urlscan.io logo urlscan.io
SecurityTrails logo

property.propteam.in Open in urlscan Pro
103.211.217.218  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://property.propteam.in/csss/a/access.php
Submission: On November 17 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 8 countries across 24 domains to perform 53 HTTP transactions. The main IP is 103.211.217.218, located in Mumbai, India and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is property.propteam.in.
This is the only time property.propteam.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

IP Address AS Autonomous System
5 103.211.217.218 394695 (PUBLIC-DO...)
5 23.37.35.213 16625 (AKAMAI-AS)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 15 52.48.145.41 16509 (AMAZON-02)
1 52.214.44.171 16509 (AMAZON-02)
1 15.236.176.210 16509 (AMAZON-02)
1 1 34.248.191.66 16509 (AMAZON-02)
1 1 185.29.134.248 30419 (MEDIAMATH...)
2 3 37.252.173.22 29990 (ASN-APPNEX)
1 208.100.17.175 32748 (STEADFAST)
2 3 142.250.185.66 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 193.0.160.129 54312 (ROCKETFUEL)
2 2 15.197.193.217 16509 (AMAZON-02)
1 1 91.228.74.134 16509 (AMAZON-02)
1 1 54.229.143.145 16509 (AMAZON-02)
1 1 3.124.210.90 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
2 2 143.204.98.86 16509 (AMAZON-02)
2 2 52.19.22.209 16509 (AMAZON-02)
8 8 151.101.130.49 54113 (FASTLY)
1 69.173.144.165 26667 (RUBICONPR...)
1 2 184.30.20.241 16625 (AKAMAI-AS)
1 2 35.244.159.8 15169 (GOOGLE)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 185.94.180.126 35220 (SPOTX-AMS)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 1 51.79.83.225 16276 (OVH)
53 17
5    103.211.217.218 (Mumbai, India)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
property.propteam.in
5    23.37.35.213 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-35-213.deploy.static.akamaitechnologies.com
auth.scotiaonline.scotiabank.com
3    2a02:26f0:6c00:2ab::51e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
dmtags.scotiabank.com
15    52.48.145.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.214.44.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-44-171.eu-west-1.compute.amazonaws.com
scotiabank.demdex.net
1    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
somniture.scotiabank.com
1    34.248.191.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    208.100.17.175 (United States)

ASN32748 (STEADFAST, US)
PTR: ip175.208-100-17.static.steadfastdns.net
dp2.33across.com
3    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
2    2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)
navdmp.com
cdn.navdmp.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    91.228.74.134 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    54.229.143.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com
ml314.com
1    3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
2    143.204.98.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net
ads.scorecardresearch.com
2    52.19.22.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
8    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    184.30.20.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    51.79.83.225 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh
pixel.onaudience.com
Domain Requested by
15 dpm.demdex.net 1 redirects property.propteam.in
8 sync-tm.everesttech.net 8 redirects
5 auth.scotiaonline.scotiabank.com property.propteam.in
auth.scotiaonline.scotiabank.com
5 property.propteam.in property.propteam.in
3 cm.g.doubleclick.net 2 redirects
3 ib.adnxs.com 2 redirects
3 dmtags.scotiabank.com property.propteam.in
dmtags.scotiabank.com
2 sync.search.spotxchange.com 1 redirects
2 us-u.openx.net 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 sync.crwdcntrl.net 2 redirects
2 ads.scorecardresearch.com 2 redirects
2 match.adsrvr.org 2 redirects
1 pixel.onaudience.com 1 redirects
1 www.facebook.com
1 image2.pubmatic.com
1 pixel.rubiconproject.com
1 cms.analytics.yahoo.com 1 redirects
1 ps.eyeota.net 1 redirects
1 ml314.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 p.rfihub.com 1 redirects
1 cdn.navdmp.com
1 navdmp.com 1 redirects
1 dp2.33across.com property.propteam.in
1 sync.mathtag.com 1 redirects
1 cm.everesttech.net 1 redirects
1 somniture.scotiabank.com dmtags.scotiabank.com
1 scotiabank.demdex.net dmtags.scotiabank.com
53 29

This site contains links to these domains. Also see Links.

Domain
www.scotiabank.com
Subject Issuer Validity Valid
auth.scotiabank.com
Entrust Certification Authority - L1K		 2020-02-27 -
2022-02-27		 2 years crt.sh
apps.scotiabank.com
Entrust Certification Authority - L1K		 2020-08-21 -
2022-11-20		 2 years crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
somniture.scotiabank.com
Entrust Certification Authority - L1K		 2020-07-29 -
2022-09-29		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh

This page contains 2 frames:

Primary Page: http://property.propteam.in/csss/a/access.php
Frame ID: 9BA59140C4C5CCE2B7A8F11E3ECF30AB
Requests: 30 HTTP requests in this frame

Frame: https://scotiabank.demdex.net/dest5.html?d_nsid=0
Frame ID: FEEFF81F485244F8721B168B2656AC96
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Activate online banking | Scotiabank

Page Statistics

53
Requests

21 %
HTTPS

11 %
IPv6

24
Domains

29
Subdomains

17
IPs

8
Countries

360 kB
Transfer

590 kB
Size

35
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1637159811394 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1637159811394
Request Chain 25
  • https://cm.everesttech.net/cm/dd?d_uuid=05399028603764272351659135345195151838 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZUTgwAAAHix2QQE
Request Chain 28
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=05399028603764272351659135345195151838&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d05399028603764272351659135345195151838 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=69026195-1383-4900-b5a5-36b59b90597e&ddsuuid=05399028603764272351659135345195151838
Request Chain 30
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=2052000274108067809
Request Chain 33
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDUzOTkwMjg2MDM3NjQyNzIzNTE2NTkxMzUzNDUxOTUxNTE4Mzg= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDUzOTkwMjg2MDM3NjQyNzIzNTE2NTkxMzUzNDUxOTUxNTE4Mzg=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEENw5O_MctHv_fVDgf1Cch8&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 34
  • https://navdmp.com/req?adID=05399028603764272351659135345195151838 HTTP 301
  • https://cdn.navdmp.com/req?adID=05399028603764272351659135345195151838
Request Chain 35
  • https://p.rfihub.com/cm?in=1&pub=7085 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5144588518627778487
Request Chain 36
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=a8850d71-6e84-4ace-a6a0-10cf053cfe95
Request Chain 37
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=tOT3XLPm9l2vt68P57DjCrq0_luv5Phb47doy3KZ
Request Chain 38
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623071581189701739
Request Chain 39
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=05399028603764272351659135345195151838&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 40
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=05399028603764272351659135345195151838&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-o65v54VE2pFe5_M9mxzrPlhNhU09XGhxRIs-~A
Request Chain 41
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=05399028603764272351659135345195151838&rn=1637159811525&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D05399028603764272351659135345195151838 HTTP 302
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=05399028603764272351659135345195151838&rn=1637159811525&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D05399028603764272351659135345195151838 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=05399028603764272351659135345195151838
Request Chain 42
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=05399028603764272351659135345195151838?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=05399028603764272351659135345195151838?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=ae71693c6288d9ec65f94b72f806c2b9
Request Chain 43
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVpVVGd3QUFBSGl4MlFRRQ==
Request Chain 44
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZUTgwAAAHix2QQE&expires=90
Request Chain 45
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZUTgwAAAHix2QQE HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZUTgwAAAHix2QQE&C=1
Request Chain 46
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YZUTgwAAAHix2QQE
Request Chain 47
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZUTgwAAAHix2QQE HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZUTgwAAAHix2QQE
Request Chain 48
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZUTgwAAAHix2QQE
Request Chain 49
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZUTgwAAAHix2QQE&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZUTgwAAAHix2QQE&img=1&__user_check__=1&sync_id=cedd044b-47b3-11ec-982c-107c10e90206
Request Chain 50
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZUTgwAAAHix2QQE&t=2592000&o=0
Request Chain 51
  • https://pixel.onaudience.com/?partner=130&mapped=05399028603764272351659135345195151838&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m HTTP 302
  • https://dpm.demdex.net/ibs:dpid=161033&dpuuid=

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request access.php
property.propteam.in/csss/a/ 		57 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://property.propteam.in/csss/a/access.php
Protocol
HTTP/1.1
Server
103.211.217.218 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
b3c9da4fc5dae2f1b5724343f86a69ea137a80d5d89535d39bfe0a67eda9ca9f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 17 Nov 2021 14:36:49 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
style.css
property.propteam.in/csss/a/css/ 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://property.propteam.in/csss/a/css/style.css
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
HTTP/1.1
Server
103.211.217.218 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
df5fa52e44906aeb2386c235a9e5802570a5079ce1360b18e8b8926604ac5933

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/csss/a/access.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 14:36:49 GMT
Last-Modified
Mon, 15 Nov 2021 01:23:27 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=100
Content-Length
21123
app.css
property.propteam.in/csss/a/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://property.propteam.in/csss/a/css/app.css
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
HTTP/1.1
Server
103.211.217.218 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
5efb393cf10db7ee157dcd3109179e7619633c7e8d17c5ab3eab1ea1278f6dd1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/csss/a/access.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 14:36:50 GMT
Last-Modified
Mon, 15 Nov 2021 01:23:27 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=100
Content-Length
2530
jquery.min.js
property.propteam.in/csss/a/js/ 		152 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://property.propteam.in/csss/a/js/jquery.min.js
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
HTTP/1.1
Server
103.211.217.218 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
7aa387f2db11236e0a3d6e4124c33bbf9f588dff926a1454a92ce694fc84c620

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/csss/a/access.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 14:36:50 GMT
Last-Modified
Mon, 15 Nov 2021 01:23:27 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=5, max=100
Content-Length
156111
validet.js
property.propteam.in/csss/a/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://property.propteam.in/csss/a/js/validet.js
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
HTTP/1.1
Server
103.211.217.218 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
3668352cee7c03431751e26e34aebf496fe874ae28a8b96c4481dc129b502822

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/csss/a/access.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 14:36:50 GMT
Last-Modified
Mon, 15 Nov 2021 01:23:27 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=5, max=100
Content-Length
7250
70b639061f98b1c69453561585c346aa.svg
auth.scotiaonline.scotiabank.com/activation/assets/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.scotiaonline.scotiabank.com/activation/assets/70b639061f98b1c69453561585c346aa.svg
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.37.35.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-35-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0484e1831b837c266bac198cf3d78b0309653b4cdfeb2937d3192d5501377c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-type
image/svg+xml
date
Wed, 17 Nov 2021 14:36:51 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-language
de-DE
x-vcap-request-id
f1390e23-47e8-4917-610c-97920bdcabd6
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
896
x-xss-protection
1; mode=block
runtime.c071eb6d27cee71efc0f.js
auth.scotiaonline.scotiabank.com/activation/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.scotiaonline.scotiabank.com/activation/runtime.c071eb6d27cee71efc0f.js
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.37.35.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-35-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
main.0229238f6886f9cbc714.chunk.js
auth.scotiaonline.scotiabank.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.scotiaonline.scotiabank.com/main.0229238f6886f9cbc714.chunk.js
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.37.35.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-35-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
launch-edbf66c903b6.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/ 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a02:26f0:6c00:2ab::51e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cc86cf5dc3e4783dec807d1e8b3c1f0ab4cafaedd701b74c03cfd026749bfd88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 14:36:51 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Oct 2021 22:50:51 GMT
Server
nginx
ETag
W/"617734cb-37885"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
5f0e225c-d0fb-42ca-5842-10073c862131
Connection
keep-alive
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Length
61353
0dc52809a5rn168a4520adf9632ed93a
auth.scotiaonline.scotiabank.com/resource/ 		77 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.scotiaonline.scotiabank.com/resource/0dc52809a5rn168a4520adf9632ed93a
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.37.35.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-35-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7923c5df4689d8e2b03d4b24349057eb7415f9d70b6cd91975fd19814b402821

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 14:36:51 GMT
content-encoding
gzip
last-modified
Mon, 26 Apr 2021 16:10:06 GMT
etag
"d1dbb955755ca44a0b872a64f97c471a45b14e941f69d082c19f792576ae34fb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
content-length
19642
expires
0
styles.cfa32f0262131d6476ad.css
auth.scotiaonline.scotiabank.com/activation/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.scotiaonline.scotiabank.com/activation/styles.cfa32f0262131d6476ad.css
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.37.35.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-35-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
15243e297f5364bd59f4088a864abbf7.woff
auth.scotiaonline.scotiabank.com/assets/ 		0
0
8fd30bd010d9e2c7677ec339685f958b.woff
auth.scotiaonline.scotiabank.com/assets/ 		0
0
00cecde981e3ef7491eba946f4b95fe0.woff
auth.scotiaonline.scotiabank.com/assets/ 		0
0
8424a042624210828b0fbe7a8c533b2a.woff2
auth.scotiaonline.scotiabank.com/assets/ 		0
0
1e98970fd9c76545bbf1e1a377f4f3c2.woff2
auth.scotiaonline.scotiabank.com/assets/ 		0
0
3ca6c3facf3966b88b55118f7821ee72.woff2
auth.scotiaonline.scotiabank.com/assets/ 		0
0
50805f331bb1b697aafb6f0c28b09212.woff2
auth.scotiaonline.scotiabank.com/assets/ 		0
0
0a9f36f23c26fbad0827f0a8ec86c908.woff
auth.scotiaonline.scotiabank.com/assets/ 		0
0
0dc52809a5rn168a4520adf9632ed93a
auth.scotiaonline.scotiabank.com/resource/ 		0
0
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1637159811394
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1637159811394
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1637159811394
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
HTTP/1.1
Server
52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
706680930e1e1255269fa5b64e71bae00c4b76c11714f01bf741c4986200bce8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-0180a36c3.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
DrsFYTksTP0=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://property.propteam.in
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1604
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v019-080af9c5c.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
http://property.propteam.in
X-TID
UnLhqSMSSUI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1637159811394
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/181ee72fc5a6/hostedLibFiles/EPbde2f7ca14e540399dcc1f8208860b7b/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/181ee72fc5a6/hostedLibFiles/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a02:26f0:6c00:2ab::51e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 14:36:51 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Oct 2021 22:50:12 GMT
Server
nginx
ETag
W/"617734a4-82b6"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
9a5c5af4-a864-461f-76c1-6c2f0a557171
Connection
keep-alive
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Length
12184
AppMeasurement_Module_ActivityMap.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/181ee72fc5a6/hostedLibFiles/EPbde2f7ca14e540399dcc1f8208860b7b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/181ee72fc5a6/hostedLibFiles/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a02:26f0:6c00:2ab::51e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 14:36:51 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Oct 2021 22:50:12 GMT
Server
nginx
ETag
W/"617734a4-ce7"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
39ed4ca2-b064-4055-4849-206ac3bc52af
Connection
keep-alive
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Length
1594
7e2a698e9980c7ba52f69a2717e97b86.woff
auth.scotiaonline.scotiabank.com/assets/ 		0
0
dest5.html
scotiabank.demdex.net/ Frame FEEF 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://scotiabank.demdex.net/dest5.html?d_nsid=0
Requested by
Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.44.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-44-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Wed, 17 Nov 2021 14:36:51 GMT
DCS
dcs-prod-irl1-2-v019-025614274.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 14 Oct 2021 11:09:07 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
kN4MzdhzRzY=
Content-Length
2791
Connection
keep-alive
id
somniture.scotiabank.com/ 		48 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://somniture.scotiabank.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=07512038307731476331879337927381081292&ts=1637159811545
Requested by
Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
1871f5b358946ad636000b037f359b7e4daf578e68ba5b9353009510caca62e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://property.propteam.in/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 17 Nov 2021 14:36:51 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-6988cccb6f-5qgmc
vary
Origin
x-c
main-1542.If2e2aa.M0-523
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://property.propteam.in
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YZUTgwAAAHix2QQE
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=05399028603764272351659135345195151838
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZUTgwAAAHix2QQE
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZUTgwAAAHix2QQE
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
HTTP/1.1
Server
52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://property.propteam.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-0143259ca.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
VPa3woCvQFo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZUTgwAAAHix2QQE
Date
Wed, 17 Nov 2021 14:36:51 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
12b6c5fcbc2e61c7ba17f51cd9c2b8c0.ttf
auth.scotiaonline.scotiabank.com/assets/ 		0
0
64a8523319c68ca5e492309a68af4a9e.woff2
auth.scotiaonline.scotiabank.com/assets/ 		0
0
ibs:dpid=269&dpuuid=69026195-1383-4900-b5a5-36b59b90597e&ddsuuid=05399028603764272351659135345195151838
dpm.demdex.net/ Frame FEEF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=05399028603764272351659135345195151838&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d05399028603764...
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=69026195-1383-4900-b5a5-36b59b90597e&ddsuuid=05399028603764272351659135345195151838
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=269&dpuuid=69026195-1383-4900-b5a5-36b59b90597e&ddsuuid=05399028603764272351659135345195151838
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
HTTP/1.1
Server
52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-090b1e384.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
jr58nMttRm0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Wed, 17 Nov 2021 14:36:51 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x6 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=269&dpuuid=69026195-1383-4900-b5a5-36b59b90597e&ddsuuid=05399028603764272351659135345195151838
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 Nov 2021 14:36:50 GMT
811a29d581fc684aa63616499cad4782.ttf
auth.scotiaonline.scotiabank.com/assets/ 		0
0
ibs:dpid=358&dpuuid=2052000274108067809
dpm.demdex.net/ Frame FEEF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=2052000274108067809
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=2052000274108067809
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
HTTP/1.1
Server
52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-02486b1d5.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
khBw4N+9RBQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 14:36:51 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6078dabc-331c-4bb6-a65d-8086093f8fde
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=2052000274108067809
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
0dc52809a5rn168a4520adf9632ed93a
auth.scotiaonline.scotiabank.com/resource/ 		0
0
/
dp2.33across.com/ps/ Frame FEEF 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dp2.33across.com/ps/?pid=897&random=520810462
Requested by
Host: property.propteam.in
URL: http://property.propteam.in/csss/a/access.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.175 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip175.208-100-17.static.steadfastdns.net
Software
33XP004 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-33x-status
208
date
Wed, 17 Nov 2021 14:36:51 GMT
server
33XP004
ibs:dpid=771&dpuuid=CAESEENw5O_MctHv_fVDgf1Cch8&google_cver=1
dpm.demdex.net/ Frame FEEF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDUzOTkwMjg2MDM3NjQyNzIzNTE2NTkxMzUzNDUxOTUxNTE4Mzg=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDUzOTkwMjg2MDM3NjQyNzIzNTE2NTkxMzUzNDUxOTUxNTE4Mzg=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEENw5O_MctHv_fVDgf1Cch8&google_cver=1?gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEENw5O_MctHv_fVDgf1Cch8&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-03035d387.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ksCKK/qUS5g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 14:36:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEENw5O_MctHv_fVDgf1Cch8&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
req
cdn.navdmp.com/ Frame FEEF
Redirect Chain
  • https://navdmp.com/req?adID=05399028603764272351659135345195151838
  • https://cdn.navdmp.com/req?adID=05399028603764272351659135345195151838
6 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.navdmp.com/req?adID=05399028603764272351659135345195151838
Protocol
H2
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 14:36:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6af9b19b0e8a5c3e-FRA
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript

Redirect headers

location
https://cdn.navdmp.com/req?adID=05399028603764272351659135345195151838
date
Wed, 17 Nov 2021 14:36:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6af9b19a1bdc5c3e-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html
ibs:dpid=1121&dpuuid=5144588518627778487
dpm.demdex.net/ Frame FEEF
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=7085
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5144588518627778487
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5144588518627778487
Protocol
HTTP/1.1
Server
52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-003e67e75.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
U/Uskdq1SF0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5144588518627778487
Date
Wed, 17 Nov 2021 14:36:52 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=903&dpuuid=a8850d71-6e84-4ace-a6a0-10cf053cfe95
dpm.demdex.net/ Frame FEEF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=a8850d71-6e84-4ace-a6a0-10cf053cfe95
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=a8850d71-6e84-4ace-a6a0-10cf053cfe95
Protocol
HTTP/1.1
Server
52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-09136a7c7.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
0mptka6RTew=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 14:36:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=a8850d71-6e84-4ace-a6a0-10cf053cfe95
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
189
ibs:dpid=1175&gdpr=0&dpuuid=tOT3XLPm9l2vt68P57DjCrq0_luv5Phb47doy3KZ
dpm.demdex.net/ Frame FEEF
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=tOT3XLPm9l2vt68P57DjCrq0_luv5Phb47doy3KZ
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=tOT3XLPm9l2vt68P57DjCrq0_luv5Phb47doy3KZ
Protocol
HTTP/1.1
Server
52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-02486b1d5.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
1zvd2iz5SxM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 14:36:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=tOT3XLPm9l2vt68P57DjCrq0_luv5Phb47doy3KZ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ibs:dpid=22052&dpuuid=3623071581189701739
dpm.demdex.net/ Frame FEEF
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623071581189701739
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623071581189701739
Protocol
HTTP/1.1
Server
52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-0550d3c00.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Oee6JJCsQP0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 14:36:52 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623071581189701739
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
185
Expires
0,Thu, 18 Nov 2021 09:36:52 GMT
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame FEEF
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=05399028603764272351659135345195151838&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Protocol
HTTP/1.1
Server
52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-05f4e7fba.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
bmY/J/BDSOg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Wed, 17 Nov 2021 14:36:52 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
ibs:dpid=30646
dpm.demdex.net/ Frame FEEF
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=05399028603764272351659135345195151838&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-o65v54VE2pFe5_M9mxzrPlhNhU09XGhxRIs-~A
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-o65v54VE2pFe5_M9mxzrPlhNhU09XGhxRIs-~A
Protocol
HTTP/1.1
Server
52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-0ab66d375.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
cyivpEOBS2w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Wed, 17 Nov 2021 14:36:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-o65v54VE2pFe5_M9mxzrPlhNhU09XGhxRIs-~A
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
ibs:dpid=73426&dpuuid=05399028603764272351659135345195151838
dpm.demdex.net/ Frame FEEF
Redirect Chain
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=05399028603764272351659135345195151838&rn=1637159811525&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D053990286037642...
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=05399028603764272351659135345195151838&rn=1637159811525&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D05399028603764...
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=05399028603764272351659135345195151838
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=05399028603764272351659135345195151838
Protocol
HTTP/1.1
Server
52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-07ca0a12f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
vZ6d3Y5VRGQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Wed, 17 Nov 2021 14:36:52 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=05399028603764272351659135345195151838
content-length
105
x-amz-cf-id
1Oub43-gMpgXq-roupqBDMcsg5PIyhWYVSOnwdDaU11HIdK9xSjWZA==
ibs:dpid=121998&dpuuid=ae71693c6288d9ec65f94b72f806c2b9
dpm.demdex.net/ Frame FEEF
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=05399028603764272351659135345195151838?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=05399028603764272351659135345195151838?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=ae71693c6288d9ec65f94b72f806c2b9
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=ae71693c6288d9ec65f94b72f806c2b9
Protocol
HTTP/1.1
Server
52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-006eac0f9.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
WIoFMmg8TQA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 14:36:53 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=ae71693c6288d9ec65f94b72f806c2b9
cache-control
no-cache
x-server
10.45.6.30
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame FEEF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVpVVGd3QUFBSGl4MlFRRQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVpVVGd3QUFBSGl4MlFRRQ==
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 14:36:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 14:36:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637159813.050534,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVpVVGd3QUFBSGl4MlFRRQ==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame FEEF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZUTgwAAAHix2QQE&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZUTgwAAAHix2QQE&expires=90
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 14:36:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637159813.134645,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZUTgwAAAHix2QQE&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame FEEF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZUTgwAAAHix2QQE
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZUTgwAAAHix2QQE&C=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZUTgwAAAHix2QQE&C=1
Protocol
HTTP/1.1
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 14:36:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Nov 2021 14:36:53 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 14:36:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZUTgwAAAHix2QQE&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Wed, 17 Nov 2021 14:36:53 GMT
setuid
ib.adnxs.com/ Frame FEEF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YZUTgwAAAHix2QQE
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YZUTgwAAAHix2QQE
Protocol
HTTP/1.1
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 14:36:53 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a7c884da-aa85-4492-8961-35d9488c9d78
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 14:36:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637159813.344241,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YZUTgwAAAHix2QQE
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame FEEF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZUTgwAAAHix2QQE
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZUTgwAAAHix2QQE
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZUTgwAAAHix2QQE
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 14:36:53 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZUTgwAAAHix2QQE
date
Wed, 17 Nov 2021 14:36:53 GMT
via
1.1 google
server
OXGW/16.218.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame FEEF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZUTgwAAAHix2QQE
1 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZUTgwAAAHix2QQE
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 14:36:52 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:380
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 14:36:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637159814.537738,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZUTgwAAAHix2QQE
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame FEEF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZUTgwAAAHix2QQE&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZUTgwAAAHix2QQE&img=1&__user_check__=1&sync_id=cedd044b-47b3-11ec-982c-107c10e90206
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZUTgwAAAHix2QQE&img=1&__user_check__=1&sync_id=cedd044b-47b3-11ec-982c-107c10e90206
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 14:36:53 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
5
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 17 Nov 2021 14:36:53 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YZUTgwAAAHix2QQE&img=1&__user_check__=1&sync_id=cedd044b-47b3-11ec-982c-107c10e90206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
85
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame FEEF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZUTgwAAAHix2QQE&t=2592000&o=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZUTgwAAAHix2QQE&t=2592000&o=0
Protocol
H2
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 06:36:53 PST
content-encoding
br
x-content-type-options
nosniff
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
6WrN87ks6Ogw5+Y/KD0bsJebCrijXWFNfWsoBVFfPIsraCYkRtFi1LIsuUXcWK6XEKtA2x4qoSLIsTXf0Jrbnw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Wed, 17 Nov 2021 06:36:53 PST

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 14:36:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637159814.740217,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZUTgwAAAHix2QQE&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ibs:dpid=161033&dpuuid=
dpm.demdex.net/ Frame FEEF
Redirect Chain
  • https://pixel.onaudience.com/?partner=130&mapped=05399028603764272351659135345195151838&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m
  • https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
42 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
Protocol
HTTP/1.1
Server
52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-09eb10935.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
104,300
X-TID
CCt1H1/ZSto=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
auth.scotiaonline.scotiabank.com
URL
https://auth.scotiaonline.scotiabank.com/assets/15243e297f5364bd59f4088a864abbf7.woff
Domain
auth.scotiaonline.scotiabank.com
URL
https://auth.scotiaonline.scotiabank.com/assets/8fd30bd010d9e2c7677ec339685f958b.woff
Domain
auth.scotiaonline.scotiabank.com
URL
https://auth.scotiaonline.scotiabank.com/assets/00cecde981e3ef7491eba946f4b95fe0.woff
Domain
auth.scotiaonline.scotiabank.com
URL
https://auth.scotiaonline.scotiabank.com/assets/8424a042624210828b0fbe7a8c533b2a.woff2
Domain
auth.scotiaonline.scotiabank.com
URL
https://auth.scotiaonline.scotiabank.com/assets/1e98970fd9c76545bbf1e1a377f4f3c2.woff2
Domain
auth.scotiaonline.scotiabank.com
URL
https://auth.scotiaonline.scotiabank.com/assets/3ca6c3facf3966b88b55118f7821ee72.woff2
Domain
auth.scotiaonline.scotiabank.com
URL
https://auth.scotiaonline.scotiabank.com/assets/50805f331bb1b697aafb6f0c28b09212.woff2
Domain
auth.scotiaonline.scotiabank.com
URL
https://auth.scotiaonline.scotiabank.com/assets/0a9f36f23c26fbad0827f0a8ec86c908.woff
Domain
auth.scotiaonline.scotiabank.com
URL
https://auth.scotiaonline.scotiabank.com/resource/0dc52809a5rn168a4520adf9632ed93a
Domain
auth.scotiaonline.scotiabank.com
URL
https://auth.scotiaonline.scotiabank.com/assets/7e2a698e9980c7ba52f69a2717e97b86.woff
Domain
auth.scotiaonline.scotiabank.com
URL
https://auth.scotiaonline.scotiabank.com/assets/12b6c5fcbc2e61c7ba17f51cd9c2b8c0.ttf
Domain
auth.scotiaonline.scotiabank.com
URL
https://auth.scotiaonline.scotiabank.com/assets/64a8523319c68ca5e492309a68af4a9e.woff2
Domain
auth.scotiaonline.scotiabank.com
URL
https://auth.scotiaonline.scotiabank.com/assets/811a29d581fc684aa63616499cad4782.ttf
Domain
auth.scotiaonline.scotiabank.com
URL
https://auth.scotiaonline.scotiabank.com/resource/0dc52809a5rn168a4520adf9632ed93a

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| process object| LD_CONFIG object| REDUX_STATE object| webpackJsonp object| _cf object| _ac object| bmak number| bm_counter undefined| bm_script undefined| scripts undefined| bm_url undefined| url_split undefined| obfus_state_field undefined| state_field_str string| _sd_trace function| op object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| appEventData number| _dataLayerOverwriteMonitor function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s

35 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 05399028603764272351659135345195151838
.propteam.in/ Name: AMCVS_0AAF22CE52827A080A490D4D%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YZUTgwAAAHix2QQE
.dpm.demdex.net/ Name: dpm
Value: 05399028603764272351659135345195151838
.propteam.in/ Name: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C18949%7CMCMID%7C07512038307731476331879337927381081292%7CMCAAMLH-1637764611%7C6%7CMCAAMB-1637764611%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1637167011s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18956%7CvVersion%7C5.2.0
.mathtag.com/ Name: uuid
Value: 69026195-1383-4900-b5a5-36b59b90597e
.adnxs.com/ Name: uuid2
Value: 2052000274108067809
.doubleclick.net/ Name: IDE
Value: AHWqTUlUW45hmQluL6QMwDW8eqCFJlgFAvxBgTjJ36TjIAtEIw-CFElDL4A3ScEpaGY
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1tDAzMjc3tzCxMBfiM9QtTizJynPzTXUPiDeT4jU0MzY3NLW0MDQyMjcAAMsCSjc0AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvFxGtoZmxuaGppYWhkZG4AAJtZDSAQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1tDAzMjc3tzCxMBfiM9QtTizJynPzTXUPiDcDAKK6bqAlAAAA
.adsrvr.org/ Name: TDID
Value: a8850d71-6e84-4ace-a6a0-10cf053cfe95
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsI0I7bqbf4lDoQBRgFIAEoAjILCJ7Er9bN-JQ6EAU4AQ..
.eyeota.net/ Name: SERVERID
Value: 22760~DM
.quantserve.com/ Name: d
Value: EJEBDAHfJLmvYA
.quantserve.com/ Name: mc
Value: 61951384-bafee-c8a02-162ab
.yahoo.com/ Name: A3
Value: d=AQABBIQTlWECEHudBwKVQuexCYpnEH39-9o&S=AQAAApnZkMyeI0zDR7DaLQneNkA
.scorecardresearch.com/ Name: UID
Value: 1IV2JBSMQQQDSQJ2IHJDGQg1637159813
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: ae71693c6288d9ec65f94b72f806c2b9
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSEw1NzSzNE42M7KwSLFMTTYzTbM0STI3SrMwMEs2SrJkAILEqcKtIBoKAE%2F2Clw%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBInCrcCqSgAAATjAGP"
.casalemedia.com/ Name: CMID
Value: YZUThWDCDQJ3KreiWVVwoAAA
.casalemedia.com/ Name: CMPS
Value: 3267
.casalemedia.com/ Name: CMPRO
Value: 1140
.casalemedia.com/ Name: CMRUM3
Value: 58619513852760YZUTgwAAAHix2QQE
.casalemedia.com/ Name: CMST
Value: YZUThWGVE4UA
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2HaQHX/=o!@wnfH)iR8PMp-v=0BzB4fOhniJ%Bi_gj.IhwLebv6@!_%(2K:$doRL2xc>Hx7R)0HIQo$T''wzDYzIJ!!)0X*@0AW
.openx.net/ Name: i
Value: 9d210800-dbec-4772-b8c8-3675ba980a2a|1637159813
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YZUTgwAAAHix2QQE&KRTB&22978-YZUTgwAAAHix2QQE&KRTB&23194-YZUTgwAAAHix2QQE&KRTB&23209-YZUTgwAAAHix2QQE
.pubmatic.com/ Name: PugT
Value: 1637159812
.pubmatic.com/ Name: PUBMDCID
Value: 3
.spotxchange.com/ Name: audience
Value: cedd03ff-47b3-11ec-982c-107c10e90206
.demdex.net/ Name: dextp
Value: 269-1-1637159811685|358-1-1637159811802|601-1-1637159811917|771-1-1637159812020|822-1-1637159812121|1121-1-1637159812222|903-1-1637159812323|1175-1-1637159812424|22052-1-1637159812525|30064-1-1637159812626|30646-1-1637159812727|73426-1-1637159812828|121998-1-1637159812929|144230-1-1637159813029|144231-1-1637159813130|144232-1-1637159813231|144233-1-1637159813332|144234-1-1637159813433|144235-1-1637159813534|144236-1-1637159813635|144237-1-1637159813735|161033-1-1637159813836
.onaudience.com/ Name: cookie
Value: 499889d1a18f5ac0

31 Console Messages

Source Level URL
Text
network error URL: https://auth.scotiaonline.scotiabank.com/activation/runtime.c071eb6d27cee71efc0f.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: http://property.propteam.in/csss/a/access.php
Message:
Access to font at 'https://auth.scotiaonline.scotiabank.com/assets/15243e297f5364bd59f4088a864abbf7.woff' from origin 'http://property.propteam.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.scotiaonline.scotiabank.com/assets/15243e297f5364bd59f4088a864abbf7.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://property.propteam.in/csss/a/access.php
Message:
Access to font at 'https://auth.scotiaonline.scotiabank.com/assets/8fd30bd010d9e2c7677ec339685f958b.woff' from origin 'http://property.propteam.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.scotiaonline.scotiabank.com/assets/8fd30bd010d9e2c7677ec339685f958b.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://property.propteam.in/csss/a/access.php
Message:
Access to font at 'https://auth.scotiaonline.scotiabank.com/assets/8424a042624210828b0fbe7a8c533b2a.woff2' from origin 'http://property.propteam.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.scotiaonline.scotiabank.com/assets/8424a042624210828b0fbe7a8c533b2a.woff2
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://auth.scotiaonline.scotiabank.com/main.0229238f6886f9cbc714.chunk.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: http://property.propteam.in/csss/a/access.php
Message:
Access to font at 'https://auth.scotiaonline.scotiabank.com/assets/1e98970fd9c76545bbf1e1a377f4f3c2.woff2' from origin 'http://property.propteam.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.scotiaonline.scotiabank.com/assets/1e98970fd9c76545bbf1e1a377f4f3c2.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://property.propteam.in/csss/a/access.php
Message:
Access to font at 'https://auth.scotiaonline.scotiabank.com/assets/3ca6c3facf3966b88b55118f7821ee72.woff2' from origin 'http://property.propteam.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.scotiaonline.scotiabank.com/assets/3ca6c3facf3966b88b55118f7821ee72.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://property.propteam.in/csss/a/access.php
Message:
Access to font at 'https://auth.scotiaonline.scotiabank.com/assets/50805f331bb1b697aafb6f0c28b09212.woff2' from origin 'http://property.propteam.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.scotiaonline.scotiabank.com/assets/50805f331bb1b697aafb6f0c28b09212.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://property.propteam.in/csss/a/access.php
Message:
Access to XMLHttpRequest at 'https://auth.scotiaonline.scotiabank.com/resource/0dc52809a5rn168a4520adf9632ed93a' from origin 'http://property.propteam.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.scotiaonline.scotiabank.com/resource/0dc52809a5rn168a4520adf9632ed93a
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://auth.scotiaonline.scotiabank.com/activation/styles.cfa32f0262131d6476ad.css
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: http://property.propteam.in/csss/a/access.php
Message:
Access to font at 'https://auth.scotiaonline.scotiabank.com/assets/7e2a698e9980c7ba52f69a2717e97b86.woff' from origin 'http://property.propteam.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.scotiaonline.scotiabank.com/assets/7e2a698e9980c7ba52f69a2717e97b86.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://property.propteam.in/csss/a/access.php
Message:
Access to font at 'https://auth.scotiaonline.scotiabank.com/assets/00cecde981e3ef7491eba946f4b95fe0.woff' from origin 'http://property.propteam.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.scotiaonline.scotiabank.com/assets/00cecde981e3ef7491eba946f4b95fe0.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://property.propteam.in/csss/a/access.php
Message:
Access to font at 'https://auth.scotiaonline.scotiabank.com/assets/12b6c5fcbc2e61c7ba17f51cd9c2b8c0.ttf' from origin 'http://property.propteam.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.scotiaonline.scotiabank.com/assets/12b6c5fcbc2e61c7ba17f51cd9c2b8c0.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://property.propteam.in/csss/a/access.php
Message:
Access to font at 'https://auth.scotiaonline.scotiabank.com/assets/0a9f36f23c26fbad0827f0a8ec86c908.woff' from origin 'http://property.propteam.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.scotiaonline.scotiabank.com/assets/0a9f36f23c26fbad0827f0a8ec86c908.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://property.propteam.in/csss/a/access.php
Message:
Access to XMLHttpRequest at 'https://auth.scotiaonline.scotiabank.com/resource/0dc52809a5rn168a4520adf9632ed93a' from origin 'http://property.propteam.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.scotiaonline.scotiabank.com/resource/0dc52809a5rn168a4520adf9632ed93a
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://property.propteam.in/csss/a/access.php
Message:
Access to font at 'https://auth.scotiaonline.scotiabank.com/assets/64a8523319c68ca5e492309a68af4a9e.woff2' from origin 'http://property.propteam.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.scotiaonline.scotiabank.com/assets/64a8523319c68ca5e492309a68af4a9e.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://property.propteam.in/csss/a/access.php
Message:
Access to font at 'https://auth.scotiaonline.scotiabank.com/assets/811a29d581fc684aa63616499cad4782.ttf' from origin 'http://property.propteam.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.scotiaonline.scotiabank.com/assets/811a29d581fc684aa63616499cad4782.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.scorecardresearch.com
auth.scotiaonline.scotiabank.com
cdn.navdmp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
dmtags.scotiabank.com
dp2.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
match.adsrvr.org
ml314.com
navdmp.com
p.rfihub.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
property.propteam.in
ps.eyeota.net
scotiabank.demdex.net
somniture.scotiabank.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
us-u.openx.net
www.facebook.com
auth.scotiaonline.scotiabank.com
103.211.217.218
142.250.185.66
143.204.98.86
15.197.193.217
15.236.176.210
151.101.130.49
184.30.20.241
185.29.134.248
185.64.189.110
185.94.180.126
193.0.160.129
208.100.17.175
212.82.100.182
23.37.35.213
2606:4700::6810:bf3
2a02:26f0:6c00:2ab::51e
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.210.90
34.248.191.66
35.244.159.8
37.252.173.22
51.79.83.225
52.19.22.209
52.214.44.171
52.48.145.41
54.229.143.145
69.173.144.165
91.228.74.134
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1871f5b358946ad636000b037f359b7e4daf578e68ba5b9353009510caca62e2
3668352cee7c03431751e26e34aebf496fe874ae28a8b96c4481dc129b502822
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5efb393cf10db7ee157dcd3109179e7619633c7e8d17c5ab3eab1ea1278f6dd1
706680930e1e1255269fa5b64e71bae00c4b76c11714f01bf741c4986200bce8
7923c5df4689d8e2b03d4b24349057eb7415f9d70b6cd91975fd19814b402821
7aa387f2db11236e0a3d6e4124c33bbf9f588dff926a1454a92ce694fc84c620
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
a0484e1831b837c266bac198cf3d78b0309653b4cdfeb2937d3192d5501377c9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3c9da4fc5dae2f1b5724343f86a69ea137a80d5d89535d39bfe0a67eda9ca9f
cc86cf5dc3e4783dec807d1e8b3c1f0ab4cafaedd701b74c03cfd026749bfd88
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
df5fa52e44906aeb2386c235a9e5802570a5079ce1360b18e8b8926604ac5933
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629