www.et-interac.cf
Open in
urlscan Pro
2606:4700:30::6812:21e8
Malicious Activity!
Public Scan
Effective URL: http://www.et-interac.cf/rbaccess/?rbcgi3m01?F6=1&F7=IB&F21=IB&F22=IB&REQUEST=ClientSignin&LANGUAGE=ENGLISH&_ga=2.1674792...
Submission: On April 21 via automatic, source certstream-suspicious
Summary
This is the only time www.et-interac.cf was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: RBC (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 11 | 2606:4700:30:... 2606:4700:30::6812:20e8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
12 | 2606:4700:30:... 2606:4700:30::6812:21e8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
21 | 2 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.et-interac.cf |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.et-interac.cf |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
et-interac.cf
2 redirects
www.et-interac.cf |
109 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
23 | www.et-interac.cf |
2 redirects
www.et-interac.cf
|
21 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://www.et-interac.cf/rbaccess/?rbcgi3m01?F6=1&F7=IB&F21=IB&F22=IB&REQUEST=ClientSignin&LANGUAGE=ENGLISH&_ga=2.167479294.158341039.1536280642-160808513.1535356498
Frame ID: EDA424FF5DEFB1B50161916F038DD01D
Requests: 21 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.et-interac.cf/
HTTP 302
https://www.et-interac.cf/rbaccess?rbcgi3m01?F6=1&F7=IB&F21=IB&F22=IB&REQUEST=ClientSignin&LANGUAGE=EN... HTTP 301
http://www.et-interac.cf/rbaccess/?rbcgi3m01?F6=1&F7=IB&F21=IB&F22=IB&REQUEST=ClientSignin&LANGUAGE=E... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /cloudflare/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.et-interac.cf/
HTTP 302
https://www.et-interac.cf/rbaccess?rbcgi3m01?F6=1&F7=IB&F21=IB&F22=IB&REQUEST=ClientSignin&LANGUAGE=ENGLISH&_ga=2.167479294.158341039.1536280642-160808513.1535356498 HTTP 301
http://www.et-interac.cf/rbaccess/?rbcgi3m01?F6=1&F7=IB&F21=IB&F22=IB&REQUEST=ClientSignin&LANGUAGE=ENGLISH&_ga=2.167479294.158341039.1536280642-160808513.1535356498 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.et-interac.cf/rbaccess/ Redirect Chain
|
22 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search-ask-style.css
www.et-interac.cf/rbaccess/index_files/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notifications.css
www.et-interac.cf/rbaccess/index_files/ |
16 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
www.et-interac.cf/rbaccess/index_files/ |
120 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
master.css
www.et-interac.cf/rbaccess/index_files/ |
20 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibsignin.css
www.et-interac.cf/rbaccess/index_files/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rbc-icons.css
www.et-interac.cf/rbaccess/index_files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
www.et-interac.cf/rbaccess/index_files/ |
26 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
www.et-interac.cf/rbaccess/index_files/ |
132 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_rbc-royalbank-en.svg
www.et-interac.cf/rbaccess/index_files/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
win.png
www.et-interac.cf/rbaccess/index_files/ |
196 B 566 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
info.png
www.et-interac.cf/rbaccess/index_files/ |
752 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tooltipPeak.png
www.et-interac.cf/rbaccess/index_files/ |
259 B 629 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
window.png
www.et-interac.cf/rbaccess/index_files/ |
202 B 572 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
!.png
www.et-interac.cf/rbaccess/index_files/ |
237 B 607 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print.css
www.et-interac.cf/rbaccess/index_files/ |
1 KB 932 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
level1-bg-1px.gif
www.et-interac.cf/uos/common/images/navigation/mainnav/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sign-in_bg_image.jpg
www.et-interac.cf/uos/3m/images/ |
12 KB 12 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chevron.png
www.et-interac.cf/uos/common/images/dropdown/ |
12 KB 12 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rbc-icons.ttf
www.et-interac.cf/rbaccess/index_files/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rbc-icons.woff
www.et-interac.cf/rbaccess/index_files/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: RBC (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.et-interac.cf/ | Name: __cfduid Value: dab1724762e6a224389d2e8b4772792c01555887876 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.et-interac.cf
2606:4700:30::6812:20e8
2606:4700:30::6812:21e8
06e391b59a495e9ac7c3a3e39ffe7c23bd03cd04a5848045d5df8d3229b71a74
0d2fe9c96779a3b94d0fdec6f2d529b6c0d026fa9efe0e19713567ab1eee629f
19bcafaf0e0debc1a31a40954306bd4c92a855c32b9240f9636512289966b7c0
2a718c6cb5c6a8984aa0f9b09e823732517c1bb88fd5271ffa9172fdcb77d283
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
3ba5c75dbbfead088f2599735c2723f2cac7dbfd0fe10c9f5e5e43aaae8b190a
4038ca97d453d82539bacfdf65907f500718e9e8f7c43a928d13ee08ddcf59dc
5ebd4e99e10ea98455582e5949a0d1bda24645b23971cd3e322eeea55f9b1c48
6ead605c2981b0de5b13580f38311da6417b40e7f3878386b9d112c3e50d1d32
7284ca93a82537e5ce5a2dc4e885afe556400dd9670c15294f504ffc7834c4d9
86b74c899f1dfa5ba6c83d6427926c6ed010d1d13692946267ac14c38be62ed3
8b07049e4084739ac3505f0d894136701f4a253fca86e60cf80b55cdae734b26
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
98ba8856cceb8c45e6dd82a88598479d9e46ae0b69343d2e0fc3d06fe3e88cf8
a2114ac0916e61a1a9c2a0783d3325253a990ae244972ae3eb324cac9bfeab48
b56852945cd012472f07f082bd3e59c610abba9b2dd78f860e1fa997248c2a5b
c025fe10b70b9bc39444dd1c22c32cd1400ece918ab6634b75ba7f641ee069fa
ccbb2e089268bd7f982749a652541e16bca5351f329fe540f9365ee94ee176c9