTTP/1.1 www.livehelp.scotiabank.com/dcjs/c2c-dcdef.js?v=1/0
IP 104.110.13.78:0
Hash 7781017838096306b4efcbe4d367ca0f
f3ff316e17fd13429d1362163cb0ccd50c85d4ad
b04c9ef31adc530f01b3f0b1bb8ff96fa389ea71155bec7b76191b0f0a8026e8
GET /dcjs/c2c-dcdef.js?v=1/0 HTTP/1.1
Host: www.livehelp.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 22 Dec 2020 15:24:12 GMT
ETag: "50b19-95-5b70f2aae1f00"
Accept-Ranges: bytes
Content-Encoding: gzip
X-UA-Compatible: IE=edge
Pragma: no-cache
Content-Length: 146
Content-Type: application/x-javascript
Cache-Control: no-cache
Expires: Sun, 11 Dec 2022 02:39:40 GMT
Date: Sun, 11 Dec 2022 02:39:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.scotiaonline.scotiabank.com/images/backgrounds/bg_signon.png
184.86.50.154200 OK 121 B URL HTTP/1.1 www.scotiaonline.scotiabank.com/images/backgrounds/bg_signon.png
IP 184.86.50.154:0
File type PNG image data, 6 x 285, 8-bit/color RGB, non-interlaced\012- data
Hash c6b4337d558a56a550e79f76eb58dcb9
cf572909084b06207d8820bf51932bdbaeeb30ef
229def774e0909f6ae8d9938c0799f85f9f0d542f4026b68fb7d0d32a0df0ec3
GET /images/backgrounds/bg_signon.png HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.scotiaonline.scotiabank.com/css/loader.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: image/png
Content-Length: 121
Last-Modified: Sun, 04 Dec 2022 02:20:46 GMT
ETag: "638c03fe-79"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="283720668"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Date: Sun, 11 Dec 2022 02:39:40 GMT
Connection: keep-alive
omniture.scotiabank.com/b/ss/scotiabanknewscotiaonlineprod,scotiabankglobal/1/H.26.2/s69245385244388?AQB=1&ndh=1&t=11%2F11%2F2022%202%3A39%3A38%200%200&ce=UTF-8&ns=scotiabank&pageName=SO%3ASign%20on%20to%20Scotia%20OnLine&g=http%3A%2F%2Finternational.ueh.edu.vn%2Fwp-admin%2Fuser%2Finterac-paymentverification%2F%2B-%3D-%3D%3D-%2Fdirecting%2Fscotiabank%2F%2B%2B_%3D-%2Fauthentication.php&ch=SO&events=%2Cevent30&c7=9%3A30PM&v7=9%3A30PM&c8=Saturday&v8=Saturday&c11=EN&v19=EN&c50=SO&v50=SO&l2=CardNumber_Label_Login-en-June2016%2CPassword_Label_Login-en-June2016%2CCardNickname_Label_Login-en-June2016%2CActivate_Login_EN%2CTrusteerWidget_Login_EN_Jan15%2CSecurityCentre_Login_EN-June2016%2CTrusteerWidget_Login_EN_Jan15%2CAmexGold_Mass-LoginL-EN-Jan17%2CSSAA_Mass-LoginR-EN-Jan17%2C&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
15.188.95.229302 Found 0 B URL HTTP/1.1 omniture.scotiabank.com/b/ss/scotiabanknewscotiaonlineprod,scotiabankglobal/1/H.26.2/s69245385244388?AQB=1&ndh=1&t=11%2F11%2F2022%202%3A39%3A38%200%200&ce=UTF-8&ns=scotiabank&pageName=SO%3ASign%20on%20to%20Scotia%20OnLine&g=http%3A%2F%2Finternational.ueh.edu.vn%2Fwp-admin%2Fuser%2Finterac-paymentverification%2F%2B-%3D-%3D%3D-%2Fdirecting%2Fscotiabank%2F%2B%2B_%3D-%2Fauthentication.php&ch=SO&events=%2Cevent30&c7=9%3A30PM&v7=9%3A30PM&c8=Saturday&v8=Saturday&c11=EN&v19=EN&c50=SO&v50=SO&l2=CardNumber_Label_Login-en-June2016%2CPassword_Label_Login-en-June2016%2CCardNickname_Label_Login-en-June2016%2CActivate_Login_EN%2CTrusteerWidget_Login_EN_Jan15%2CSecurityCentre_Login_EN-June2016%2CTrusteerWidget_Login_EN_Jan15%2CAmexGold_Mass-LoginL-EN-Jan17%2CSSAA_Mass-LoginR-EN-Jan17%2C&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 15.188.95.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ss/scotiabanknewscotiaonlineprod,scotiabankglobal/1/H.26.2/s69245385244388?AQB=1&ndh=1&t=11%2F11%2F2022%202%3A39%3A38%200%200&ce=UTF-8&ns=scotiabank&pageName=SO%3ASign%20on%20to%20Scotia%20OnLine&g=http%3A%2F%2Finternational.ueh.edu.vn%2Fwp-admin%2Fuser%2Finterac-paymentverification%2F%2B-%3D-%3D%3D-%2Fdirecting%2Fscotiabank%2F%2B%2B_%3D-%2Fauthentication.php&ch=SO&events=%2Cevent30&c7=9%3A30PM&v7=9%3A30PM&c8=Saturday&v8=Saturday&c11=EN&v19=EN&c50=SO&v50=SO&l2=CardNumber_Label_Login-en-June2016%2CPassword_Label_Login-en-June2016%2CCardNickname_Label_Login-en-June2016%2CActivate_Login_EN%2CTrusteerWidget_Login_EN_Jan15%2CSecurityCentre_Login_EN-June2016%2CTrusteerWidget_Login_EN_Jan15%2CAmexGold_Mass-LoginL-EN-Jan17%2CSSAA_Mass-LoginR-EN-Jan17%2C&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: omniture.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Sun, 11 Dec 2022 02:39:40 GMT
content-type: text/plain;charset=utf-8
expires: Sat, 10 Dec 2022 02:39:40 GMT
last-modified: Mon, 12 Dec 2022 02:39:40 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31CAA1762EC84D1D-6000158CBAC795A5[CE]; Path=/; Domain=scotiabank.com; Max-Age=63072000; Expires=Tue, 10 Dec 2024 02:39:39 GMT;
location: http://omniture.scotiabank.com/b/ss/scotiabanknewscotiaonlineprod,scotiabankglobal/1/H.26.2/s69245385244388?AQB=1&pccr=true&vidn=31CAA1762EC84D1D-6000158CBAC795A5&ndh=1&t=11%2F11%2F2022%202%3A39%3A38%200%200&ce=UTF-8&ns=scotiabank&pageName=SO%3ASign%20on%20to%20Scotia%20OnLine&g=http%3A%2F%2Finternational.ueh.edu.vn%2Fwp-admin%2Fuser%2Finterac-paymentverification%2F%2B-%3D-%3D%3D-%2Fdirecting%2Fscotiabank%2F%2B%2B_%3D-%2Fauthentication.php&ch=SO&events=%2Cevent30&c7=9%3A30PM&v7=9%3A30PM&c8=Saturday&v8=Saturday&c11=EN&v19=EN&c50=SO&v50=SO&l2=CardNumber_Label_Login-en-June2016%2CPassword_Label_Login-en-June2016%2CCardNickname_Label_Login-en-June2016%2CActivate_Login_EN%2CTrusteerWidget_Login_EN_Jan15%2CSecurityCentre_Login_EN-June2016%2CTrusteerWidget_Login_EN_Jan15%2CAmexGold_Mass-LoginL-EN-Jan17%2CSSAA_Mass-LoginR-EN-Jan17%2C&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
www.scotiaonline.scotiabank.com/images/marketing/banners/download-trustee.png
184.86.50.154200 OK 4.5 kB URL HTTP/1.1 www.scotiaonline.scotiabank.com/images/marketing/banners/download-trustee.png
IP 184.86.50.154:0
File type PNG image data, 34 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 7aa162087eff83fb997b463552538e62
0ccf3dbd11471acd6280effd72b56109a8513e33
541a235d37c4ecea24dbd30fb57297f1c97b7fa2a21995bc3e140d02dd58a4fb
GET /images/marketing/banners/download-trustee.png HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.scotiaonline.scotiabank.com/css/loader.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: image/png
Content-Length: 4497
Last-Modified: Sun, 04 Dec 2022 02:20:46 GMT
ETag: "638c03fe-1191"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="291496041"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Date: Sun, 11 Dec 2022 02:39:40 GMT
Connection: keep-alive
www.scotiaonline.scotiabank.com/images/marketing/banners/lock.png
184.86.50.154200 OK 6.4 kB URL HTTP/1.1 www.scotiaonline.scotiabank.com/images/marketing/banners/lock.png
IP 184.86.50.154:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 87x156, components 3\012- data
Hash 54349a845833529764f05e43cd437d91
bb58e43a73f297a1dd95748ccaf04eeb79c9e10e
ed7fcbf44f56aecfcf280444aa3c7fe36413818347b9445bbd27a4e496ef6813
GET /images/marketing/banners/lock.png HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.scotiaonline.scotiabank.com/css/loader.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: image/png
Content-Length: 6357
Last-Modified: Sun, 04 Dec 2022 02:20:46 GMT
ETag: "638c03fe-18d5"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Date: Sun, 11 Dec 2022 02:39:40 GMT
Connection: keep-alive
www1.livehelp.scotiabank.com/css/plugin/c2c-plugin.css?v=1.0
104.110.13.78200 OK 251 B URL HTTP/1.1 www1.livehelp.scotiabank.com/css/plugin/c2c-plugin.css?v=1.0
IP 104.110.13.78:0
Hash 8324ad2f82ae17f3f5094bdde073c99a
2871b4ceb82e0b73b8557a68434c8687a648c63a
9ddeb549cd69feb96fbb642c116b3560e7ca15e72cfb54f4d612f9b14bbdfabb
GET /css/plugin/c2c-plugin.css?v=1.0 HTTP/1.1
Host: www1.livehelp.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 22 Dec 2020 15:24:12 GMT
ETag: "50b16-207-5b70f2aae1f00"
Accept-Ranges: bytes
Content-Encoding: gzip
X-UA-Compatible: IE=edge
Content-Length: 251
Content-Type: text/css
Cache-Control: public, max-age=43200
Expires: Sun, 11 Dec 2022 14:39:40 GMT
Date: Sun, 11 Dec 2022 02:39:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
www1.livehelp.scotiabank.com/js/base/jquery.cookie.js?v=1.3.1
104.110.13.78200 OK 1.1 kB URL HTTP/1.1 www1.livehelp.scotiabank.com/js/base/jquery.cookie.js?v=1.3.1
IP 104.110.13.78:0
Hash 77a63f6ccade6522ef60904394c9a8d0
ab7863918eaa7707c6d41e89a51d55e76aa0ec14
5079bd2ca92513fcd6ea70c87578e91df9f127b3d684ae64a9ee81d2043a16e4
GET /js/base/jquery.cookie.js?v=1.3.1 HTTP/1.1
Host: www1.livehelp.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 22 Dec 2020 15:24:12 GMT
ETag: "50b3f-910-5b70f2aae1f00"
Accept-Ranges: bytes
Content-Encoding: gzip
X-UA-Compatible: IE=edge
Content-Length: 1112
Content-Type: application/x-javascript
Cache-Control: public, max-age=43200
Expires: Sun, 11 Dec 2022 14:39:40 GMT
Date: Sun, 11 Dec 2022 02:39:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
www1.livehelp.scotiabank.com/js/base/c2c-cookie.js?v=1.0
104.110.13.78200 OK 7.1 kB URL HTTP/1.1 www1.livehelp.scotiabank.com/js/base/c2c-cookie.js?v=1.0
IP 104.110.13.78:0
File type ASCII text, with very long lines (33143), with no line terminators
Hash 44098e09e7a7560ab2bc751871aae69e
b72bd2dffb8392af368bdfd65e6dee4bf1134f32
b1beace61d0cce09361c227edf9ab826d1d7e544084f293b04de349f6491966c
GET /js/base/c2c-cookie.js?v=1.0 HTTP/1.1
Host: www1.livehelp.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "559a875186d531961cfd5080a697bf88:1600095972.199225"
Last-Modified: Mon, 14 Sep 2020 15:06:12 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 11 Dec 2022 02:39:40 GMT
Content-Length: 7118
Connection: keep-alive
www.splash-screen.net/18273/rapi.js?f=rCallback
18.184.249.253200 Ok 414 B URL HTTP/1.1 www.splash-screen.net/18273/rapi.js?f=rCallback
IP 18.184.249.253:0
File type ASCII text, with very long lines (373)
Hash 55b5c773ac2853e292dd1fd5e2b0f099
21f01091d0daa48ba548602f1c315eff178b9175
1f25aae3453a1fcec17189891a90d8ea03ec87570e8acd8596e0155e66c31249
GET /18273/rapi.js?f=rCallback HTTP/1.1
Host: www.splash-screen.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
HTTP/1.1 200 Ok
Date: Sun, 11 Dec 2022 02:39:40 GMT
Content-Type: application/x-javascript
Content-Length: 414
Connection: keep-alive
Server: haile
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
omniture.scotiabank.com/b/ss/scotiabanknewscotiaonlineprod,scotiabankglobal/1/H.26.2/s69245385244388?AQB=1&pccr=true&vidn=31CAA1762EC84D1D-6000158CBAC795A5&ndh=1&t=11%2F11%2F2022%202%3A39%3A38%200%200&ce=UTF-8&ns=scotiabank&pageName=SO%3ASign%20on%20to%20Scotia%20OnLine&g=http%3A%2F%2Finternational.ueh.edu.vn%2Fwp-admin%2Fuser%2Finterac-paymentverification%2F%2B-%3D-%3D%3D-%2Fdirecting%2Fscotiabank%2F%2B%2B_%3D-%2Fauthentication.php&ch=SO&events=%2Cevent30&c7=9%3A30PM&v7=9%3A30PM&c8=Saturday&v8=Saturday&c11=EN&v19=EN&c50=SO&v50=SO&l2=CardNumber_Label_Login-en-June2016%2CPassword_Label_Login-en-June2016%2CCardNickname_Label_Login-en-June2016%2CActivate_Login_EN%2CTrusteerWidget_Login_EN_Jan15%2CSecurityCentre_Login_EN-June2016%2CTrusteerWidget_Login_EN_Jan15%2CAmexGold_Mass-LoginL-EN-Jan17%2CSSAA_Mass-LoginR-EN-Jan17%2C&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
15.188.95.229200 OK 43 B URL HTTP/1.1 omniture.scotiabank.com/b/ss/scotiabanknewscotiaonlineprod,scotiabankglobal/1/H.26.2/s69245385244388?AQB=1&pccr=true&vidn=31CAA1762EC84D1D-6000158CBAC795A5&ndh=1&t=11%2F11%2F2022%202%3A39%3A38%200%200&ce=UTF-8&ns=scotiabank&pageName=SO%3ASign%20on%20to%20Scotia%20OnLine&g=http%3A%2F%2Finternational.ueh.edu.vn%2Fwp-admin%2Fuser%2Finterac-paymentverification%2F%2B-%3D-%3D%3D-%2Fdirecting%2Fscotiabank%2F%2B%2B_%3D-%2Fauthentication.php&ch=SO&events=%2Cevent30&c7=9%3A30PM&v7=9%3A30PM&c8=Saturday&v8=Saturday&c11=EN&v19=EN&c50=SO&v50=SO&l2=CardNumber_Label_Login-en-June2016%2CPassword_Label_Login-en-June2016%2CCardNickname_Label_Login-en-June2016%2CActivate_Login_EN%2CTrusteerWidget_Login_EN_Jan15%2CSecurityCentre_Login_EN-June2016%2CTrusteerWidget_Login_EN_Jan15%2CAmexGold_Mass-LoginL-EN-Jan17%2CSSAA_Mass-LoginR-EN-Jan17%2C&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 15.188.95.229:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/scotiabanknewscotiaonlineprod,scotiabankglobal/1/H.26.2/s69245385244388?AQB=1&pccr=true&vidn=31CAA1762EC84D1D-6000158CBAC795A5&ndh=1&t=11%2F11%2F2022%202%3A39%3A38%200%200&ce=UTF-8&ns=scotiabank&pageName=SO%3ASign%20on%20to%20Scotia%20OnLine&g=http%3A%2F%2Finternational.ueh.edu.vn%2Fwp-admin%2Fuser%2Finterac-paymentverification%2F%2B-%3D-%3D%3D-%2Fdirecting%2Fscotiabank%2F%2B%2B_%3D-%2Fauthentication.php&ch=SO&events=%2Cevent30&c7=9%3A30PM&v7=9%3A30PM&c8=Saturday&v8=Saturday&c11=EN&v19=EN&c50=SO&v50=SO&l2=CardNumber_Label_Login-en-June2016%2CPassword_Label_Login-en-June2016%2CCardNickname_Label_Login-en-June2016%2CActivate_Login_EN%2CTrusteerWidget_Login_EN_Jan15%2CSecurityCentre_Login_EN-June2016%2CTrusteerWidget_Login_EN_Jan15%2CAmexGold_Mass-LoginL-EN-Jan17%2CSSAA_Mass-LoginR-EN-Jan17%2C&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: omniture.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://international.ueh.edu.vn/
Connection: keep-alive
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Sun, 11 Dec 2022 02:39:40 GMT
expires: Sat, 10 Dec 2022 02:39:40 GMT
last-modified: Mon, 12 Dec 2022 02:39:40 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31CAA1767C35BB35-400017ADA152B0A3[CE]; Path=/; Domain=scotiabank.com; Max-Age=63072000; Expires=Tue, 10 Dec 2024 02:39:39 GMT;
etag: 3587857583416115200-4619382246046085282
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
www1.livehelp.scotiabank.com/js/base/c2c-pstmsg.js?v=1.0
104.110.13.78200 OK 724 B URL HTTP/1.1 www1.livehelp.scotiabank.com/js/base/c2c-pstmsg.js?v=1.0
IP 104.110.13.78:0
Hash 719c5f9a6b839d1a8b6562e07effbc21
22f7ed3513df361177fd2f348818138ea2a76a77
e16a03eb6a6779b5b4dd6ac5d55c03e79f9661b7ebf25122b358c122959aa078
GET /js/base/c2c-pstmsg.js?v=1.0 HTTP/1.1
Host: www1.livehelp.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 22 Dec 2020 15:24:12 GMT
ETag: "3ddba-5e3-5b70f2aae1f00"
Accept-Ranges: bytes
Content-Encoding: gzip
X-UA-Compatible: IE=edge
Content-Length: 724
Content-Type: application/x-javascript
Cache-Control: public, max-age=43200
Expires: Sun, 11 Dec 2022 14:39:40 GMT
Date: Sun, 11 Dec 2022 02:39:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
www1.livehelp.scotiabank.com/js/plugin/c2c-plugin.v2.js?v=1.0
104.110.13.78200 OK 10 kB URL HTTP/1.1 www1.livehelp.scotiabank.com/js/plugin/c2c-plugin.v2.js?v=1.0
IP 104.110.13.78:0
File type ASCII text, with very long lines (6180)
Hash 2f4f25ce23bb7d72769ebe7c0d69451c
e94bf0671ceb0b398825873ff9c58f1145829af5
dda7775be78aa90fb12d949698c657575c01761bb47b52b32439d9f73b24aec5
GET /js/plugin/c2c-plugin.v2.js?v=1.0 HTTP/1.1
Host: www1.livehelp.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 22 Dec 2020 15:24:12 GMT
ETag: "50b4c-a6a8-5b70f2aae1f00"
Accept-Ranges: bytes
Content-Encoding: gzip
X-UA-Compatible: IE=edge
Content-Length: 10331
Content-Type: application/x-javascript
Cache-Control: public, max-age=42397
Expires: Sun, 11 Dec 2022 14:26:17 GMT
Date: Sun, 11 Dec 2022 02:39:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/jsencrypt.min.js
104.17.24.14200 OK 16 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/jsencrypt.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (13814)
Hash e5e4097d09b3f47c8f128dd657d9522a
6106bf701b5761445d7636e44ac654706b3736ee
a81fdcab5a72200658d11fd509f43c23cc64bc717f0a807c5f40b22a44f2cb5a
GET /ajax/libs/jsencrypt/2.3.1/jsencrypt.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Dec 2022 02:39:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 15539
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec6-db4e"
last-modified: Mon, 04 May 2020 16:11:50 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1571402
expires: Fri, 01 Dec 2023 02:39:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxGXJ2TCYX7f4xfMpu1Z55vEg39PTg8V1BGkDZtNRVc2wqqL2cx0v%2F%2BUpFfwliklRNG7%2FzxUHli7AMr%2Fipj%2FkAXzVGjEj367PGeCY6D9fT85WCEPTH5%2BWC5lcDdXftE2Q%2BTp0f%2Be"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 777ad9e6bcc3b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5bd46b1e628877877ef6ebdb51161bd7
6f494156cf806d35d8d1917b19228c035f27ddd1
08d0754c813ae3e34219e532889dc216355179e1b465ca00d58faa14cb75d37e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1881
Cache-Control: max-age=116534
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 02:39:40 GMT
Etag: "63945fc9-117"
Expires: Mon, 12 Dec 2022 11:01:54 GMT
Last-Modified: Sat, 10 Dec 2022 10:30:33 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
www.scotiaonline.scotiabank.com/favicon/scotiabank.ico
184.86.50.154200 OK 15 kB URL HTTP/1.1 www.scotiaonline.scotiabank.com/favicon/scotiabank.ico
IP 184.86.50.154:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash e5c12f2dd3a3fbfbaa7901b121cfd620
73fbad5cf0b5d312a9729c7e6c544992d806da93
3871f2042a2d6077174b192702c4f344895847a3b35a3c617e44fa176a6b100d
GET /favicon/scotiabank.ico HTTP/1.1
Host: www.scotiaonline.scotiabank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://international.ueh.edu.vn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Content-Type: image/x-icon
Content-Length: 15406
Last-Modified: Sun, 04 Dec 2022 02:20:46 GMT
ETag: "638c03fe-3c2e"
X-Frame-Options: ALLOW-FROM *.scotiabank.com, *.bns
Accept-Ranges: bytes
Date: Sun, 11 Dec 2022 02:39:41 GMT
Connection: keep-alive
international.ueh.edu.vn/js/dfa.js?_=1670726379014
203.113.172.41200 OK 18 kB URL HTTP/1.1 international.ueh.edu.vn/js/dfa.js?_=1670726379014
IP 203.113.172.41:0
ASN #38731 CHT Compamy Ltd
File type HTML document, Unicode text, UTF-8 text, with very long lines (1902), with CRLF, LF line terminators
Hash 120a81c9764bdcb1488d65e4fad9e384
78443384de48263a7005803d662d98ca830dfd4b
37848a975c38fc3bb09e9f7af9910f2bac3398b7b65ac8fe01f9a25e169308ff
Analyzer Verdict Alert fortinet Phishing
GET /js/dfa.js?_=1670726379014 HTTP/1.1
Host: international.ueh.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://international.ueh.edu.vn/wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=-/authentication.php
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 02:39:40 GMT
Server: Apache/2.4.54
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
international.ueh.edu.vn/images/icons/icon_print.png
203.113.172.41200 OK 0 B URL HTTP/1.1 international.ueh.edu.vn/images/icons/icon_print.png
IP 203.113.172.41:0
ASN #38731 CHT Compamy Ltd
GET /images/icons/icon_print.png HTTP/1.1
Host: international.ueh.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://international.ueh.edu.vn/wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=-/authentication.php
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 02:39:39 GMT
Server: Apache/2.4.54
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
international.ueh.edu.vn/images/branding/scotiabank-group-bw.gif
203.113.172.41200 OK 0 B URL HTTP/1.1 international.ueh.edu.vn/images/branding/scotiabank-group-bw.gif
IP 203.113.172.41:0
ASN #38731 CHT Compamy Ltd
GET /images/branding/scotiabank-group-bw.gif HTTP/1.1
Host: international.ueh.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://international.ueh.edu.vn/wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=-/authentication.php
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 02:39:39 GMT
Server: Apache/2.4.54
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ipapi.co/json/
104.26.8.44200 OK 0 B IP 104.26.8.44:0
GET /json/ HTTP/1.1
Host: ipapi.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://international.ueh.edu.vn
Connection: keep-alive
Referer: http://international.ueh.edu.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Dec 2022 02:39:40 GMT
content-type: application/json
allow: POST, OPTIONS, GET, OPTIONS, HEAD
x-frame-options: DENY
vary: Host, Origin
access-control-allow-origin: http://international.ueh.edu.vn
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkA%2Bl8ykyPAzSDzziaiRVFGw7FmQhH7woH%2BTHndgYrH5WTRcAFY5DV1NGbnp7F8DjhLKnIPJA5ehEdyb2XVF904L8BUlir3kwhYWbjYBtq4AY15jYOl1BIW4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777ad9e74fd3b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
international.ueh.edu.vn/images/shell/ajax-loader-small.gif
203.113.172.41200 OK 0 B URL HTTP/1.1 international.ueh.edu.vn/images/shell/ajax-loader-small.gif
IP 203.113.172.41:0
ASN #38731 CHT Compamy Ltd
GET /images/shell/ajax-loader-small.gif HTTP/1.1
Host: international.ueh.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://international.ueh.edu.vn/wp-admin/user/interac-paymentverification/+-=-==-/directing/scotiabank/++_=-/authentication.php
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 02:39:39 GMT
Server: Apache/2.4.54
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8