urlscan.io logo urlscan.io
SecurityTrails logo

api.scotiacolpseguro.win Open in urlscan Pro
2606:4700:3035::6815:5f9b  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf...
Effective URL: https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf...
Submission: On June 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3035::6815:5f9b, located in United States and belongs to CLOUDFLARENET, US. The main domain is api.scotiacolpseguro.win.
TLS certificate: Issued by WE1 on June 18th 2024. Valid for: 3 months.
This is the only time api.scotiacolpseguro.win was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Scotiabank (Banking)

Domain & IP information

IP Address AS Autonomous System
7 2606:4700:303... 13335 (CLOUDFLAR...)
7 1
Apex Domain
Subdomains		 Transfer
7 scotiacolpseguro.win
api.scotiacolpseguro.win
110 KB
7 1
Domain Requested by
7 api.scotiacolpseguro.win api.scotiacolpseguro.win
7 1

This site contains no links.

Subject Issuer Validity Valid
scotiacolpseguro.win
WE1		 2024-06-18 -
2024-09-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a
Frame ID: 54676332EDA5E8D39F171E26D385DCF7
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Virtual

Page URL History Show full URLs

  1. http://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e... HTTP 307
    https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e... Page URL

Page Statistics

7
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

110 kB
Transfer

181 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a HTTP 307
    https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
api.scotiacolpseguro.win/virtual/login/
Redirect Chain
  • http://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546...
  • https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf54...
59 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5f9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
1d7a6cb684ffc4acfcbf4060bdc868bd21453124fa667c757e5839057288790a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8973ed341e702bf3-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 21 Jun 2024 12:15:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=41S%2Fr1mvliMZB57sd5V5elwVroZAUQOxAovGK0l4k3ytIVc28ZAigZbt8f%2BSkSvsQwxYAfWYOehmFjwm2zUvkdgguM1i1Iv3W%2Fw%2F3CwWjFKcbrnVU%2BwDB5MxwjylBMB%2BpUE2R4I3oT7Vy3cDvuu6zJ1mCO1D82c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33

Redirect headers

Location
https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a
Non-Authoritative-Reason
HttpsUpgrades
logo-red.svg
api.scotiacolpseguro.win/canvas/svgs/logos/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.scotiacolpseguro.win/canvas/svgs/logos/logo-red.svg
Requested by
Host: api.scotiacolpseguro.win
URL: https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5f9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2933c5c27784b1869ba9534af1f8ebd72d151dd5a7e581b588d5a36406c8956e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:15:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Oct 2023 19:43:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3949
etag
W/"2e95-606d51ab2f380"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0sqTo67R%2Fj%2FG%2BjoygimQlihQ5S9UnBi%2F%2FEE%2FR99g6kAZhZeAe0jBwMspylkB12cuPr5xlS%2BmlGCn%2BzHM9qj6%2FFvVjx8PC0lt2cufMy8AgjSoIJiS4%2BvwU9bQHE3VIrPxAtXoGYx5HcrPUV1L3VjpnyyQg1Rk8s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8973ed393e332bf3-FRA
alt-svc
h3=":443"; ma=86400
logo-symbol-red.svg
api.scotiacolpseguro.win/canvas/svgs/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.scotiacolpseguro.win/canvas/svgs/logos/logo-symbol-red.svg
Requested by
Host: api.scotiacolpseguro.win
URL: https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5f9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
192acd11e276a8a6131abbf54aa56e6563eaf3203ea4b7394ad2c88227e358b8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:15:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Oct 2023 19:46:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3949
etag
W/"9fc-606d5276512c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dImAVmXJgP%2BA66xRr4d7A7oKvUA93KYQY8kIPQo2xKZaz3GrpGZB%2BZdi29UgL7uGpCHFk9yIKxjJuC58o%2FCKHaoI5uQgtZw6tsvvv1dW0f7DfkvZuupXkewdw0G%2BEbL2rk5wfT9K%2BCQxgH5LgOBhcMK2kg8HnjM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8973ed393e342bf3-FRA
alt-svc
h3=":443"; ma=86400
Scotia_W_Headline.5a532caa3319ee5c.woff
api.scotiacolpseguro.win/virtual/login/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api.scotiacolpseguro.win/virtual/login/Scotia_W_Headline.5a532caa3319ee5c.woff
Requested by
Host: api.scotiacolpseguro.win
URL: https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5f9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
259699b7407833766a8f4e931644d014f145653439a62fc1a7167f1d3a940e25

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a
Origin
https://api.scotiacolpseguro.win
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:15:53 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Oct 2023 19:41:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3949
etag
"7e08-606d5124b7640"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gVfwbe0G9fPOiaLbIWL1FrWZN4LWb4vENwgBpafuskLimJnOHVVJXUinsBvKXVmHGD9TEkKZzLhdOvo5jKOzqUeKYfYKrs1UcNPPlzBKMu0JKULO5YTKQBQ575cscDRhtDbOqKLBbVdmgEcCiiAPVCmSl0L90P8%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8973ed393e472bf3-FRA
alt-svc
h3=":443"; ma=86400
content-length
32264
Scotia_W_Rg.a53c6af4aaff8c13.woff
api.scotiacolpseguro.win/virtual/login/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api.scotiacolpseguro.win/virtual/login/Scotia_W_Rg.a53c6af4aaff8c13.woff
Requested by
Host: api.scotiacolpseguro.win
URL: https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5f9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f45b253b0621b40b352b1ec52c4b2066bca8e71c5ac54d922459fc8109d9366

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a
Origin
https://api.scotiacolpseguro.win
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:15:53 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Oct 2023 19:41:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3949
etag
"77c0-606d51269fac0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2FgBDCIjZ7O6acgK5NxWAQQHoCdJHVWpPmqK%2BrH6MHR3eGJdaM8WLKp3i9u%2FqlENFFKHFId3BvYNLGJ6Lo6QWCsOX7ECjPZKPSEvkmanqDsUL1%2F22ldLhK0hZcOmtqW3N5AhWVt0I0ZlmJYaTVbD%2Fz7froR2NDs%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8973ed393e4a2bf3-FRA
alt-svc
h3=":443"; ma=86400
content-length
30656
Scotia_W_Bd.627aff1c32d06c15.woff
api.scotiacolpseguro.win/virtual/login/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api.scotiacolpseguro.win/virtual/login/Scotia_W_Bd.627aff1c32d06c15.woff
Requested by
Host: api.scotiacolpseguro.win
URL: https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5f9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5037b298c4193baf7e920bee2999d2ab852db7a3b6b09a38c25a78db92baf69b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a
Origin
https://api.scotiacolpseguro.win
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:15:53 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Oct 2023 19:41:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3949
etag
"7c34-606d5121daf80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gEgdLPga5EMUeyBkuhs3wrGZxUCbzTDrjRxsGzco%2F%2BMWzqtYHQiwvG8tF22NRZJpPx32Yj21nA84t%2Br9Ey0KnbeB25r3ix2GkMMLrpFko14qJN5C356I39bYkx3hkE%2F40TxNfjk4U9t0bLbrf5smtqGSKYO6P%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8973ed393e4e2bf3-FRA
alt-svc
h3=":443"; ma=86400
content-length
31796
favicon.ico
api.scotiacolpseguro.win/ 		16 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://api.scotiacolpseguro.win/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5f9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe40e89bbfd0f07f717648028b9683f75944795160154613862773353316b2aa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.scotiacolpseguro.win/virtual/login/?key=01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.01fbbe4e6cf546dda468407e8ced9b8a.1&__hssc=01fbbe4e6cf546dda468407e8ced9b8a.1.01fbbe4e6cf546dda468407e8ced9b8a&__hsfp=01fbbe4e6cf546dda468407e8ced9b8a
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:15:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Oct 2023 19:41:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3954
etag
W/"403e-606d511ff2b00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kwNW5hj%2F5vhIdL71EZVIoo%2FS%2Bm9oP4tdwb45GEvEjuKDHG4v5oL52%2B8ee87gA8v7H6%2BgZLjs%2FWvX2TI%2F8pAUPR1j%2FsGb256GcWsgyHtq%2BMGxNQrKWtq1tnT8pU0U%2BfACL4noVY2AVsiH7Q%2FRXj0KFKChg2pHTPc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8973ed39df302bf3-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Scotiabank (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| validateForm function| validatePassword

0 Cookies