api.pseconect.win
Open in
urlscan Pro
2606:4700:3036::ac43:855b
Malicious Activity!
Public Scan
Submission: On March 18 via api from US — Scanned from US
Summary
This is the only time api.pseconect.win was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Scotiabank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 2606:4700:303... 2606:4700:3036::ac43:855b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
pseconect.win
api.pseconect.win |
109 KB |
6 | 1 |
Domain | Requested by | |
---|---|---|
6 | api.pseconect.win |
api.pseconect.win
|
6 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://api.pseconect.win/virtual/login/?key=d5d7772cc88bf780645f51f990085390.d5d7772cc88bf780645f51f990085390.d5d7772cc88bf780645f51f990085390.d5d7772cc88bf780645f51f990085390.d5d7772cc88bf780645f51f990085390.1&__hssc=d5d7772cc88bf780645f51f990085390.1.d5d7772cc88bf780645f51f9...~311~...d7772cc88bf780645f51f990085390
Frame ID: 33651C44BF4A351A2FF9B3CBA9D33450
Requests: 6 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
api.pseconect.win/virtual/login/ |
59 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-red.svg
api.pseconect.win/canvas/svgs/logos/ |
12 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-symbol-red.svg
api.pseconect.win/canvas/svgs/logos/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Scotia_W_Headline.5a532caa3319ee5c.woff
api.pseconect.win/virtual/login/ |
32 KB 32 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Scotia_W_Rg.a53c6af4aaff8c13.woff
api.pseconect.win/virtual/login/ |
30 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Scotia_W_Bd.627aff1c32d06c15.woff
api.pseconect.win/virtual/login/ |
31 KB 32 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Scotiabank (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| validateForm function| validatePassword0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.pseconect.win
2606:4700:3036::ac43:855b
192acd11e276a8a6131abbf54aa56e6563eaf3203ea4b7394ad2c88227e358b8
1d7a6cb684ffc4acfcbf4060bdc868bd21453124fa667c757e5839057288790a
259699b7407833766a8f4e931644d014f145653439a62fc1a7167f1d3a940e25
2933c5c27784b1869ba9534af1f8ebd72d151dd5a7e581b588d5a36406c8956e
5037b298c4193baf7e920bee2999d2ab852db7a3b6b09a38c25a78db92baf69b
5f45b253b0621b40b352b1ec52c4b2066bca8e71c5ac54d922459fc8109d9366