psicologaantoniabrandao.com.br
Open in
urlscan Pro
108.167.132.144
Malicious Activity!
Public Scan
Submission: On May 01 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on March 28th 2024. Valid for: 3 months.
This is the only time psicologaantoniabrandao.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Scotiabank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 108.167.132.144 108.167.132.144 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
4 | 2a02:26f0:ab0... 2a02:26f0:ab00:3b3::51e | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2600:9000:267... 2600:9000:2670:6c00:d:e6dd:f300:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 3 | 52.48.221.63 52.48.221.63 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 34.252.224.238 34.252.224.238 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 63.140.62.222 63.140.62.222 | 15224 (OMNITURE) (OMNITURE) | |
1 1 | 34.252.79.101 34.252.79.101 | 16509 (AMAZON-02) (AMAZON-02) | |
17 | 7 |
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: srv234
psicologaantoniabrandao.com.br |
ASN20940 (AKAMAI-ASN1, NL)
dmtags.scotiabank.com |
ASN16509 (AMAZON-02, US)
dlslhpkfqfglo.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-221-63.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-224-238.eu-west-1.compute.amazonaws.com
scotiabank.demdex.net |
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-222.data.adobedc.net
somniture.scotiabank.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-79-101.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
scotiabank.com
dmtags.scotiabank.com — Cisco Umbrella Rank: 127781 somniture.scotiabank.com — Cisco Umbrella Rank: 114528 |
90 KB |
4 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 233 scotiabank.demdex.net — Cisco Umbrella Rank: 108304 |
4 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1310 |
517 B |
1 |
cloudfront.net
dlslhpkfqfglo.cloudfront.net |
3 KB |
1 |
psicologaantoniabrandao.com.br
psicologaantoniabrandao.com.br |
25 KB |
17 | 5 |
Domain | Requested by | |
---|---|---|
4 | dmtags.scotiabank.com |
psicologaantoniabrandao.com.br
dmtags.scotiabank.com |
3 | dpm.demdex.net |
1 redirects
psicologaantoniabrandao.com.br
|
1 | cm.everesttech.net | 1 redirects |
1 | somniture.scotiabank.com |
dmtags.scotiabank.com
|
1 | scotiabank.demdex.net |
dmtags.scotiabank.com
|
1 | dlslhpkfqfglo.cloudfront.net |
psicologaantoniabrandao.com.br
|
1 | psicologaantoniabrandao.com.br |
psicologaantoniabrandao.com.br
|
17 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.scotiabank.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.psicologaantoniabrandao.com.br R3 |
2024-03-28 - 2024-06-26 |
3 months | crt.sh |
apps.scotiabank.com Entrust Certification Authority - L1K |
2023-11-21 - 2024-12-21 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
somniture.scotiabank.com Entrust Certification Authority - L1K |
2023-08-21 - 2024-09-21 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://psicologaantoniabrandao.com.br/sg/NOVASCOT/50b97/
Frame ID: D8BADF9C4013B42FD90D49276A0F14D4
Requests: 16 HTTP requests in this frame
Frame:
https://scotiabank.demdex.net/dest5.html?d_nsid=0
Frame ID: CA0000063276E5D6AAB6B3B4F2655ECA
Requests: 1 HTTP requests in this frame
6 Outgoing links
These are links going to different origins than the main page.
Title: Scotiabank
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Legal
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1714576332847 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1714576332847
- https://cm.everesttech.net/cm/dd?d_uuid=59824330263247763271687032067143423151 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZjJbzQAAAMjPaAN6
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
psicologaantoniabrandao.com.br/sg/NOVASCOT/50b97/ |
99 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
launch-edbf66c903b6.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/ |
253 KB 67 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mutha-scotia-wrapper.min.js
dlslhpkfqfglo.cloudfront.net/cdn/ca/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
styles.ef875488df3637535e09.css
psicologaantoniabrandao.com.br/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
resource-loader.js
psicologaantoniabrandao.com.br/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
runtime.28b2f6d6a26212c51af2.js
psicologaantoniabrandao.com.br/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
main.cafb241d85447b367d0c.chunk.js
psicologaantoniabrandao.com.br/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
aJwh5KWcB
psicologaantoniabrandao.com.br/jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
8fd30bd010d9e2c7677ec339685f958b.woff
psicologaantoniabrandao.com.br/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rd
dpm.demdex.net/id/ Redirect Chain
|
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AppMeasurement.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/ |
34 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AppMeasurement_Module_ActivityMap.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/e9f01630ebd7/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
otSDKStub.js
dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/scripttemplates/ |
21 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json
dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest5.html
scotiabank.demdex.net/ Frame CA00 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
somniture.scotiabank.com/ |
48 B 470 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=411&dpuuid=ZjJbzQAAAMjPaAN6
dpm.demdex.net/ Redirect Chain
|
42 B 715 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- psicologaantoniabrandao.com.br
- URL
- https://psicologaantoniabrandao.com.br/styles.ef875488df3637535e09.css
- Domain
- psicologaantoniabrandao.com.br
- URL
- https://psicologaantoniabrandao.com.br/resource-loader.js
- Domain
- psicologaantoniabrandao.com.br
- URL
- https://psicologaantoniabrandao.com.br/runtime.28b2f6d6a26212c51af2.js
- Domain
- psicologaantoniabrandao.com.br
- URL
- https://psicologaantoniabrandao.com.br/main.cafb241d85447b367d0c.chunk.js
- Domain
- psicologaantoniabrandao.com.br
- URL
- https://psicologaantoniabrandao.com.br/jeHWnQ/AxRc8Z/Z7Oz/mjbZgY/uk/N15VDLbauruEN7/BS8eYThxBg/Tkk/aJwh5KWcB
- Domain
- psicologaantoniabrandao.com.br
- URL
- https://psicologaantoniabrandao.com.br/assets/8fd30bd010d9e2c7677ec339685f958b.woff
- Domain
- dmtags.scotiabank.com
- URL
- https://dmtags.scotiabank.com/aempublic/Onetrust/scotiabank/oneTrust_production/consent/4fbad486-5e37-45d2-bcbc-b89a6d33ea60/4fbad486-5e37-45d2-bcbc-b89a6d33ea60.json
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Scotiabank (Banking)25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| stylesLink object| process object| LD_CONFIG object| savedUsers object| REDUX_STATE object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| OptanonWrapper object| appEventData number| _dataLayerOverwriteMonitor function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s function| inList number| a object| OneTrustStub23 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dlslhpkfqfglo.cloudfront.net/ | Name: aphishCookie-1714523468532-SCOTIA Value: 5YiOuYIYiJ4uJLZimyMj9oyAm7y8whfFbg3THthvWVjV96mTVL |
|
.demdex.net/ | Name: demdex Value: 59824330263247763271687032067143423151 |
|
.psicologaantoniabrandao.com.br/ | Name: AMCVS_0AAF22CE52827A080A490D4D%40AdobeOrg Value: 1 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~ZjJbzQAAAMjPaAN6 |
|
.dpm.demdex.net/ | Name: dpm Value: 59824330263247763271687032067143423151 |
|
.psicologaantoniabrandao.com.br/ | Name: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C19845%7CMCMID%7C67799031966601319891908219571691059645%7CMCAAMLH-1715181133%7C6%7CMCAAMB-1715181133%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1714583533s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19852%7CvVersion%7C5.5.0 |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.mathtag.com/ | Name: uuid Value: 80b36632-5bcd-4500-aebd-09cf8282c926 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUm64LZNi2FENhL8yo6SpPYCRxnQtnS33ytXssPzXJt10yEIMtogj7njhT7c6Mc |
|
.twitter.com/ | Name: personalization_id Value: "v1_EImWYivGFHpIKkQBvZpPVA==" |
|
.rfihub.com/ | Name: eud Value: H4sIAAAAAAAA_1vFxGtobmhiam5mbGxiYGgCACB6rYYQAAAA |
|
.rfihub.com/ | Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMrE0NbYwMzQ2NRbiM9Qt9wk3SSwtM4hMykkCAHcIw68lAAAA |
|
.rfihub.com/ | Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMrE0NbYwMzQ2NRbiM9Qt9wk3SSwtM4hMykkCAHcIw68lAAAA |
|
.quantserve.com/ | Name: d Value: EJ4BDAHfK7mvYA |
|
.quantserve.com/ | Name: mc Value: 66325bce-23552-4f948-c124a |
|
.eyeota.net/ | Name: SERVERID Value: 20583~DM |
|
.casalemedia.com/ | Name: CMID Value: ZjJbzrmqPTgAAFBKBD6SdwAA |
|
.casalemedia.com/ | Name: CMPS Value: 2235 |
|
.casalemedia.com/ | Name: CMPRO Value: 2235 |
|
.demdex.net/ | Name: dextp Value: 269-1-1714576333271|358-1-1714576333372|601-1-1714576333472|771-1-1714576333573|822-1-1714576333673|1123-1-1714576333774|1121-1-1714576333874|903-1-1714576333975|1175-1-1714576334075|22052-1-1714576334176|30064-1-1714576334277|30646-1-1714576334377|73426-1-1714576334477|121998-1-1714576334578|144230-1-1714576334678|144231-1-1714576334779|144232-1-1714576334879|144233-1-1714576334979|144234-1-1714576335080|144235-1-1714576335181|144236-1-1714576335281|144237-1-1714576335382|161033-1-1714576335482|139200-1-1714576335583 |
|
.onaudience.com/ | Name: cookie Value: 91db313d2920d1f4 |
|
.amazon-adsystem.com/ | Name: ad-id Value: A5fTtPlb8kFhgBDlhcg3zts |
|
.amazon-adsystem.com/ | Name: ad-privacy Value: 0 |
216 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cm.everesttech.net
dlslhpkfqfglo.cloudfront.net
dmtags.scotiabank.com
dpm.demdex.net
psicologaantoniabrandao.com.br
scotiabank.demdex.net
somniture.scotiabank.com
dmtags.scotiabank.com
psicologaantoniabrandao.com.br
108.167.132.144
2600:9000:2670:6c00:d:e6dd:f300:21
2a02:26f0:ab00:3b3::51e
34.252.224.238
34.252.79.101
52.48.221.63
63.140.62.222
416d9db2d794e184d13131d8fb84940dc4727c158281734eae4120a8637e96d0
41adb7e388c793be46316e8b06f37b11e5ce7be443aa693efbde069ad1ba3228
432bdcaeac556841bbcae2c2573562ecdd13161fe8fc121fa4e5dc18ec37e707
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
bafdfc3ff688f329d8c4e648c375e929c4a54c1245d563a6841cecc65addd6b1
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
d330e45640bbf41f09b5b531f6a4d8a59e4666e5923ff2d3b528de6369e6620a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629