www.canada-scotiabank.com
Open in
urlscan Pro
199.247.22.139
Malicious Activity!
Public Scan
Submission: On April 08 via automatic, source openphish
Summary
This is the only time www.canada-scotiabank.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Scotiabank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 199.247.22.139 199.247.22.139 | 20473 (AS-CHOOPA) (AS-CHOOPA - Choopa) | |
2 | 172.227.130.7 172.227.130.7 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
22 | 2 |
ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 199.247.22.139.vultr.com
www.canada-scotiabank.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-130-7.deploy.static.akamaitechnologies.com
www.scotiaonline.scotiabank.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
canada-scotiabank.com
www.canada-scotiabank.com |
506 KB |
2 |
scotiabank.com
www.scotiaonline.scotiabank.com |
16 KB |
22 | 2 |
Domain | Requested by | |
---|---|---|
20 | www.canada-scotiabank.com |
www.canada-scotiabank.com
www.scotiaonline.scotiabank.com |
2 | www.scotiaonline.scotiabank.com |
www.canada-scotiabank.com
|
22 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
maps.scotiabank.com |
www.scotiabank.com |
www.youtube.com |
www.snnow.ca |
mobilebanking.scotiabank.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://www.canada-scotiabank.com/online/authentication/index.php
Frame ID: 409CF35D77EBCC64829CC51E1CC340F1
Requests: 22 HTTP requests in this frame
12 Outgoing links
These are links going to different origins than the main page.
Title: Branch & ABM Locator
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: 1
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: Visit our Security Centre
Search URL Search Domain Scan URL
Title: View our Security Video
Search URL Search Domain Scan URL
Title: Report Online Fraud
Search URL Search Domain Scan URL
Title: Identity Theft
Search URL Search Domain Scan URL
Title: Free Anti-Virus Protection
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Mobile Site
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
www.canada-scotiabank.com/online/authentication/ |
32 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader.css
www.canada-scotiabank.com/css/ |
379 KB 380 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.8.2.custom.css
www.canada-scotiabank.com/css/blitzer/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c2c-loader.css
www.canada-scotiabank.com/css/c2c/plugin/ |
111 B 392 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajax-loader-small.gif
www.canada-scotiabank.com/images/shell/ |
673 B 956 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_print.png
www.canada-scotiabank.com/images/icons/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scotiabank-group-bw.gif
www.canada-scotiabank.com/images/branding/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
com_sun_faces_sunjsf.js.bns
www.scotiaonline.scotiabank.com/online/ |
429 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_help.png
www.canada-scotiabank.com/images/icons/ |
643 B 926 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BrowserDetectUtils.js
www.canada-scotiabank.com/js/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_success.png
www.canada-scotiabank.com/images/icons/ |
711 B 994 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ad-mobile2-loginleft-en.png
www.canada-scotiabank.com/images/marketing/ |
31 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ad-rogers_sportsnet_april-loginleft-en.png
www.canada-scotiabank.com/contentdocs/SOL_Publishing/Marketing/2018/04-Apr/ |
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bd-1-29
www.scotiaonline.scotiabank.com/_bm/ |
54 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_Curtain_overall.png
www.canada-scotiabank.com/images/backgrounds/ |
160 B 442 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav-bg.png
www.canada-scotiabank.com/images/nav/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_vertical_dotted_line1.png
www.canada-scotiabank.com/images/backgrounds/ |
77 B 358 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scotiabank-group.gif
www.canada-scotiabank.com/images/branding/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_signon.png
www.canada-scotiabank.com/images/backgrounds/ |
121 B 403 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
_data
www.canada-scotiabank.com/_bm/ |
808 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
download-trustee.png
www.canada-scotiabank.com/images/marketing/banners/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lock.png
www.canada-scotiabank.com/images/marketing/banners/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Scotiabank (Banking)36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showContactUsCurtainByPhone function| showContactUsCurtainByMail function| showContactUsCurtainBySendEmail function| showHelpCurtainByTopQuestions function| showContactUsCurtainBySocialMedia function| clear_showContactUsByJSLink function| clearFormHiddenParams_showContactUsByJSLink function| clear_helpCentre_curtain_searchForm function| clearFormHiddenParams_helpCentre_curtain_searchForm function| moveFocus function| clear_helpCentre_curtain_contentForm function| clearFormHiddenParams_helpCentre_curtain_contentForm function| clear_helpCentre_curtainMenuControls_helpform function| clearFormHiddenParams_helpCentre_curtainMenuControls_helpform function| clear_helpCentre_curtainMenuControls_contactform function| clearFormHiddenParams_helpCentre_curtainMenuControls_contactform function| setContactTabFocus function| dpf function| apf function| jsfcljs function| browser function| browserVersion function| checkBrowser undefined| meta undefined| lng undefined| detectMsg boolean| isOld function| rememberMyCard function| rCallback function| setTrusteer function| scotiaAdvisorMailLinkEvent string| str object| _cf object| _ac object| cf string| _sd_trace0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.canada-scotiabank.com
www.scotiaonline.scotiabank.com
172.227.130.7
199.247.22.139
0e3ca5ff965bf78ca037fe0bb07e7e0e3af713b327a411068b2ca5f0abc3cdd0
1356ddec98723ecffb932300b29b0edcc57caec3c23528bee39f52dc6c5efa18
1dc148caf3ae416b653bfdcd9847da3642546e9683e164e2e0dc5c0aad6af87f
21d3b71de1890a23acabbe5171b38c959d7bbb4328dc5dced1a0166cc54667da
2290c1d1c885e7ffc5213c5f84fa864552c3640e35b5bfb45140d9f4356a6093
229def774e0909f6ae8d9938c0799f85f9f0d542f4026b68fb7d0d32a0df0ec3
2d5f2adbd94c58eac0d86fc57cd3f7413f75433144ddf4c8193a89fd8aca8149
394c0a01807cd4bc1f625c4861728ec9830801ac90e6c0082fb3e52f792965d2
408f07113d8d08430067b70f17a6b248ce774dbe7fbf5fefd9037ff517889fd5
4320b7969df049d2ac843edc9d3b5611a6fee6802bde8bcfd97d1cbbafb7b45e
541a235d37c4ecea24dbd30fb57297f1c97b7fa2a21995bc3e140d02dd58a4fb
60e5f23618c1661440f40e3fb33c0a46ed2f07072cc2d54ce8a4cdb410a2d375
744a1f4f91613c80cf192f53f37d58a97f2342551fc3688c6c1688ac3de97bad
7ca6ab8f08bd643a1eee32900e4dca2e2d8f56b716f0cf118b7a2f56ccd1f2fd
7cf659908c2288ae706bc3c755a65b5e58ec26aa368c8ebdc29f5d9af033b324
816933517550c1e9fb4ba30176e10832a897b375de17ed22a7d53c7afb5910d3
8251c1d254247b1aa8888ee57024112771625046f92034f0ce262ebdf7f23052
a95fbdabc8d66f969f2e7c05e92b757dcc436c432c69eb4b45192aa68d90c9fd
b48583bc5878d27332c6f751cfd7c9be9268330fb3f61d8af683ba0fa205f58a
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
c6cbdb8e854f700eeb987e01ff817004ed07596e74675b628f1611fe91213369
de6549039dba407b6499d25b8821d1adb20ca5e2687f74c9ef05c5fb08d2dfe8