urlscan.io logo urlscan.io
SecurityTrails logo

canada-scotiabank.com Open in urlscan Pro
199.247.22.139  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://canada-scotiabank.com/
Effective URL: https://canada-scotiabank.com/online/authentication/index.php
Submission: On April 08 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 199.247.22.139, located in Yellowknife, Canada and belongs to AS-CHOOPA - Choopa, LLC, US. The main domain is canada-scotiabank.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 8th 2018. Valid for: 3 months.
This is the only time canada-scotiabank.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Scotiabank (Banking)

Domain & IP information

IP Address AS Autonomous System
21 199.247.22.139 20473 (AS-CHOOPA)
2 172.227.130.7 20940 (AKAMAI-ASN1)
23 2
Domain Requested by
21 canada-scotiabank.com canada-scotiabank.com
www.scotiaonline.scotiabank.com
2 www.scotiaonline.scotiabank.com canada-scotiabank.com
23 2

This site contains links to these domains. Also see Links.

Domain
maps.scotiabank.com
www.scotiabank.com
www.youtube.com
www.snnow.ca
mobilebanking.scotiabank.com
Subject Issuer Validity Valid
canada-scotiabank.com
Let's Encrypt Authority X3		 2018-04-08 -
2018-07-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://canada-scotiabank.com/online/authentication/index.php
Frame ID: 4F31E9E71D37851612E72994A88BCA5F
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://canada-scotiabank.com/ Page URL
  2. https://canada-scotiabank.com/online/authentication/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

23
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

520 kB
Transfer

555 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://canada-scotiabank.com/ Page URL
  2. https://canada-scotiabank.com/online/authentication/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
canada-scotiabank.com/ 		109 B
205 B 		Document
General
Check archive.org
Download Go to
Full URL
https://canada-scotiabank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PHP/5.4.16 PleskLin
Resource Hash

Request headers

:path
/
pragma
no-cache
accept-encoding
gzip, deflate
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
:scheme
https
:method
GET
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

status
200
date
Sun, 08 Apr 2018 06:56:12 GMT
server
nginx
x-powered-by
PHP/5.4.16 PleskLin
content-type
text/html
Primary Request index.php
canada-scotiabank.com/online/authentication/ 		32 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PHP/5.4.16 PleskLin
Resource Hash
2d5f2adbd94c58eac0d86fc57cd3f7413f75433144ddf4c8193a89fd8aca8149

Request headers

:path
/online/authentication/index.php
pragma
no-cache
accept-encoding
gzip, deflate
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/
:scheme
https
:method
GET
Upgrade-Insecure-Requests
1
Referer
https://canada-scotiabank.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

status
200
date
Sun, 08 Apr 2018 06:56:12 GMT
server
nginx
x-powered-by
PHP/5.4.16 PleskLin
content-type
text/html
loader.css
canada-scotiabank.com/css/ 		379 KB
380 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://canada-scotiabank.com/css/loader.css
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
1356ddec98723ecffb932300b29b0edcc57caec3c23528bee39f52dc6c5efa18

Request headers

:path
/css/loader.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/online/authentication/index.php
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/online/authentication/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
last-modified
Thu, 29 Mar 2018 21:32:56 GMT
server
nginx
x-powered-by
PleskLin
etag
"5abd5b88-5edcc"
content-type
text/css
status
200
accept-ranges
bytes
content-length
388556
jquery-ui-1.8.2.custom.css
canada-scotiabank.com/css/blitzer/ 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://canada-scotiabank.com/css/blitzer/jquery-ui-1.8.2.custom.css
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
8251c1d254247b1aa8888ee57024112771625046f92034f0ce262ebdf7f23052

Request headers

:path
/css/blitzer/jquery-ui-1.8.2.custom.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/online/authentication/index.php
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/online/authentication/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
last-modified
Thu, 29 Mar 2018 21:32:56 GMT
server
nginx
x-powered-by
PleskLin
etag
"5abd5b88-26f6"
content-type
text/css
status
200
accept-ranges
bytes
content-length
9974
c2c-loader.css
canada-scotiabank.com/css/c2c/plugin/ 		111 B
279 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://canada-scotiabank.com/css/c2c/plugin/c2c-loader.css
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
394c0a01807cd4bc1f625c4861728ec9830801ac90e6c0082fb3e52f792965d2

Request headers

:path
/css/c2c/plugin/c2c-loader.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/online/authentication/index.php
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/online/authentication/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
etag
"6f-56893de067680"
last-modified
Thu, 29 Mar 2018 21:32:58 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
status
200
x-accel-version
0.01
accept-ranges
bytes
content-length
111
ajax-loader-small.gif
canada-scotiabank.com/images/shell/ 		673 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canada-scotiabank.com/images/shell/ajax-loader-small.gif
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
744a1f4f91613c80cf192f53f37d58a97f2342551fc3688c6c1688ac3de97bad

Request headers

:path
/images/shell/ajax-loader-small.gif
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/online/authentication/index.php
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/online/authentication/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
etag
"2a1-568939384fa00"
last-modified
Thu, 29 Mar 2018 21:12:08 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
status
200
x-accel-version
0.01
accept-ranges
bytes
content-length
673
icon_print.png
canada-scotiabank.com/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canada-scotiabank.com/images/icons/icon_print.png
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
816933517550c1e9fb4ba30176e10832a897b375de17ed22a7d53c7afb5910d3

Request headers

:path
/images/icons/icon_print.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/online/authentication/index.php
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/online/authentication/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
last-modified
Thu, 29 Mar 2018 21:12:08 GMT
server
nginx
x-powered-by
PleskLin
etag
"5abd56a8-44e"
content-type
image/png
status
200
accept-ranges
bytes
content-length
1102
scotiabank-group-bw.gif
canada-scotiabank.com/images/branding/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canada-scotiabank.com/images/branding/scotiabank-group-bw.gif
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
b48583bc5878d27332c6f751cfd7c9be9268330fb3f61d8af683ba0fa205f58a

Request headers

:path
/images/branding/scotiabank-group-bw.gif
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/online/authentication/index.php
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/online/authentication/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
last-modified
Thu, 29 Mar 2018 21:12:08 GMT
server
nginx
x-powered-by
PleskLin
etag
"5abd56a8-9f6"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
2550
com_sun_faces_sunjsf.js.bns
www.scotiaonline.scotiabank.com/online/ 		429 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scotiaonline.scotiabank.com/online/com_sun_faces_sunjsf.js.bns
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
HTTP/1.1
Server
172.227.130.7 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-130-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7cf659908c2288ae706bc3c755a65b5e58ec26aa368c8ebdc29f5d9af033b324

Request headers

Referer
https://canada-scotiabank.com/online/authentication/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 08 Apr 2018 06:56:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Content-Language
en
Cache-Control
max-age=3600, no-cache=set-cookie
Connection
keep-alive
Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
278
Expires
Thu, 01 Dec 1994 16:00:00 GMT
icon_help.png
canada-scotiabank.com/images/icons/ 		643 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canada-scotiabank.com/images/icons/icon_help.png
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
408f07113d8d08430067b70f17a6b248ce774dbe7fbf5fefd9037ff517889fd5

Request headers

:path
/images/icons/icon_help.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/online/authentication/index.php
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/online/authentication/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
etag
"283-568939384fa00"
last-modified
Thu, 29 Mar 2018 21:12:08 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
status
200
x-accel-version
0.01
accept-ranges
bytes
content-length
643
BrowserDetectUtils.js
canada-scotiabank.com/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://canada-scotiabank.com/js/BrowserDetectUtils.js
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
60e5f23618c1661440f40e3fb33c0a46ed2f07072cc2d54ce8a4cdb410a2d375

Request headers

:path
/js/BrowserDetectUtils.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/online/authentication/index.php
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/online/authentication/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
last-modified
Thu, 29 Mar 2018 21:32:52 GMT
server
nginx
x-powered-by
PleskLin
etag
"5abd5b84-10b1"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
4273
icon_success.png
canada-scotiabank.com/images/icons/ 		711 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canada-scotiabank.com/images/icons/icon_success.png
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
a95fbdabc8d66f969f2e7c05e92b757dcc436c432c69eb4b45192aa68d90c9fd

Request headers

:path
/images/icons/icon_success.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/online/authentication/index.php
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/online/authentication/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
etag
"2c7-568939384fa00"
last-modified
Thu, 29 Mar 2018 21:12:08 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
status
200
x-accel-version
0.01
accept-ranges
bytes
content-length
711
ad-mobile2-loginleft-en.png
canada-scotiabank.com/images/marketing/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canada-scotiabank.com/images/marketing/ad-mobile2-loginleft-en.png
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
de6549039dba407b6499d25b8821d1adb20ca5e2687f74c9ef05c5fb08d2dfe8

Request headers

:path
/images/marketing/ad-mobile2-loginleft-en.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/online/authentication/index.php
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/online/authentication/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
last-modified
Thu, 29 Mar 2018 21:12:08 GMT
server
nginx
x-powered-by
PleskLin
etag
"5abd56a8-7d5e"
content-type
image/png
status
200
accept-ranges
bytes
content-length
32094
ad-rogers_sportsnet_april-loginleft-en.png
canada-scotiabank.com/contentdocs/SOL_Publishing/Marketing/2018/04-Apr/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canada-scotiabank.com/contentdocs/SOL_Publishing/Marketing/2018/04-Apr/ad-rogers_sportsnet_april-loginleft-en.png
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
21d3b71de1890a23acabbe5171b38c959d7bbb4328dc5dced1a0166cc54667da

Request headers

:path
/contentdocs/SOL_Publishing/Marketing/2018/04-Apr/ad-rogers_sportsnet_april-loginleft-en.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/online/authentication/index.php
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/online/authentication/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
last-modified
Thu, 29 Mar 2018 16:01:50 GMT
server
nginx
x-powered-by
PleskLin
etag
"5abd0dee-6128"
content-type
image/png
status
200
accept-ranges
bytes
content-length
24872
bd-1-29
www.scotiaonline.scotiabank.com/_bm/ 		54 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scotiaonline.scotiabank.com/_bm/bd-1-29
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
HTTP/1.1
Server
172.227.130.7 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-130-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0e3ca5ff965bf78ca037fe0bb07e7e0e3af713b327a411068b2ca5f0abc3cdd0

Request headers

Referer
https://canada-scotiabank.com/online/authentication/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 08 Apr 2018 06:56:12 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Mar 2018 17:23:51 GMT
ETag
"8ea2f5ac46845d5d11975b591416d19b39cac88b3c9f335eccf1c9bd4880d67c"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Content-Length
13704
bg_Curtain_overall.png
canada-scotiabank.com/images/backgrounds/ 		160 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canada-scotiabank.com/images/backgrounds/bg_Curtain_overall.png
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
7ca6ab8f08bd643a1eee32900e4dca2e2d8f56b716f0cf118b7a2f56ccd1f2fd

Request headers

:path
/images/backgrounds/bg_Curtain_overall.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/css/loader.css
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/css/loader.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
etag
"a0-568939384fa00"
last-modified
Thu, 29 Mar 2018 21:12:08 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
status
200
x-accel-version
0.01
accept-ranges
bytes
content-length
160
nav-bg.png
canada-scotiabank.com/images/nav/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canada-scotiabank.com/images/nav/nav-bg.png
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
2290c1d1c885e7ffc5213c5f84fa864552c3640e35b5bfb45140d9f4356a6093

Request headers

:path
/images/nav/nav-bg.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/css/loader.css
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/css/loader.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
last-modified
Thu, 29 Mar 2018 21:12:08 GMT
server
nginx
x-powered-by
PleskLin
etag
"5abd56a8-b3c"
content-type
image/png
status
200
accept-ranges
bytes
content-length
2876
bg_vertical_dotted_line1.png
canada-scotiabank.com/images/backgrounds/ 		77 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canada-scotiabank.com/images/backgrounds/bg_vertical_dotted_line1.png
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
c6cbdb8e854f700eeb987e01ff817004ed07596e74675b628f1611fe91213369

Request headers

:path
/images/backgrounds/bg_vertical_dotted_line1.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/css/loader.css
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/css/loader.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
etag
"4d-568939384fa00"
last-modified
Thu, 29 Mar 2018 21:12:08 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
status
200
x-accel-version
0.01
accept-ranges
bytes
content-length
77
scotiabank-group.gif
canada-scotiabank.com/images/branding/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canada-scotiabank.com/images/branding/scotiabank-group.gif
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
4320b7969df049d2ac843edc9d3b5611a6fee6802bde8bcfd97d1cbbafb7b45e

Request headers

:path
/images/branding/scotiabank-group.gif
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/css/loader.css
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/css/loader.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
last-modified
Thu, 29 Mar 2018 21:12:08 GMT
server
nginx
x-powered-by
PleskLin
etag
"5abd56a8-b18"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
2840
bg_signon.png
canada-scotiabank.com/images/backgrounds/ 		121 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canada-scotiabank.com/images/backgrounds/bg_signon.png
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
229def774e0909f6ae8d9938c0799f85f9f0d542f4026b68fb7d0d32a0df0ec3

Request headers

:path
/images/backgrounds/bg_signon.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/css/loader.css
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/css/loader.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
etag
"79-568939384fa00"
last-modified
Thu, 29 Mar 2018 21:12:08 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
status
200
x-accel-version
0.01
accept-ranges
bytes
content-length
121
download-trustee.png
canada-scotiabank.com/images/marketing/banners/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canada-scotiabank.com/images/marketing/banners/download-trustee.png
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
541a235d37c4ecea24dbd30fb57297f1c97b7fa2a21995bc3e140d02dd58a4fb

Request headers

:path
/images/marketing/banners/download-trustee.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/css/loader.css
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/css/loader.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
last-modified
Thu, 29 Mar 2018 21:12:08 GMT
server
nginx
x-powered-by
PleskLin
etag
"5abd56a8-1191"
content-type
image/png
status
200
accept-ranges
bytes
content-length
4497
lock.png
canada-scotiabank.com/images/marketing/banners/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canada-scotiabank.com/images/marketing/banners/lock.png
Requested by
Host: canada-scotiabank.com
URL: https://canada-scotiabank.com/online/authentication/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
1dc148caf3ae416b653bfdcd9847da3642546e9683e164e2e0dc5c0aad6af87f

Request headers

:path
/images/marketing/banners/lock.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/css/loader.css
:scheme
https
:method
GET
Referer
https://canada-scotiabank.com/css/loader.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
last-modified
Thu, 29 Mar 2018 21:12:08 GMT
server
nginx
x-powered-by
PleskLin
etag
"5abd56a8-e56"
content-type
image/png
status
200
accept-ranges
bytes
content-length
3670
_data
canada-scotiabank.com/_bm/ 		808 B
960 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://canada-scotiabank.com/_bm/_data
Requested by
Host: www.scotiaonline.scotiabank.com
URL: https://www.scotiaonline.scotiabank.com/_bm/bd-1-29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.247.22.139 Yellowknife, Canada, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
199.247.22.139.vultr.com
Software
nginx / PleskLin
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

:path
/_bm/_data
pragma
no-cache
origin
https://canada-scotiabank.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
content-type
text/plain;charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
canada-scotiabank.com
referer
https://canada-scotiabank.com/online/authentication/index.php
:scheme
https
content-length
1029
:method
POST
Referer
https://canada-scotiabank.com/online/authentication/index.php
Origin
https://canada-scotiabank.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 08 Apr 2018 06:56:12 GMT
etag
"328-5694d319165b0"
last-modified
Sun, 08 Apr 2018 02:39:08 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/html
status
404
accept-ranges
bytes
content-length
808

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Scotiabank (Banking)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showContactUsCurtainByPhone function| showContactUsCurtainByMail function| showContactUsCurtainBySendEmail function| showHelpCurtainByTopQuestions function| showContactUsCurtainBySocialMedia function| clear_showContactUsByJSLink function| clearFormHiddenParams_showContactUsByJSLink function| clear_helpCentre_curtain_searchForm function| clearFormHiddenParams_helpCentre_curtain_searchForm function| moveFocus function| clear_helpCentre_curtain_contentForm function| clearFormHiddenParams_helpCentre_curtain_contentForm function| clear_helpCentre_curtainMenuControls_helpform function| clearFormHiddenParams_helpCentre_curtainMenuControls_helpform function| clear_helpCentre_curtainMenuControls_contactform function| clearFormHiddenParams_helpCentre_curtainMenuControls_contactform function| setContactTabFocus function| dpf function| apf function| jsfcljs function| browser function| browserVersion function| checkBrowser undefined| meta undefined| lng undefined| detectMsg boolean| isOld function| rememberMyCard function| rCallback function| setTrusteer function| scotiaAdvisorMailLinkEvent string| str object| _cf object| _ac object| cf string| _sd_trace

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://canada-scotiabank.com/js/BrowserDetectUtils.js(Line 30)
Message:
Don't know
console-api log URL: https://canada-scotiabank.com/js/BrowserDetectUtils.js(Line 30)
Message:
Don't know

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

canada-scotiabank.com
www.scotiaonline.scotiabank.com
172.227.130.7
199.247.22.139
0e3ca5ff965bf78ca037fe0bb07e7e0e3af713b327a411068b2ca5f0abc3cdd0
1356ddec98723ecffb932300b29b0edcc57caec3c23528bee39f52dc6c5efa18
1dc148caf3ae416b653bfdcd9847da3642546e9683e164e2e0dc5c0aad6af87f
21d3b71de1890a23acabbe5171b38c959d7bbb4328dc5dced1a0166cc54667da
2290c1d1c885e7ffc5213c5f84fa864552c3640e35b5bfb45140d9f4356a6093
229def774e0909f6ae8d9938c0799f85f9f0d542f4026b68fb7d0d32a0df0ec3
2d5f2adbd94c58eac0d86fc57cd3f7413f75433144ddf4c8193a89fd8aca8149
394c0a01807cd4bc1f625c4861728ec9830801ac90e6c0082fb3e52f792965d2
408f07113d8d08430067b70f17a6b248ce774dbe7fbf5fefd9037ff517889fd5
4320b7969df049d2ac843edc9d3b5611a6fee6802bde8bcfd97d1cbbafb7b45e
541a235d37c4ecea24dbd30fb57297f1c97b7fa2a21995bc3e140d02dd58a4fb
60e5f23618c1661440f40e3fb33c0a46ed2f07072cc2d54ce8a4cdb410a2d375
744a1f4f91613c80cf192f53f37d58a97f2342551fc3688c6c1688ac3de97bad
7ca6ab8f08bd643a1eee32900e4dca2e2d8f56b716f0cf118b7a2f56ccd1f2fd
7cf659908c2288ae706bc3c755a65b5e58ec26aa368c8ebdc29f5d9af033b324
816933517550c1e9fb4ba30176e10832a897b375de17ed22a7d53c7afb5910d3
8251c1d254247b1aa8888ee57024112771625046f92034f0ce262ebdf7f23052
a95fbdabc8d66f969f2e7c05e92b757dcc436c432c69eb4b45192aa68d90c9fd
b48583bc5878d27332c6f751cfd7c9be9268330fb3f61d8af683ba0fa205f58a
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
c6cbdb8e854f700eeb987e01ff817004ed07596e74675b628f1611fe91213369
de6549039dba407b6499d25b8821d1adb20ca5e2687f74c9ef05c5fb08d2dfe8