{"report_id":"fa341f43-2219-41e9-a4b0-da56e3739e95","version":6,"status":"done","tags":["scotiabank","financial","phishing"],"date":"2024-05-03T20:41:18Z","url":{"schema":"http","addr":"labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":0,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"title":"Sign in | Scotiabank"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T17:52:27Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"ocsp.entrust.net","ip":{"addr":"23.38.202.187","port":0,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"domain_registered":"1997-07-28","domain_rank":1208,"first_seen":"2014-01-10 03:18:45","last_seen":"2024-05-02 18:12:02","alert_count":0,"request_count":1,"received_data":1957,"sent_data":328,"comment":"","tags":null,"fingerprints":null},{"fqdn":"somniture.scotiabank.com","ip":{"addr":"63.140.62.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"1996-04-09","domain_rank":112065,"first_seen":"2012-11-14 18:00:34","last_seen":"2023-12-01 09:42:28","alert_count":0,"request_count":1,"received_data":730,"sent_data":636,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.r2m03.amazontrust.com","ip":{"addr":"143.204.53.97","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2007-05-11","domain_rank":0,"first_seen":"2023-02-21 01:06:24","last_seen":"2024-05-03 20:46:12","alert_count":0,"request_count":1,"received_data":941,"sent_data":338,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dlslhpkfqfglo.cloudfront.net","ip":{"addr":"143.204.42.72","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2023-08-30 02:21:59","last_seen":"2024-04-09 05:14:45","alert_count":0,"request_count":5,"received_data":2464551,"sent_data":2503,"comment":"","tags":null,"fingerprints":null},{"fqdn":"assets","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":597867,"first_seen":"2015-06-13 22:18:59","last_seen":"2020-07-15 12:32:51","alert_count":1,"request_count":1,"received_data":0,"sent_data":428,"comment":"","tags":null,"fingerprints":null},{"fqdn":"csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com","ip":{"addr":"18.202.90.231","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2021-08-01","domain_rank":0,"first_seen":"2023-09-13 22:06:15","last_seen":"2024-01-15 06:58:35","alert_count":0,"request_count":1,"received_data":3334,"sent_data":567,"comment":"","tags":null,"fingerprints":null},{"fqdn":"labornatusdobrasil.com.br","ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2017-04-15 19:43:55","last_seen":"2021-12-24 13:48:32","alert_count":11,"request_count":11,"received_data":45139,"sent_data":5685,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dmtags.scotiabank.com","ip":{"addr":"104.66.122.200","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"domain_registered":"1996-04-09","domain_rank":238686,"first_seen":"2019-04-29 15:18:57","last_seen":"2023-12-01 09:42:28","alert_count":0,"request_count":5,"received_data":96122,"sent_data":2619,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-03","alert":"Sinkholed","trigger":"assets","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Scotiabank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Scotiabank phishing","tags":["scotiabank","financial","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"85d571a1d0b6748e09ced05d6bf9b146","sha1":"89347e5a4fec83823f9dc2f0c6d7ea3772b05654","sha256":"37c7d9a153646791579f135946bda00f7a8c0d38bc537bbcc2244d2fa613b10e","sha512":"e9aa2844856fe5b0deafde15b2ceed25a3e3371527dde721a25b7f21dbf6d29352ebc1ffb8bb3a0cd42dba204b61eac49674fc2beda45f91bb2e4edabedaaffc","ssdeep":"","tlshash":"3d61842b394b91300516eb9eb7fab2b03131b5040f9141047c9e896f6b2dca7a975dea","size":3158,"data":"","first_seen":"2024-05-01T03:41:16Z","last_seen":"2025-12-26T07:00:27.883783Z","times_seen":214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js","fqdn":"dlslhpkfqfglo.cloudfront.net","domain":"dlslhpkfqfglo.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.72","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc2e301ef03e451c268cc3fb283d0113","sha1":"85fc788f55abd4ce09ae2f15969ec74a67027209","sha256":"e24b45cf0914dc90c1a41f163118d8baf221ae51ca9c855d7da6071f15661ed6","sha512":"0d69d677b2358fba9d675fad5b65bb595db6ff490a0ea3f42afdc7192f69bd70fe9f118576b11884e2f0860febbebfc21568ccb9d4ab20dbcb2bffa51d15edd7","ssdeep":"12288:2b4FVv09WPjh63LRJdZR4sdLZhxpNuUb7UZUxiShx3SuuAYoBeN3sC9UTZdRRWia:9VvpPl6Q5","tlshash":"4fb5e1d866d5e51b66cd1e43ff556fea407a966390c87247c3a8ba8d18fc24bc1accc0","size":2448888,"data":"","first_seen":"2024-05-01T03:41:16Z","last_seen":"2024-08-20T01:33:36.109151Z","times_seen":163,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c6688024f007698831b2e4744a7ab707","sha1":"f278b1dea5459c97e08465f66d1f8406716a75be","sha256":"16b62b7805d97f47aed8b3c4f8bb3c8234bed8bfbbb7e88481035630a52cfa45","sha512":"8d851c21d9eb6e4ee711354c510383051f93e0f89ae97427dd321e8196f8b4c0b84ec18743ed63bf9ebfa246d3ee8e0460034d11f5de74c946cc0e98f9baf72b","ssdeep":"","tlshash":"5dc0484da1aa200081ab303c9b8b2249367312eb2509ca003e0e2b842f2512b8a27a9d","size":169,"data":"","first_seen":"2024-05-01T03:41:16Z","last_seen":"2025-09-22T17:26:33.466193Z","times_seen":179,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4b04be71901ffe5eeadf24da47a35b15","sha1":"b2b4d4068246bd8d384807a57d2bd5a54eb85ef0","sha256":"9eaaa8ff1906895e150fc5fbe39933a1b07b45602e242300cbbaccbdd052436f","sha512":"538ac31171943bbd499b83db2b4734bd221737d8a0e636edb9e67254d815fe28f010ceee5832a37d4387ac198a8706236bb35dac19e1d4b10b5037cbeddaf45c","ssdeep":"96:cm177bHdUebz9TgrJyqnqHaeiREIgdGYnFqzyCJQz0n0j5WYSBn:cmZbHgvzRgNnFqAUn","tlshash":"bef19ca9d87aec73600e13364a7d5506e67640573ce4fe287e2c1e2e0f2ce3c5569386","size":7958,"data":"","first_seen":"2024-05-01T03:41:17Z","last_seen":"2024-08-20T01:33:36.110251Z","times_seen":176,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dlslhpkfqfglo.cloudfront.net/cdn/ca/mutha-scotia-wrapper.min.js","fqdn":"dlslhpkfqfglo.cloudfront.net","domain":"dlslhpkfqfglo.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.72","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"557b54e8deceb5ce8edbf8676c5a3cf0","sha1":"4ca2d0e27c87536c561f4b50ac92c8f181450a24","sha256":"416d9db2d794e184d13131d8fb84940dc4727c158281734eae4120a8637e96d0","sha512":"e116ebdefd170ab13d4afecea18ec186ba23a4833ef2e50cccbe5841ed62b012ccd9c8a312295a94482590be87f17e3763dc79cfed700b6f508bf086f1e10d2c","ssdeep":"96:uCo1vDk/Wr3xwWBEi0ZeVCLYmNH1gHBEnRM13eIBD6X0zabO2RhXj5WBExVIiqsP:6rk4hwWGi0ZeVCLVNHMGnRM13eIBD6Ea","tlshash":"13c108d51ea86016b3adda636e299eb59235c07a36807347f444f8ccbc287d74c28f87","size":5145,"data":"","first_seen":"2024-05-01T03:41:17Z","last_seen":"2024-08-20T01:33:36.111539Z","times_seen":163,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js","fqdn":"dmtags.scotiabank.com","domain":"scotiabank.com","tld":"com"},"ip":{"addr":"104.66.122.200","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e5954bafa35e730bc024902bc607bd1f","sha1":"c9e02b8d41693266321ccf5df2f195600a700487","sha256":"432bdcaeac556841bbcae2c2573562ecdd13161fe8fc121fa4e5dc18ec37e707","sha512":"73eee531e07f313ae7ce6ddfa9e53b1a8348b74ac6210056b8ec78a4cf12cd360ae80540dc02602a5eaa1f7645585e5ea63d3046820da58e7fb19fec1e1dd33e","ssdeep":"6144:DesUlT+oHv2xCLtiMdPZgi1llUNpnRn39A97Y/yhpHFmUt4t902ToUyCnUEKr:67+aoMdPZL11r","tlshash":"36443d8eb354b4ae0fa73071a56f110ab1ba3845648cc120f6e5f8d97dad98d5273f38","size":259449,"data":"","first_seen":"2024-05-01T03:41:17Z","last_seen":"2024-08-20T01:33:36.097783Z","times_seen":176,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js","fqdn":"dmtags.scotiabank.com","domain":"scotiabank.com","tld":"com"},"ip":{"addr":"104.66.122.200","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"208eb534ea01036a4fca64e6715ccf3f","sha1":"90c85649634ff5a627023668b2e10fa01cf30315","sha256":"6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf","sha512":"b108b9dbe519ffaccf727b5d7fb4ebd88c96b1c628a4f515dacc625e22cd5da62a70ce50408fa41dddf0cf3c57433945534b0f4f22512e4913192c070d8676d9","ssdeep":"768:wOzYlTmNb/jPryl9jm1Uinxk5CvMD/DIVx32QnOmYf/:wMYlT+b/DOfjTSDi+Ju/","tlshash":"06f22cc531ebb86e165271f42d6f180ea13dcf5a988984b8e081c9e12878ec6515fff7","size":35222,"data":"","first_seen":"2023-09-20T09:29:32Z","last_seen":"2026-04-03T18:01:57.438533Z","times_seen":2337,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js","fqdn":"dmtags.scotiabank.com","domain":"scotiabank.com","tld":"com"},"ip":{"addr":"104.66.122.200","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf426cd1788c8356ee58c7abf14c38be","sha1":"609b5a8f0b4c7b5d3d955152a76db699d0eb5382","sha256":"6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16","sha512":"4650b0fe646169b23104fba724b8c3595f990a2d162954549490165ea379bb1d6aa5e4e071d7abf0133604f6e86ef316b00c9336813b65dc7b4acb052b50fa12","ssdeep":"384:TRFZqWtdbD5ABwXwLrekrff8eTr+xITxMcsn9LuJPvV/:TUAD5ABwXw+krfflyxUx0n96/","tlshash":"0192f78ab100af3406c3529d5a37e34e7336755d3886d068b899dce0657dc8b3623bb5","size":21067,"data":"","first_seen":"2023-10-31T04:12:59Z","last_seen":"2026-02-07T02:50:11.396742Z","times_seen":3298,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js","fqdn":"dmtags.scotiabank.com","domain":"scotiabank.com","tld":"com"},"ip":{"addr":"104.66.122.200","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"f1e098a5dd836ea5fc9726c429c8d71d","sha1":"9b9371eb2d68b1e71063cf9f848baa07347511ca","sha256":"bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8","sha512":"0baa423de29f3aeac738efaf42cea3a42efa50b05b1952bf4370da48363c5f9cc7e0d9284d0f82a60b6d8aa6a35cc62690ebb3e7f3e14a30cbb0a02e95261c6e","ssdeep":"","tlshash":"fd61a9efbb08a03306a519f14cef1d0ec5b126250d4d9074d9d9edceb428ab32119b3b","size":3284,"data":"","first_seen":"2023-09-20T09:29:32Z","last_seen":"2026-04-03T18:01:57.411934Z","times_seen":1966,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fd115c7b909727a3bc64ffcdcc4e1465","sha1":"6846c005ef292456943403516b0b170672bd81fb","sha256":"5fec99d156d4af2c4a5fb238b23cb3abe3e0f9fd8cdfffc2f0855b2604a7724d","sha512":"0b369bdf925c273a331060ae837fcba0345b00859d0fe6b8525eaf681d6e90150d39532ed40450b01f5426706fe607e4e5fe8e6973c84056fa6f9832fb69fab0","ssdeep":"","tlshash":"dbb01212100934047075001c2b0ae390744400274f0404503f1e00202f3140b4ac09c9","size":114,"data":"","first_seen":"2024-05-01T03:41:17Z","last_seen":"2024-08-20T01:33:36.110803Z","times_seen":163,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"32915e03f94b3dde36966fa16f09ebb4","sha1":"e187cdb275e429d696c5a794497db069a8e48426","sha256":"dac0f6c4f22c620c1a1cf58dcdbcf64e78c57299da355be6aeccb8aaaf6b8977","sha512":"564378718dd7f4b620b80fed2ad40ebe938b1dadd0f2a2f47eefb8574511b74a88021a53c673c7050da74c16dc9595f29c11ed47a61cb8fb02b8d422dedabcb3","ssdeep":"384:uOcnkYSZkOo0HckHZLpAhBE/ZYNt+J7Rr9D+uYKl2i2Xs9:uOcnkYSkv0Hck5rTlqs9","tlshash":"44b2be6caae37194a123713e4bff9014b4ba48034a8cdd55b91ce6509fdd038dab66fc","size":24853,"data":"","first_seen":"2024-05-01T03:41:17Z","last_seen":"2024-08-20T01:33:36.112089Z","times_seen":163,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/resource-loader.js","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.139Z","timestamp":1714768853139,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"labornatusdobrasil.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Apr 2024 23:25:10 GMT","end":"Mon, 15 Jul 2024 23:25:09 GMT"},"fingerprint":{"sha1":"EB:53:77:00:FC:64:8C:E3:C7:58:E6:4B:9C:65:B4:C4:B1:A4:0E:93","sha256":"9D:70:A5:61:DE:86:92:24:3B:A0:AF:DD:7E:CF:8F:4D:13:D4:7C:4C:65:32:20:59:9B:DA:8D:DD:2F:82:1D:62"}}},"request":{"raw":"GET /resource-loader.js HTTP/1.1\r\nHost: labornatusdobrasil.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nlast-modified: Thu, 29 Sep 2022 13:31:45 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 836\r\ncontent-type: text/html\r\ndate: Fri, 03 May 2024 20:40:53 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":836,"size_decoded":2361,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"11a0bbc52834cf74da795d5815b7dc63","sha1":"5d401cf953df570210427a92d27e00ddf403f4b7","sha256":"c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5","sha512":"bdc773e24231dcc13db01881c1977c091f565d1505ab8fb8aaf7f6565ddcbc36b1943126d51e43e701a49c6c024e9d335b50ca546e8058029844255f2796a62c","ssdeep":"","tlshash":"75418d8348c04d4f3231a649ba5b63a9d982a147cf6e9e40b2de631f4ff2da1c573131","first_seen":"2023-04-05T04:00:29Z","last_seen":"2026-04-03T13:37:17.336509Z","times_seen":6907,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Scotiabank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Scotiabank phishing","tags":["scotiabank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/runtime.28b2f6d6a26212c51af2.js","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.141Z","timestamp":1714768853141,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"labornatusdobrasil.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Apr 2024 23:25:10 GMT","end":"Mon, 15 Jul 2024 23:25:09 GMT"},"fingerprint":{"sha1":"EB:53:77:00:FC:64:8C:E3:C7:58:E6:4B:9C:65:B4:C4:B1:A4:0E:93","sha256":"9D:70:A5:61:DE:86:92:24:3B:A0:AF:DD:7E:CF:8F:4D:13:D4:7C:4C:65:32:20:59:9B:DA:8D:DD:2F:82:1D:62"}}},"request":{"raw":"GET /runtime.28b2f6d6a26212c51af2.js HTTP/1.1\r\nHost: labornatusdobrasil.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nlast-modified: Thu, 29 Sep 2022 13:31:45 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 836\r\ncontent-type: text/html\r\ndate: Fri, 03 May 2024 20:40:53 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":836,"size_decoded":2361,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"11a0bbc52834cf74da795d5815b7dc63","sha1":"5d401cf953df570210427a92d27e00ddf403f4b7","sha256":"c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5","sha512":"bdc773e24231dcc13db01881c1977c091f565d1505ab8fb8aaf7f6565ddcbc36b1943126d51e43e701a49c6c024e9d335b50ca546e8058029844255f2796a62c","ssdeep":"","tlshash":"75418d8348c04d4f3231a649ba5b63a9d982a147cf6e9e40b2de631f4ff2da1c573131","first_seen":"2023-04-05T04:00:29Z","last_seen":"2026-04-03T13:37:17.336509Z","times_seen":6907,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Scotiabank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Scotiabank phishing","tags":["scotiabank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/main.cafb241d85447b367d0c.chunk.js","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.143Z","timestamp":1714768853143,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"labornatusdobrasil.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Apr 2024 23:25:10 GMT","end":"Mon, 15 Jul 2024 23:25:09 GMT"},"fingerprint":{"sha1":"EB:53:77:00:FC:64:8C:E3:C7:58:E6:4B:9C:65:B4:C4:B1:A4:0E:93","sha256":"9D:70:A5:61:DE:86:92:24:3B:A0:AF:DD:7E:CF:8F:4D:13:D4:7C:4C:65:32:20:59:9B:DA:8D:DD:2F:82:1D:62"}}},"request":{"raw":"GET /main.cafb241d85447b367d0c.chunk.js HTTP/1.1\r\nHost: labornatusdobrasil.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nlast-modified: Thu, 29 Sep 2022 13:31:45 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 836\r\ncontent-type: text/html\r\ndate: Fri, 03 May 2024 20:40:53 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":836,"size_decoded":2361,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"11a0bbc52834cf74da795d5815b7dc63","sha1":"5d401cf953df570210427a92d27e00ddf403f4b7","sha256":"c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5","sha512":"bdc773e24231dcc13db01881c1977c091f565d1505ab8fb8aaf7f6565ddcbc36b1943126d51e43e701a49c6c024e9d335b50ca546e8058029844255f2796a62c","ssdeep":"","tlshash":"75418d8348c04d4f3231a649ba5b63a9d982a147cf6e9e40b2de631f4ff2da1c573131","first_seen":"2023-04-05T04:00:29Z","last_seen":"2026-04-03T13:37:17.336509Z","times_seen":6907,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Scotiabank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Scotiabank phishing","tags":["scotiabank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-05-03T20:40:52.134Z","timestamp":1714768852134,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"labornatusdobrasil.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Apr 2024 23:25:10 GMT","end":"Mon, 15 Jul 2024 23:25:09 GMT"},"fingerprint":{"sha1":"EB:53:77:00:FC:64:8C:E3:C7:58:E6:4B:9C:65:B4:C4:B1:A4:0E:93","sha256":"9D:70:A5:61:DE:86:92:24:3B:A0:AF:DD:7E:CF:8F:4D:13:D4:7C:4C:65:32:20:59:9B:DA:8D:DD:2F:82:1D:62"}}},"request":{"raw":"GET /sg/NOVASCOT/SCOTIAL/ HTTP/1.1\r\nHost: labornatusdobrasil.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 14 Dec 2023 16:48:40 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Fri, 03 May 2024 20:40:52 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26456,"size_decoded":104177,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3411)","md5":"4a3a4e6d5edf3f6802cb94ce48b63e1b","sha1":"0fbb8d2a4f4a4b4c44b3c8b4052129d85109e380","sha256":"ac9748e8bfb4e27e78ea1d53221c5023821e77b4def62347e599d3f691414a33","sha512":"8a25bd9dcb0fe25cae76a85eede9ab502ea7243c615d6606141423eddf5937707da0b8ee63158681d2c29b2fb18899d9e2fe2401f8e2ab1690c808b112417e3f","ssdeep":"768:dyJU76Ot6O96zL6tAKpzaCGKAvDhHbpsRJkFjOcnkYSkv0Hck5rTlqsc:dyJc6I6E6f6tAtJpbpyYjOck3Hcz","tlshash":"9ea3922d9ee3215a6503657887ff7140b235c013da8ced983d8d9724cf9e96c8ab3399","first_seen":"2024-05-03T19:15:41Z","last_seen":"2024-08-20T00:55:28.998058Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1097,"timings":{"blocked":432,"dns":1,"connect":118,"send":0,"wait":230,"receive":0,"ssl":309},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Scotiabank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Scotiabank phishing","tags":["scotiabank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/styles.ef875488df3637535e09.css","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.151Z","timestamp":1714768853151,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"labornatusdobrasil.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Apr 2024 23:25:10 GMT","end":"Mon, 15 Jul 2024 23:25:09 GMT"},"fingerprint":{"sha1":"EB:53:77:00:FC:64:8C:E3:C7:58:E6:4B:9C:65:B4:C4:B1:A4:0E:93","sha256":"9D:70:A5:61:DE:86:92:24:3B:A0:AF:DD:7E:CF:8F:4D:13:D4:7C:4C:65:32:20:59:9B:DA:8D:DD:2F:82:1D:62"}}},"request":{"raw":"GET /styles.ef875488df3637535e09.css HTTP/1.1\r\nHost: labornatusdobrasil.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nlast-modified: Thu, 29 Sep 2022 13:31:45 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 836\r\ncontent-type: text/html\r\ndate: Fri, 03 May 2024 20:40:53 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":836,"size_decoded":2361,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"11a0bbc52834cf74da795d5815b7dc63","sha1":"5d401cf953df570210427a92d27e00ddf403f4b7","sha256":"c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5","sha512":"bdc773e24231dcc13db01881c1977c091f565d1505ab8fb8aaf7f6565ddcbc36b1943126d51e43e701a49c6c024e9d335b50ca546e8058029844255f2796a62c","ssdeep":"","tlshash":"75418d8348c04d4f3231a649ba5b63a9d982a147cf6e9e40b2de631f4ff2da1c573131","first_seen":"2023-04-05T04:00:29Z","last_seen":"2026-04-03T13:37:17.336509Z","times_seen":6907,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Scotiabank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Scotiabank phishing","tags":["scotiabank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/assets/8fd30bd010d9e2c7677ec339685f958b.woff","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.479Z","timestamp":1714768853479,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"labornatusdobrasil.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Apr 2024 23:25:10 GMT","end":"Mon, 15 Jul 2024 23:25:09 GMT"},"fingerprint":{"sha1":"EB:53:77:00:FC:64:8C:E3:C7:58:E6:4B:9C:65:B4:C4:B1:A4:0E:93","sha256":"9D:70:A5:61:DE:86:92:24:3B:A0:AF:DD:7E:CF:8F:4D:13:D4:7C:4C:65:32:20:59:9B:DA:8D:DD:2F:82:1D:62"}}},"request":{"raw":"GET /assets/8fd30bd010d9e2c7677ec339685f958b.woff HTTP/1.1\r\nHost: labornatusdobrasil.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nlast-modified: Thu, 29 Sep 2022 13:31:45 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2361\r\nvary: Accept-Encoding\r\ncontent-type: text/html\r\ndate: Fri, 03 May 2024 20:40:53 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":2361,"size_decoded":2361,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"11a0bbc52834cf74da795d5815b7dc63","sha1":"5d401cf953df570210427a92d27e00ddf403f4b7","sha256":"c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5","sha512":"bdc773e24231dcc13db01881c1977c091f565d1505ab8fb8aaf7f6565ddcbc36b1943126d51e43e701a49c6c024e9d335b50ca546e8058029844255f2796a62c","ssdeep":"","tlshash":"75418d8348c04d4f3231a649ba5b63a9d982a147cf6e9e40b2de631f4ff2da1c573131","first_seen":"2023-04-05T04:00:29Z","last_seen":"2026-04-03T13:37:17.336509Z","times_seen":6907,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Scotiabank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Scotiabank phishing","tags":["scotiabank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js","fqdn":"dmtags.scotiabank.com","domain":"scotiabank.com","tld":"com"},"ip":{"addr":"104.66.122.200","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.136Z","timestamp":1714768853136,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apps.scotiabank.com","organization":"Bank of Nova Scotia"},"issuer":{"commonName":"Entrust Certification Authority - L1K","organization":"Entrust, Inc."},"validity":{"start":"Tue, 21 Nov 2023 14:23:22 GMT","end":"Sat, 21 Dec 2024 14:23:21 GMT"},"fingerprint":{"sha1":"0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88","sha256":"71:96:19:DE:81:70:78:A6:A0:C9:12:4B:B6:B6:E5:FE:34:EF:75:9D:A9:AC:23:7D:FA:54:04:74:A4:8C:11:48"}}},"request":{"raw":"GET /launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js HTTP/1.1\r\nHost: dmtags.scotiabank.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Type: application/x-javascript\r\nETag: \"661438e0-3f579\"\r\nLast-Modified: Mon, 08 Apr 2024 18:35:12 GMT\r\nServer: nginx/1.23.3\r\nX-Vcap-Request-Id: 773864d7-2485-4256-5a57-f15ba41a0207\r\nX-Xss-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\nContent-Length: 67765\r\nDate: Fri, 03 May 2024 20:40:53 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://scotiabank.com\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;\r\nX-Frame-Options: SAMEORIGIN\r\nCache-Control: private\r\nVary: Accept-Encoding, origin\r\nStrict-Transport-Security: max-age=31536000 ; includeSubDomains\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":67765,"size_decoded":259449,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (32757)","md5":"e5954bafa35e730bc024902bc607bd1f","sha1":"c9e02b8d41693266321ccf5df2f195600a700487","sha256":"432bdcaeac556841bbcae2c2573562ecdd13161fe8fc121fa4e5dc18ec37e707","sha512":"73eee531e07f313ae7ce6ddfa9e53b1a8348b74ac6210056b8ec78a4cf12cd360ae80540dc02602a5eaa1f7645585e5ea63d3046820da58e7fb19fec1e1dd33e","ssdeep":"6144:DesUlT+oHv2xCLtiMdPZgi1llUNpnRn39A97Y/yhpHFmUt4t902ToUyCnUEKr:67+aoMdPZL11r","tlshash":"36443d8eb354b4ae0fa73071a56f110ab1ba3845648cc120f6e5f8d97dad98d5273f38","first_seen":"2024-05-01T03:41:17Z","last_seen":"2024-08-20T01:33:36.097783Z","times_seen":176,"resource_available":true,"data":null}},"time_used":549,"timings":{"blocked":246,"dns":227,"connect":7,"send":0,"wait":27,"receive":16,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/assets/50805f331bb1b697aafb6f0c28b09212.woff2","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.610Z","timestamp":1714768853610,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"labornatusdobrasil.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Apr 2024 23:25:10 GMT","end":"Mon, 15 Jul 2024 23:25:09 GMT"},"fingerprint":{"sha1":"EB:53:77:00:FC:64:8C:E3:C7:58:E6:4B:9C:65:B4:C4:B1:A4:0E:93","sha256":"9D:70:A5:61:DE:86:92:24:3B:A0:AF:DD:7E:CF:8F:4D:13:D4:7C:4C:65:32:20:59:9B:DA:8D:DD:2F:82:1D:62"}}},"request":{"raw":"GET /assets/50805f331bb1b697aafb6f0c28b09212.woff2 HTTP/1.1\r\nHost: labornatusdobrasil.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nlast-modified: Thu, 29 Sep 2022 13:31:45 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2361\r\nvary: Accept-Encoding\r\ncontent-type: text/html\r\ndate: Fri, 03 May 2024 20:40:53 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":2361,"size_decoded":2361,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"11a0bbc52834cf74da795d5815b7dc63","sha1":"5d401cf953df570210427a92d27e00ddf403f4b7","sha256":"c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5","sha512":"bdc773e24231dcc13db01881c1977c091f565d1505ab8fb8aaf7f6565ddcbc36b1943126d51e43e701a49c6c024e9d335b50ca546e8058029844255f2796a62c","ssdeep":"","tlshash":"75418d8348c04d4f3231a649ba5b63a9d982a147cf6e9e40b2de631f4ff2da1c573131","first_seen":"2023-04-05T04:00:29Z","last_seen":"2026-04-03T13:37:17.336509Z","times_seen":6907,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Scotiabank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Scotiabank phishing","tags":["scotiabank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js","fqdn":"dmtags.scotiabank.com","domain":"scotiabank.com","tld":"com"},"ip":{"addr":"104.66.122.200","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.546Z","timestamp":1714768853546,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apps.scotiabank.com","organization":"Bank of Nova Scotia"},"issuer":{"commonName":"Entrust Certification Authority - L1K","organization":"Entrust, Inc."},"validity":{"start":"Tue, 21 Nov 2023 14:23:22 GMT","end":"Sat, 21 Dec 2024 14:23:21 GMT"},"fingerprint":{"sha1":"0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88","sha256":"71:96:19:DE:81:70:78:A6:A0:C9:12:4B:B6:B6:E5:FE:34:EF:75:9D:A9:AC:23:7D:FA:54:04:74:A4:8C:11:48"}}},"request":{"raw":"GET /launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js HTTP/1.1\r\nHost: dmtags.scotiabank.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Type: application/x-javascript\r\nETag: \"661438ab-8996\"\r\nLast-Modified: Mon, 08 Apr 2024 18:34:19 GMT\r\nServer: nginx/1.23.3\r\nX-Vcap-Request-Id: e61856c7-d650-42dc-532c-9003683bddfd\r\nX-Xss-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\nContent-Length: 12687\r\nDate: Fri, 03 May 2024 20:40:53 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://scotiabank.com\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;\r\nX-Frame-Options: SAMEORIGIN\r\nCache-Control: private\r\nVary: Accept-Encoding, origin\r\nStrict-Transport-Security: max-age=31536000 ; includeSubDomains\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12687,"size_decoded":35222,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (32730)","md5":"208eb534ea01036a4fca64e6715ccf3f","sha1":"90c85649634ff5a627023668b2e10fa01cf30315","sha256":"6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf","sha512":"b108b9dbe519ffaccf727b5d7fb4ebd88c96b1c628a4f515dacc625e22cd5da62a70ce50408fa41dddf0cf3c57433945534b0f4f22512e4913192c070d8676d9","ssdeep":"768:wOzYlTmNb/jPryl9jm1Uinxk5CvMD/DIVx32QnOmYf/:wMYlT+b/DOfjTSDi+Ju/","tlshash":"06f22cc531ebb86e165271f42d6f180ea13dcf5a988984b8e081c9e12878ec6515fff7","first_seen":"2023-09-20T09:29:32Z","last_seen":"2026-04-03T18:01:57.438533Z","times_seen":2337,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js","fqdn":"dmtags.scotiabank.com","domain":"scotiabank.com","tld":"com"},"ip":{"addr":"104.66.122.200","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.554Z","timestamp":1714768853554,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apps.scotiabank.com","organization":"Bank of Nova Scotia"},"issuer":{"commonName":"Entrust Certification Authority - L1K","organization":"Entrust, Inc."},"validity":{"start":"Tue, 21 Nov 2023 14:23:22 GMT","end":"Sat, 21 Dec 2024 14:23:21 GMT"},"fingerprint":{"sha1":"0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88","sha256":"71:96:19:DE:81:70:78:A6:A0:C9:12:4B:B6:B6:E5:FE:34:EF:75:9D:A9:AC:23:7D:FA:54:04:74:A4:8C:11:48"}}},"request":{"raw":"GET /aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/otSDKStub.js HTTP/1.1\r\nHost: dmtags.scotiabank.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Type: application/x-javascript\r\nETag: \"6556797d-524b\"\r\nLast-Modified: Thu, 16 Nov 2023 20:20:13 GMT\r\nServer: nginx/1.23.3\r\nX-Vcap-Request-Id: e8ed5c2b-47b3-46ef-7fd0-80e5a726ad83\r\nX-Xss-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\nContent-Length: 6793\r\nDate: Fri, 03 May 2024 20:40:53 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://scotiabank.com\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;\r\nX-Frame-Options: SAMEORIGIN\r\nCache-Control: private\r\nVary: Accept-Encoding, origin\r\nStrict-Transport-Security: max-age=31536000 ; includeSubDomains\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6793,"size_decoded":21067,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (21066)","md5":"cf426cd1788c8356ee58c7abf14c38be","sha1":"609b5a8f0b4c7b5d3d955152a76db699d0eb5382","sha256":"6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16","sha512":"4650b0fe646169b23104fba724b8c3595f990a2d162954549490165ea379bb1d6aa5e4e071d7abf0133604f6e86ef316b00c9336813b65dc7b4acb052b50fa12","ssdeep":"384:TRFZqWtdbD5ABwXwLrekrff8eTr+xITxMcsn9LuJPvV/:TUAD5ABwXw+krfflyxUx0n96/","tlshash":"0192f78ab100af3406c3529d5a37e34e7336755d3886d068b899dce0657dc8b3623bb5","first_seen":"2023-10-31T04:12:59Z","last_seen":"2026-02-07T02:50:11.396742Z","times_seen":3298,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/favicon.ico","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.474Z","timestamp":1714768853474,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"labornatusdobrasil.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Apr 2024 23:25:10 GMT","end":"Mon, 15 Jul 2024 23:25:09 GMT"},"fingerprint":{"sha1":"EB:53:77:00:FC:64:8C:E3:C7:58:E6:4B:9C:65:B4:C4:B1:A4:0E:93","sha256":"9D:70:A5:61:DE:86:92:24:3B:A0:AF:DD:7E:CF:8F:4D:13:D4:7C:4C:65:32:20:59:9B:DA:8D:DD:2F:82:1D:62"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: labornatusdobrasil.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nlast-modified: Thu, 29 Sep 2022 13:31:45 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 836\r\ncontent-type: text/html\r\ndate: Fri, 03 May 2024 20:40:53 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":836,"size_decoded":2361,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"11a0bbc52834cf74da795d5815b7dc63","sha1":"5d401cf953df570210427a92d27e00ddf403f4b7","sha256":"c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5","sha512":"bdc773e24231dcc13db01881c1977c091f565d1505ab8fb8aaf7f6565ddcbc36b1943126d51e43e701a49c6c024e9d335b50ca546e8058029844255f2796a62c","ssdeep":"","tlshash":"75418d8348c04d4f3231a649ba5b63a9d982a147cf6e9e40b2de631f4ff2da1c573131","first_seen":"2023-04-05T04:00:29Z","last_seen":"2026-04-03T13:37:17.336509Z","times_seen":6907,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Scotiabank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Scotiabank phishing","tags":["scotiabank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/assets/8fd30bd010d9e2c7677ec339685f958b.woff","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.479Z","timestamp":1714768853479,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"labornatusdobrasil.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Apr 2024 23:25:10 GMT","end":"Mon, 15 Jul 2024 23:25:09 GMT"},"fingerprint":{"sha1":"EB:53:77:00:FC:64:8C:E3:C7:58:E6:4B:9C:65:B4:C4:B1:A4:0E:93","sha256":"9D:70:A5:61:DE:86:92:24:3B:A0:AF:DD:7E:CF:8F:4D:13:D4:7C:4C:65:32:20:59:9B:DA:8D:DD:2F:82:1D:62"}}},"request":{"raw":"GET /assets/8fd30bd010d9e2c7677ec339685f958b.woff HTTP/1.1\r\nHost: labornatusdobrasil.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nlast-modified: Thu, 29 Sep 2022 13:31:45 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2361\r\nvary: Accept-Encoding\r\ncontent-type: text/html\r\ndate: Fri, 03 May 2024 20:40:53 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":2361,"size_decoded":2361,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"11a0bbc52834cf74da795d5815b7dc63","sha1":"5d401cf953df570210427a92d27e00ddf403f4b7","sha256":"c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5","sha512":"bdc773e24231dcc13db01881c1977c091f565d1505ab8fb8aaf7f6565ddcbc36b1943126d51e43e701a49c6c024e9d335b50ca546e8058029844255f2796a62c","ssdeep":"","tlshash":"75418d8348c04d4f3231a649ba5b63a9d982a147cf6e9e40b2de631f4ff2da1c573131","first_seen":"2023-04-05T04:00:29Z","last_seen":"2026-04-03T13:37:17.336509Z","times_seen":6907,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Scotiabank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Scotiabank phishing","tags":["scotiabank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js","fqdn":"dmtags.scotiabank.com","domain":"scotiabank.com","tld":"com"},"ip":{"addr":"104.66.122.200","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.547Z","timestamp":1714768853547,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apps.scotiabank.com","organization":"Bank of Nova Scotia"},"issuer":{"commonName":"Entrust Certification Authority - L1K","organization":"Entrust, Inc."},"validity":{"start":"Tue, 21 Nov 2023 14:23:22 GMT","end":"Sat, 21 Dec 2024 14:23:21 GMT"},"fingerprint":{"sha1":"0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88","sha256":"71:96:19:DE:81:70:78:A6:A0:C9:12:4B:B6:B6:E5:FE:34:EF:75:9D:A9:AC:23:7D:FA:54:04:74:A4:8C:11:48"}}},"request":{"raw":"GET /launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1\r\nHost: dmtags.scotiabank.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Type: application/x-javascript\r\nETag: \"661438ab-cd4\"\r\nLast-Modified: Mon, 08 Apr 2024 18:34:19 GMT\r\nServer: nginx/1.23.3\r\nX-Vcap-Request-Id: 566d5112-7b3e-4a90-4e42-51eb2dd04904\r\nX-Xss-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\nContent-Length: 1597\r\nDate: Fri, 03 May 2024 20:40:53 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://scotiabank.com\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;\r\nX-Frame-Options: SAMEORIGIN\r\nCache-Control: private\r\nVary: Accept-Encoding, origin\r\nStrict-Transport-Security: max-age=31536000 ; includeSubDomains\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1597,"size_decoded":3284,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (3138)","md5":"f1e098a5dd836ea5fc9726c429c8d71d","sha1":"9b9371eb2d68b1e71063cf9f848baa07347511ca","sha256":"bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8","sha512":"0baa423de29f3aeac738efaf42cea3a42efa50b05b1952bf4370da48363c5f9cc7e0d9284d0f82a60b6d8aa6a35cc62690ebb3e7f3e14a30cbb0a02e95261c6e","ssdeep":"","tlshash":"fd61a9efbb08a03306a519f14cef1d0ec5b126250d4d9074d9d9edceb428ab32119b3b","first_seen":"2023-09-20T09:29:32Z","last_seen":"2026-04-03T18:01:57.411934Z","times_seen":1966,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":34,"dns":1,"connect":7,"send":0,"wait":20,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/assets/50805f331bb1b697aafb6f0c28b09212.woff2","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.610Z","timestamp":1714768853610,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"labornatusdobrasil.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Apr 2024 23:25:10 GMT","end":"Mon, 15 Jul 2024 23:25:09 GMT"},"fingerprint":{"sha1":"EB:53:77:00:FC:64:8C:E3:C7:58:E6:4B:9C:65:B4:C4:B1:A4:0E:93","sha256":"9D:70:A5:61:DE:86:92:24:3B:A0:AF:DD:7E:CF:8F:4D:13:D4:7C:4C:65:32:20:59:9B:DA:8D:DD:2F:82:1D:62"}}},"request":{"raw":"GET /assets/50805f331bb1b697aafb6f0c28b09212.woff2 HTTP/1.1\r\nHost: labornatusdobrasil.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/\r\nCookie: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19847%7CMCMID%7C92035885440080424214890832302387752457%7CvVersion%7C5.5.0\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nlast-modified: Thu, 29 Sep 2022 13:31:45 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2361\r\nvary: Accept-Encoding\r\ncontent-type: text/html\r\ndate: Fri, 03 May 2024 20:40:53 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":2361,"size_decoded":2361,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"11a0bbc52834cf74da795d5815b7dc63","sha1":"5d401cf953df570210427a92d27e00ddf403f4b7","sha256":"c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5","sha512":"bdc773e24231dcc13db01881c1977c091f565d1505ab8fb8aaf7f6565ddcbc36b1943126d51e43e701a49c6c024e9d335b50ca546e8058029844255f2796a62c","ssdeep":"","tlshash":"75418d8348c04d4f3231a649ba5b63a9d982a147cf6e9e40b2de631f4ff2da1c573131","first_seen":"2023-04-05T04:00:29Z","last_seen":"2026-04-03T13:37:17.336509Z","times_seen":6907,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Scotiabank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Scotiabank phishing","tags":["scotiabank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json","fqdn":"dmtags.scotiabank.com","domain":"scotiabank.com","tld":"com"},"ip":{"addr":"104.66.122.200","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.606Z","timestamp":1714768853606,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apps.scotiabank.com","organization":"Bank of Nova Scotia"},"issuer":{"commonName":"Entrust Certification Authority - L1K","organization":"Entrust, Inc."},"validity":{"start":"Tue, 21 Nov 2023 14:23:22 GMT","end":"Sat, 21 Dec 2024 14:23:21 GMT"},"fingerprint":{"sha1":"0D:54:C6:33:4D:69:83:6F:15:A0:C6:B0:AC:82:4E:7C:14:D1:D8:88","sha256":"71:96:19:DE:81:70:78:A6:A0:C9:12:4B:B6:B6:E5:FE:34:EF:75:9D:A9:AC:23:7D:FA:54:04:74:A4:8C:11:48"}}},"request":{"raw":"GET /aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json HTTP/1.1\r\nHost: dmtags.scotiabank.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://labornatusdobrasil.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Type: text/plain\r\nETag: \"655678d7-129c\"\r\nLast-Modified: Thu, 16 Nov 2023 20:17:27 GMT\r\nServer: nginx/1.23.3\r\nX-Vcap-Request-Id: ff4fd15b-8939-43f9-7f7d-c42ffc814f58\r\nX-Xss-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\nDate: Fri, 03 May 2024 20:40:53 GMT\r\nContent-Length: 1663\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://scotiabank.com\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: frame-ancestors 'self' https://*.scotiabank.com https://www.scotiaitrade.com/ https://www.scotialifefinancial.com/ https://www.scotiafunds.com/ http://*.bns https://*.bns ;\r\nX-Frame-Options: SAMEORIGIN\r\nCache-Control: private\r\nVary: Accept-Encoding, origin\r\nStrict-Transport-Security: max-age=31536000 ; includeSubDomains\r\nSet-Cookie: _abck=F44EC345C78CE569F849055E2FB06A89~-1~YAAQFloDF5ePvimPAQAAHjswQAsuM6vTErdmO+mLb7kBuep/JL0QSTD6EZegiJGOxz4wY62Ukcn7GYnnBCguTZiTdwWoJUqpb7b0HrMqrmEOEsN3tsyDCXVcxs5XXQ5vr1VUdBpvY3h770lQUPkYyLCrLliA+hgWaaAEDK3YK+Tyw6cxnoQRUZ04ZDPQvw6xTQYI9PodOAq2WbQfsJqc0SPgF43hAeHsUOmZMp2O7rQoNTwcbpoPxJS13GUF9YM922x9BeI8hjvILgixNH7DYpWV5KQSNGR9Dbgmax7nt9rH3zhxFpU8wvINf04XV8AL/1rC6IAnFJBLvNTknRK92ot8XTgnuwEGCp5VdTbxr0kQe4Ep7nmiiB66aTyDd/F3ERhO5SRaKJN61/w=~-1~-1~-1; Domain=.scotiabank.com; Path=/; Expires=Sat, 03 May 2025 20:40:53 GMT; Max-Age=31536000; Secure\nak_bmsc=92915D3027053F7CDC0683F3C00C67DA~000000000000000000000000000000~YAAQFloDF5iPvimPAQAAHjswQBdl+ax91EN+DXJcT3azk/WHt0QoIKlp1tV7dCPR7RmZeivIg++0s/89y+h5qhNpHZxRsOjdQRBvQD7l0QGV7/4TnM0at+jX7fE1Scry6Kg1AiOMvmBmPSyoouKCq1wtSxjUqZDTggkjTKpJHsrbkJsLc59BfajAxCepUKiEyc+s1ud8dZWr59ERpdvKPmAUJGDo/UjBpY/OfLw5N1yADgc2PbMAm4BYENgHWfEseFP6B2VxlBt9BgvmbtoHg5r+rwgPmTp6jxT32eJYlqkVtaNFEBEhK6r3LxLEvUTLrgLB8x4Sq+MWBHdmfoXSmQ8AWFqN25ZmAZkZ8HK0ewMqoBU92ev5BOAt8JY8vNjmdykv; Domain=.scotiabank.com; Path=/; Expires=Fri, 03 May 2024 22:40:53 GMT; Max-Age=7200; HttpOnly\nbm_sz=B681D374DEF7D7BB4C7F2E0B9D6DD911~YAAQFloDF5mPvimPAQAAHjswQBd4HYP2hxItdwVwBn/Lu39SgTVYEdwNedprLVtYd4ac4UOU7+/ALUqwkPiH96mz1EpB2DQ0l3l+x4lxqaPrX6umpChjCvgRn/Tlppp87pJqr4x8LLK29E9tMg/ULyTH0MAvjX/onlDHTPzeV+clbfkViwcL5yZQIo2KZeZE3D/YLVE+bM4WHAx3KuMx4mfQQ2a7MPdmyo0GVfrr1TQFCoFvjY5NIsII40CLXrrmskaKEW8JiG4ZGbx957lpnXi4apFGdQFL3xNMvOYBQsfMk7Ox09D2/zPABlnplZKbyApU50LtYzz51G8GLIUCPHeB0iPcQFfwFsz6dWdRLb4=~4534325~3487556; Domain=.scotiabank.com; Path=/; Expires=Sat, 04 May 2024 00:40:53 GMT; Max-Age=14400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1663,"size_decoded":4764,"mime_type":"text/plain","magic":"JSON text data","md5":"a5c83dd0c55b426a3c30b19e3a9995a0","sha1":"59b982ba2cb9efd68339d546486096e553ea4b20","sha256":"de125b3c6b2e6c0d7aafdca50a9d0324506829b4497bc099c167fc7d1c2fe806","sha512":"3e980f3fe93675bea6ab4c1acfdef6d5ad55fcd7b637ca1b6a523b16ad539be0872677e2383af1222144f8e8bee62858781a78ba195945cd9881c953cbe8cb78","ssdeep":"96:npyme40wqGWTZO4LvdixCVKxYa6AyPx2jsNj/vjJjzZ5h7e:Tv6EolixT6vZCsV/LJrI","tlshash":"49a1925e764c853ecbaa83dac85dbd094bde38721189fc14c88f4d2c17ab7b71891627","first_seen":"2023-12-07T21:48:20Z","last_seen":"2026-02-07T02:50:11.397209Z","times_seen":224,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":30,"dns":1,"connect":7,"send":0,"wait":160,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.entrust.net/","fqdn":"ocsp.entrust.net","domain":"entrust.net","tld":"net"},"ip":{"addr":"23.38.202.187","port":0,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-05-03T20:40:53.984405719Z","timestamp":1714768853984,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.entrust.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nETag: \"F5B8B07C7FC9772CDAA9341FDF543DCD60AEAA9A93E438C0B5AB8ABE586D8EC8\"\r\nLast-Modified: Fri, 03 May 2024 11:00:00 UTC\r\nContent-Length: 1588\r\nCache-Control: public, no-transform, must-revalidate, max-age=3600\r\nExpires: Fri, 03 May 2024 21:40:53 GMT\r\nDate: Fri, 03 May 2024 20:40:53 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1588,"size_decoded":1588,"mime_type":"application/octet-stream","magic":"data","md5":"563833b816e06ec9738571a419bf0577","sha1":"254ca21e2fb5ebc4b862f6a7e7d9c8d99ca2af1e","sha256":"f5b8b07c7fc9772cdaa9341fdf543dcd60aeaa9a93e438c0b5ab8abe586d8ec8","sha512":"64291d4c717c2a4b3bb2ca9fe2131d400c061f6c10b98432ec0de21e4bc96d44678c7685371256a8ecd157373cd9ae03abebc378854075e7360845c7e73155c6","ssdeep":"","tlshash":"b331a3a18a192390becd5e983ac0e132be78b3b4a04701911176cab29d913f12f47e84","first_seen":"2024-05-03T13:26:57Z","last_seen":"2024-08-20T00:59:05.876652Z","times_seen":50,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"somniture.scotiabank.com/id?d_visid_ver=5.5.0\u0026d_fieldgroup=A\u0026mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg\u0026mid=92035885440080424214890832302387752457\u0026ts=1714768853560","fqdn":"somniture.scotiabank.com","domain":"scotiabank.com","tld":"com"},"ip":{"addr":"63.140.62.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.562Z","timestamp":1714768853562,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"somniture.scotiabank.com","organization":"Bank of Nova Scotia"},"issuer":{"commonName":"Entrust Certification Authority - L1K","organization":"Entrust, Inc."},"validity":{"start":"Mon, 21 Aug 2023 20:22:41 GMT","end":"Sat, 21 Sep 2024 20:22:40 GMT"},"fingerprint":{"sha1":"F2:96:F0:FC:08:90:5F:AC:1D:FE:74:A6:47:5F:DC:1E:0E:61:D7:1E","sha256":"26:39:75:3D:B2:88:48:2E:3B:1D:2C:EF:2C:26:BB:07:BF:7E:1F:FF:E1:5E:21:6B:FA:53:6D:8E:AC:F0:36:C9"}}},"request":{"raw":"GET /id?d_visid_ver=5.5.0\u0026d_fieldgroup=A\u0026mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg\u0026mid=92035885440080424214890832302387752457\u0026ts=1714768853560 HTTP/1.1\r\nHost: somniture.scotiabank.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://labornatusdobrasil.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: https://labornatusdobrasil.com.br\r\naccess-control-allow-credentials: true\r\ndate: Fri, 03 May 2024 20:40:54 GMT\r\np3p: CP=\"This is not a P3P policy\"\r\nserver: jag\r\nset-cookie: s_ecid=MCMID%7C92035885440080424214890832302387752457; Path=/; Domain=scotiabank.com; Max-Age=63072000; Expires=Sun, 03 May 2026 20:40:40 GMT; SameSite=Lax;\r\nvary: Origin\r\ncontent-type: application/x-javascript;charset=utf-8\r\ncontent-length: 48\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: no-cache, no-store, max-age=0, no-transform, private\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48,"size_decoded":48,"mime_type":"application/x-javascript; charset=utf-8","magic":"JSON text data","md5":"3d063b3fc72fd2ae07d00e518e5ac185","sha1":"46e0199a5678cd52dec608a272abeb9f247fd7d3","sha256":"ad7d6d5216a0b41bf6b438f8948f40e273f2a87b28e90f772677aa6502d2db8c","sha512":"2b6c94e84f12da1a2e54f1f2ffe63c4f82aa9f243c8f9f328590469ac60b70e68053fffb4368be6b93a2aee1582babb5468c5ff31e4cf6558027bfcf8c947331","ssdeep":"","tlshash":"dc9002d67c6d005581500782d844121445190ca0e006160d0398d2e6225014c4a15130","first_seen":"2024-08-20T00:52:42.802993Z","last_seen":"2024-08-20T00:52:42.802993Z","times_seen":1,"resource_available":false,"data":null}},"time_used":884,"timings":{"blocked":423,"dns":111,"connect":32,"send":0,"wait":37,"receive":0,"ssl":279},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.r2m03.amazontrust.com/","fqdn":"ocsp.r2m03.amazontrust.com","domain":"amazontrust.com","tld":"com"},"ip":{"addr":"143.204.53.97","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-05-03T20:40:54.914355586Z","timestamp":1714768854914,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.r2m03.amazontrust.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nContent-Length: 471\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=7200\r\nDate: Fri, 03 May 2024 20:40:54 GMT\r\nLast-Modified: Fri, 03 May 2024 20:26:29 GMT\r\nServer: ECAcc (amb/6AFD)\r\nX-Cache: Miss from cloudfront\r\nVia: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)\r\nX-Amz-Cf-Pop: OSL50-C1\r\nX-Amz-Cf-Id: tQYZYMcIMdZ_lA9YPNv7Poscn9mnqp3MRKs_Kv4MvF5zDu8Q0SeAqQ==\r\nAge: 865\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"25413d914ef7b245e73e3c9c177a0c6f","sha1":"3de956b3153adb7de9d83a7e931ce61e18731134","sha256":"7de64516f556a60fccf3603005757e1fb943fc939cb0452a3c7231331a883e00","sha512":"a6f7c55fa5afb37435ae624e6abc96f67d62f0637d3a05f2ef08585ec5fff2561c8238de1e207fed4ce549365d144fd775499a4f39ccd395ee15eeebba3ef05c","ssdeep":"","tlshash":"c7f0dc516cd21cdaa7398a798fb9ebb071c1829f40c90262393804eadc129b0dd03548","first_seen":"2024-05-03T12:19:41Z","last_seen":"2024-08-20T00:59:25.733552Z","times_seen":53,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dlslhpkfqfglo.cloudfront.net/cdn/cd/gwf","fqdn":"dlslhpkfqfglo.cloudfront.net","domain":"dlslhpkfqfglo.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.72","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:55.146Z","timestamp":1714768855146,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 10 Oct 2023 00:00:00 GMT","end":"Thu, 19 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52","sha256":"E9:59:5B:FB:7B:3B:3F:96:AE:46:70:B0:A0:33:9A:0E:15:23:16:45:47:E4:D7:05:52:4B:6B:08:84:7B:BA:1D"}}},"request":{"raw":"POST /cdn/cd/gwf HTTP/1.1\r\nHost: dlslhpkfqfglo.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nContent-Length: 959\r\nOrigin: https://labornatusdobrasil.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Fri, 03 May 2024 20:40:55 GMT\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-origin: https://labornatusdobrasil.com.br\r\naccess-control-allow-credentials: true\r\ncontent-security-policy: frame-ancestors https://*\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin\r\nx-permitted-cross-domain-policies: master-only\r\nx-frame-options: DENY\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: yzFs13eY57Woq9S7p5eXzQAJ3cegKPGP_52BgIxUICgP00wOEUl-BA==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6114,"size_decoded":6114,"mime_type":"text/plain; charset=UTF-8","magic":"gzip compressed data, max speed, from Unix","md5":"7038ade6aeb09442657d7e220f3b53a4","sha1":"58c05c918fa5c94a41a06614f634725ee6c9279f","sha256":"b44273aa0789998c457625ad23105978f95f16be7dc2e966b8f69bc846cf2dbd","sha512":"f6f0089be34c0245dbccad5d3e123c2d5210962c442207b1cdd79f57c31692b06eb0bdb8a70d5aa057ee7c309f424d1c600c4b7787c3153f4c20ab34e007e6b5","ssdeep":"96:tFwuIWlpgM8guWg1hvqs57Kq0uPCXe4h2CRC0tPaHEYCcya9/6p/1xcv7Ec2:T3lp5SrqM7Kq9Pz4iQ9YUx4EV","tlshash":"35c18e5c3b67f3a1494387d8e16a703c7810f0aa2794c7dd4a6be0213e95f97c9b6b06","first_seen":"2024-08-20T00:52:42.804254Z","last_seen":"2024-08-20T00:52:42.804254Z","times_seen":1,"resource_available":false,"data":null}},"time_used":469,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":469,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets/images/%20.jpg","fqdn":"assets","domain":"assets","tld":"assets"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:55.631Z","timestamp":1714768855631,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/%20.jpg HTTP/1.1\r\nHost: assets\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-03","alert":"Sinkholed","trigger":"assets","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dlslhpkfqfglo.cloudfront.net/cdn/cd/l","fqdn":"dlslhpkfqfglo.cloudfront.net","domain":"dlslhpkfqfglo.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.72","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:55.661Z","timestamp":1714768855661,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 10 Oct 2023 00:00:00 GMT","end":"Thu, 19 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52","sha256":"E9:59:5B:FB:7B:3B:3F:96:AE:46:70:B0:A0:33:9A:0E:15:23:16:45:47:E4:D7:05:52:4B:6B:08:84:7B:BA:1D"}}},"request":{"raw":"POST /cdn/cd/l HTTP/1.1\r\nHost: dlslhpkfqfglo.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nContent-Length: 977\r\nOrigin: https://labornatusdobrasil.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-length: 88\r\ndate: Fri, 03 May 2024 20:40:56 GMT\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-origin: https://labornatusdobrasil.com.br\r\naccess-control-allow-credentials: true\r\ncontent-security-policy: frame-ancestors https://*\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin\r\nx-permitted-cross-domain-policies: master-only\r\nx-frame-options: DENY\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: euovlls234cl0GOx7cUpJJMzDkWkvcBSyxLUalWAQzU7bUZMcGw4DQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":88,"size_decoded":88,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"8965cbbf05883db73f7454d1a7eb651e","sha1":"66e66229dba3caa25128c380bafc42c166c88d7d","sha256":"553177a0c6034d61df61c21bcb1ea81193c05639d71e389830f3f4bf5402d429","sha512":"42d0d74d82551f72ef9c2d329019c85f83148d4f897fd0519132a72dad25053f56bd3a068479ee761ee7a2a1105b78f7e4f7b7a955f58cacc7c56084fa176cb8","ssdeep":"","tlshash":"2ab012e0d452279008aa4428fa2422585054b4a25ac8450652483162daa01506d54008","first_seen":"2024-08-20T00:52:42.805669Z","last_seen":"2024-08-20T00:52:42.805669Z","times_seen":1,"resource_available":false,"data":null}},"time_used":575,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":574,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dlslhpkfqfglo.cloudfront.net/cdn/ca/jquery-3.6.1.min.js","fqdn":"dlslhpkfqfglo.cloudfront.net","domain":"dlslhpkfqfglo.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.72","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.470Z","timestamp":1714768853470,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 10 Oct 2023 00:00:00 GMT","end":"Thu, 19 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52","sha256":"E9:59:5B:FB:7B:3B:3F:96:AE:46:70:B0:A0:33:9A:0E:15:23:16:45:47:E4:D7:05:52:4B:6B:08:84:7B:BA:1D"}}},"request":{"raw":"GET /cdn/ca/jquery-3.6.1.min.js HTTP/1.1\r\nHost: dlslhpkfqfglo.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://labornatusdobrasil.com.br/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Fri, 03 May 2024 20:40:53 GMT\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-credentials: true\r\ncontent-security-policy: frame-ancestors https://*\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin\r\nx-permitted-cross-domain-policies: master-only\r\nx-frame-options: DENY\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: UHh5kXUYfQnaPIkok8DWiFY9unSwugEIMWRbrmWEt4Pqs8WdN-QUZw==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2448888,"size_decoded":2448888,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":539,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":539,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com/cdn/cd/csframe.html","fqdn":"csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com","domain":"memcyco.com","tld":"com"},"ip":{"addr":"18.202.90.231","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:54.759Z","timestamp":1714768854759,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.memcyco.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Sun, 25 Feb 2024 00:00:00 GMT","end":"Tue, 25 Mar 2025 23:59:59 GMT"},"fingerprint":{"sha1":"DC:2A:FA:45:92:DC:C8:0C:1D:66:96:34:6A:FC:E1:4F:09:ED:40:3E","sha256":"18:C1:68:52:F5:35:8A:77:1F:CC:FD:1C:75:E2:45:0D:A2:DD:2A:31:56:A8:87:3A:9B:99:51:E8:63:FD:71:F5"}}},"request":{"raw":"GET /cdn/cd/csframe.html HTTP/1.1\r\nHost: csf-e58f0d0de3ce9fa5ebc118ad6482af34.memcyco.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://labornatusdobrasil.com.br/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 03 May 2024 20:40:54 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: AWSALB=W7SLmsWRzIJtbySsJDkI+aNNm4mQR2sYNI7TpgwLuiL34TSijPp9wSwmzrDP1Eq802ICPSPvtds0sRWpMt4LkY0xcpN8GzezYIMWQuf0iuxEDf4KeH9/6jfDYy7L; Expires=Fri, 10 May 2024 20:40:54 GMT; Path=/\nAWSALBCORS=W7SLmsWRzIJtbySsJDkI+aNNm4mQR2sYNI7TpgwLuiL34TSijPp9wSwmzrDP1Eq802ICPSPvtds0sRWpMt4LkY0xcpN8GzezYIMWQuf0iuxEDf4KeH9/6jfDYy7L; Expires=Fri, 10 May 2024 20:40:54 GMT; Path=/; SameSite=None; Secure\r\nserver: nginx/1.23.3\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin\r\nx-permitted-cross-domain-policies: master-only\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2579,"size_decoded":2579,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (2876), with no line terminators","md5":"0d5c8d9c1cf625be880f87d6f071d845","sha1":"4890153d870cd9694b8068932509376013fff605","sha256":"46f092fc499a2cb8358e39972167fa44134a99a9d38ea1fe9fabc10711216c9c","sha512":"913ac6acc4829a262e707e237cc6cef7ff4aaf2d1677292be0acfbba078148d3d339ce678dd8e6af18edd8db2a9026cd08f05b422174cb5eed81d6f7ab6d7788","ssdeep":"","tlshash":"c95128ea5ec4b011b7ace9a36f74adfc4036d46336007243f894f88c7d94b6a8c65e46","first_seen":"2024-04-30T06:53:49Z","last_seen":"2024-10-20T17:26:56.217291Z","times_seen":154,"resource_available":false,"data":null}},"time_used":359,"timings":{"blocked":156,"dns":29,"connect":31,"send":0,"wait":47,"receive":0,"ssl":92},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dlslhpkfqfglo.cloudfront.net/cdn/ca/mutha-scotia-wrapper.min.js","fqdn":"dlslhpkfqfglo.cloudfront.net","domain":"dlslhpkfqfglo.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.72","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.138Z","timestamp":1714768853138,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 10 Oct 2023 00:00:00 GMT","end":"Thu, 19 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52","sha256":"E9:59:5B:FB:7B:3B:3F:96:AE:46:70:B0:A0:33:9A:0E:15:23:16:45:47:E4:D7:05:52:4B:6B:08:84:7B:BA:1D"}}},"request":{"raw":"GET /cdn/ca/mutha-scotia-wrapper.min.js HTTP/1.1\r\nHost: dlslhpkfqfglo.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://labornatusdobrasil.com.br/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Fri, 03 May 2024 00:53:57 GMT\r\nserver: nginx/1.18.0 (Ubuntu)\r\nset-cookie: aphishCookie-1714697637119-SCOTIA=0; Max-Age=60; Expires=Fri, 03 May 2024 00:54:57 GMT; SameSite=None; Path=/; Secure\r\naccess-control-allow-credentials: true\r\ncontent-security-policy: frame-ancestors https://*\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin\r\nx-permitted-cross-domain-policies: master-only\r\nx-frame-options: DENY\r\ncontent-encoding: gzip\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: CX78GE8e-FVbTRVkHNJdRQwF2P0S4-60iJCtSi7BZq-B2yGueT9Kjw==\r\nage: 71216\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5145,"size_decoded":5145,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5813), with no line terminators","md5":"def0fdfb38fb2897aca04aff080f055a","sha1":"0eb9d645aa872829da00a9941f279289e34ec39d","sha256":"2696bfd4fef5072d4dfbfa735d123e69470e1116cea8f739b155df4e7a8750d2","sha512":"ca16bbe56a2f3605ec0cc1898c6aaabb2f8ee82f0e0ed6f2021eccf012febc5def76d3d0818fbe7296c7167fa5af33c741510272b6c7e80c4aefa19aabeba315","ssdeep":"96:OCo1vDk/Wr3xwWBEi0ZeVCLYmNH1gHBEnRM13eIBD6X0zabO2RhXj5WBExVIiqs/:ark4hwWGi0ZeVCLVNHMGnRM13eIBD6Eo","tlshash":"28c1f8d51ea86016b3adda636e299eb59235c07a36807347f544f8ccbc287d74c28f87","first_seen":"2024-05-01T03:41:20Z","last_seen":"2024-08-20T01:33:36.106457Z","times_seen":126,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":102,"dns":98,"connect":1,"send":0,"wait":24,"receive":0,"ssl":9},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"labornatusdobrasil.com.br/jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB","fqdn":"labornatusdobrasil.com.br","domain":"labornatusdobrasil.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.188","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:53.146Z","timestamp":1714768853146,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"labornatusdobrasil.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Apr 2024 23:25:10 GMT","end":"Mon, 15 Jul 2024 23:25:09 GMT"},"fingerprint":{"sha1":"EB:53:77:00:FC:64:8C:E3:C7:58:E6:4B:9C:65:B4:C4:B1:A4:0E:93","sha256":"9D:70:A5:61:DE:86:92:24:3B:A0:AF:DD:7E:CF:8F:4D:13:D4:7C:4C:65:32:20:59:9B:DA:8D:DD:2F:82:1D:62"}}},"request":{"raw":"GET /jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB HTTP/1.1\r\nHost: labornatusdobrasil.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nlast-modified: Thu, 29 Sep 2022 13:31:45 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 836\r\ncontent-type: text/html\r\ndate: Fri, 03 May 2024 20:40:53 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":2361,"size_decoded":2361,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2553), with no line terminators","md5":"f6117cde11582c69d15926f6eaa2c01e","sha1":"e364986bfd9ca8d3e6636fa60eabe97ec10f2456","sha256":"e32e774da87306c618ca633fd1d1ce9c05cd85c9b33e1645255a58380d87652c","sha512":"145c32a242e51367d36a65941f0147e55373b92a5bf8f1ffb62bde669bd37263129e4bdbc38cbb87d78b3da81905a3e165abe6f30b7b08b534f3388da301d5fa","ssdeep":"","tlshash":"fb51684b58187e2b3a01924d691a3a2acd06f1099dbe8941b2dd221dc7f4ee5c967331","first_seen":"2023-04-05T04:00:29Z","last_seen":"2025-04-06T09:23:04.90467Z","times_seen":276,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Scotiabank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Scotiabank phishing","tags":["scotiabank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"dlslhpkfqfglo.cloudfront.net/cdn/cd/gpk?orgID=81f541cd2f4ea9c2908b9e39b03e0a80","fqdn":"dlslhpkfqfglo.cloudfront.net","domain":"dlslhpkfqfglo.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.72","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://labornatusdobrasil.com.br/sg/NOVASCOT/SCOTIAL/","date":"2024-05-03T20:40:54.690Z","timestamp":1714768854690,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 10 Oct 2023 00:00:00 GMT","end":"Thu, 19 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52","sha256":"E9:59:5B:FB:7B:3B:3F:96:AE:46:70:B0:A0:33:9A:0E:15:23:16:45:47:E4:D7:05:52:4B:6B:08:84:7B:BA:1D"}}},"request":{"raw":"GET /cdn/cd/gpk?orgID=81f541cd2f4ea9c2908b9e39b03e0a80 HTTP/1.1\r\nHost: dlslhpkfqfglo.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://labornatusdobrasil.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://labornatusdobrasil.com.br/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ndate: Fri, 03 May 2024 00:53:58 GMT\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-origin: https://labornatusdobrasil.com.br\r\naccess-control-allow-credentials: true\r\ncontent-security-policy: frame-ancestors https://*\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin\r\nx-permitted-cross-domain-policies: master-only\r\nx-frame-options: DENY\r\ncontent-encoding: gzip\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: c2ToO4R5LeL9XgubMA1AsQ5JjUzxjifGd17HE2uAXHZdTwYTGmV4Ow==\r\nage: 71216\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":767,"size_decoded":767,"mime_type":"application/json","magic":"troff or preprocessor input, ASCII text, with very long lines (775), with no line terminators","md5":"52300238c7aa600c8f27d6c23f8f3f6f","sha1":"ce6b1815177d77af4d326b993531e07a66de478e","sha256":"d3373a03cdc388b5c74279490bd3eb5c1020575bb7aa59bb4e310580d58d5c40","sha512":"5dca2f0ccb9ffe9dadc9dfeb4cb755fc7c2c0169e221b106eab0a34be2f4df0fe03767a98c761f14b66ede48c8185a87e6f384d0c5f938eab3659337d4756b54","ssdeep":"","tlshash":"d90170c1b919c05fa81f62f043bbba5fb0cf1fe18306214c7a08564a8d48cb0d4addac","first_seen":"2024-05-01T03:41:20Z","last_seen":"2024-08-20T01:33:36.105911Z","times_seen":139,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}