psicologaantoniabrandao.com.br
Open in
urlscan Pro
108.167.132.144
Malicious Activity!
Public Scan
Submission: On May 01 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by R3 on March 28th 2024. Valid for: 3 months.
This is the only time psicologaantoniabrandao.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Scotiabank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 108.167.132.144 108.167.132.144 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
4 | 2a02:26f0:170... 2a02:26f0:1700:19b::51e | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2600:9000:267... 2600:9000:2670:1400:d:e6dd:f300:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 3 | 52.214.77.117 52.214.77.117 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.212.88.72 52.212.88.72 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 63.140.62.17 63.140.62.17 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 34.252.79.101 34.252.79.101 | 16509 (AMAZON-02) (AMAZON-02) | |
17 | 7 |
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: srv234
psicologaantoniabrandao.com.br |
ASN20940 (AKAMAI-ASN1, NL)
dmtags.scotiabank.com |
ASN16509 (AMAZON-02, US)
dlslhpkfqfglo.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-77-117.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-88-72.eu-west-1.compute.amazonaws.com
scotiabank.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net
somniture.scotiabank.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-79-101.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
scotiabank.com
dmtags.scotiabank.com — Cisco Umbrella Rank: 127781 somniture.scotiabank.com — Cisco Umbrella Rank: 114528 |
90 KB |
4 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 233 scotiabank.demdex.net — Cisco Umbrella Rank: 108304 |
4 KB |
3 |
psicologaantoniabrandao.com.br
psicologaantoniabrandao.com.br |
25 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1310 |
517 B |
1 |
cloudfront.net
dlslhpkfqfglo.cloudfront.net |
3 KB |
17 | 5 |
Domain | Requested by | |
---|---|---|
4 | dmtags.scotiabank.com |
psicologaantoniabrandao.com.br
dmtags.scotiabank.com |
3 | dpm.demdex.net |
1 redirects
psicologaantoniabrandao.com.br
|
3 | psicologaantoniabrandao.com.br |
psicologaantoniabrandao.com.br
|
1 | cm.everesttech.net | 1 redirects |
1 | somniture.scotiabank.com |
dmtags.scotiabank.com
|
1 | scotiabank.demdex.net |
dmtags.scotiabank.com
|
1 | dlslhpkfqfglo.cloudfront.net |
psicologaantoniabrandao.com.br
|
17 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.scotiabank.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.psicologaantoniabrandao.com.br R3 |
2024-03-28 - 2024-06-26 |
3 months | crt.sh |
apps.scotiabank.com Entrust Certification Authority - L1K |
2023-11-21 - 2024-12-21 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
somniture.scotiabank.com Entrust Certification Authority - L1K |
2023-08-21 - 2024-09-21 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://psicologaantoniabrandao.com.br/sg/NOVASCOT/646fb/
Frame ID: 5E7E40739E5A2E7CC7702DC60AA49938
Requests: 16 HTTP requests in this frame
Frame:
https://scotiabank.demdex.net/dest5.html?d_nsid=0
Frame ID: 324C3BD075A507C17D71BD772D483084
Requests: 1 HTTP requests in this frame
6 Outgoing links
These are links going to different origins than the main page.
Title: Scotiabank
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Legal
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1714605816588 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1714605816588
- https://cm.everesttech.net/cm/dd?d_uuid=50218590128704257182630054492229736303 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZjLO_AAAAN3spgN-
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
psicologaantoniabrandao.com.br/sg/NOVASCOT/646fb/ |
99 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
launch-edbf66c903b6.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/ |
253 KB 67 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mutha-scotia-wrapper.min.js
dlslhpkfqfglo.cloudfront.net/cdn/ca/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
8fd30bd010d9e2c7677ec339685f958b.woff
psicologaantoniabrandao.com.br/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
styles.ef875488df3637535e09.css
psicologaantoniabrandao.com.br/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
resource-loader.js
psicologaantoniabrandao.com.br/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
runtime.28b2f6d6a26212c51af2.js
psicologaantoniabrandao.com.br/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.cafb241d85447b367d0c.chunk.js
psicologaantoniabrandao.com.br/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aJwh5KWcB
psicologaantoniabrandao.com.br/jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rd
dpm.demdex.net/id/ Redirect Chain
|
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AppMeasurement.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/ |
34 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AppMeasurement_Module_ActivityMap.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
otSDKStub.js
dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/ |
21 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json
dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest5.html
scotiabank.demdex.net/ Frame 324C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
somniture.scotiabank.com/ |
48 B 470 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=411&dpuuid=ZjLO_AAAAN3spgN-
dpm.demdex.net/ Redirect Chain
|
42 B 715 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- psicologaantoniabrandao.com.br
- URL
- https://psicologaantoniabrandao.com.br/assets/8fd30bd010d9e2c7677ec339685f958b.woff
- Domain
- psicologaantoniabrandao.com.br
- URL
- https://psicologaantoniabrandao.com.br/styles.ef875488df3637535e09.css
- Domain
- psicologaantoniabrandao.com.br
- URL
- https://psicologaantoniabrandao.com.br/resource-loader.js
- Domain
- psicologaantoniabrandao.com.br
- URL
- https://psicologaantoniabrandao.com.br/runtime.28b2f6d6a26212c51af2.js
- Domain
- dmtags.scotiabank.com
- URL
- https://dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Scotiabank (Banking)25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| stylesLink object| process object| LD_CONFIG object| savedUsers object| REDUX_STATE object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| OptanonWrapper object| appEventData number| _dataLayerOverwriteMonitor function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s function| inList number| a object| OneTrustStub23 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dlslhpkfqfglo.cloudfront.net/ | Name: aphishCookie-1714523468532-SCOTIA Value: 5YiOuYIYiJ4uJLZimyMj9oyAm7y8whfFbg3THthvWVjV96mTVL |
|
.demdex.net/ | Name: demdex Value: 50218590128704257182630054492229736303 |
|
.psicologaantoniabrandao.com.br/ | Name: AMCVS_0AAF22CE52827A080A490D4D%40AdobeOrg Value: 1 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~ZjLO_AAAAN3spgN- |
|
.dpm.demdex.net/ | Name: dpm Value: 50218590128704257182630054492229736303 |
|
.psicologaantoniabrandao.com.br/ | Name: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C19845%7CMCMID%7C52342856087910075882985048232634563197%7CMCAAMLH-1715210616%7C6%7CMCAAMB-1715210616%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1714613016s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19852%7CvVersion%7C5.5.0 |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.mathtag.com/ | Name: uuid Value: 545c6632-cef9-4f00-aae0-765a8c9d419c |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUlhxlo8lNEaOGbercmKSDkJ_hs3t7oo1mO0fP4eVsIMJRHMx4DKZGjJ-HyuUxA |
|
.rfihub.com/ | Name: rud Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2NjI2tASRpgZCfIa6BVm5Zjk54W4m4T7ZADs79fUlAAAA |
|
.rfihub.com/ | Name: eud Value: H4sIAAAAAAAA_1vFxGtobmhiZmBqYWhuamIAAJurbvoQAAAA |
|
.rfihub.com/ | Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2NjI2tASRpgZCfIa6BVm5Zjk54W4m4T7ZADs79fUlAAAA |
|
.twitter.com/ | Name: personalization_id Value: "v1_1eylUtOm9gJ41TIYwMe3DQ==" |
|
.quantserve.com/ | Name: d Value: EJ4BDAHfK7mvYA |
|
.quantserve.com/ | Name: mc Value: 6632cef9-a4f97-bc89c-b8d38 |
|
.eyeota.net/ | Name: SERVERID Value: 23028~DM |
|
.casalemedia.com/ | Name: CMID Value: ZjLO.lVbLUcAACVwBEnb-gAA |
|
.casalemedia.com/ | Name: CMPS Value: 5157 |
|
.casalemedia.com/ | Name: CMPRO Value: 5157 |
|
.onaudience.com/ | Name: cookie Value: 0dbefe8cf397892f |
|
.demdex.net/ | Name: dextp Value: 269-1-1714605816838|358-1-1714605816938|601-1-1714605817039|771-1-1714605817139|822-1-1714605817241|1123-1-1714605817343|1121-1-1714605817443|903-1-1714605817544|1175-1-1714605817644|22052-1-1714605817745|30064-1-1714605817847|30646-1-1714605817949|73426-1-1714605818049|121998-1-1714605818150|144230-1-1714605818250|144231-1-1714605818351|144232-1-1714605818451|144233-1-1714605818552|144234-1-1714605818652|144235-1-1714605818753|144236-1-1714605818853|144237-1-1714605818954|161033-1-1714605819054|139200-1-1714605819155 |
|
.amazon-adsystem.com/ | Name: ad-id Value: A4q3t7z0c0IdhEHCGlM0xG0 |
|
.amazon-adsystem.com/ | Name: ad-privacy Value: 0 |
218 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cm.everesttech.net
dlslhpkfqfglo.cloudfront.net
dmtags.scotiabank.com
dpm.demdex.net
psicologaantoniabrandao.com.br
scotiabank.demdex.net
somniture.scotiabank.com
dmtags.scotiabank.com
psicologaantoniabrandao.com.br
108.167.132.144
2600:9000:2670:1400:d:e6dd:f300:21
2a02:26f0:1700:19b::51e
34.252.79.101
52.212.88.72
52.214.77.117
63.140.62.17
416d9db2d794e184d13131d8fb84940dc4727c158281734eae4120a8637e96d0
432bdcaeac556841bbcae2c2573562ecdd13161fe8fc121fa4e5dc18ec37e707
68521e125630721f395df335388366c2801135e025a48e613a9f3d690caf6da2
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
bafdfc3ff688f329d8c4e648c375e929c4a54c1245d563a6841cecc65addd6b1
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
e50265c4afdba93db03a1d6882733cec0f37f90c38e4cf9d7a854b4f68c51fe4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629