urlscan.io logo urlscan.io
SecurityTrails logo

mobile.acc-user-info.live Open in urlscan Pro
111.90.151.66  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mobile.acc-user-info.live/directing/royalbank/logging.php
Effective URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Submission: On September 20 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 26 HTTP transactions. The main IP is 111.90.151.66, located in Malaysia and belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY. The main domain is mobile.acc-user-info.live.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on September 17th 2021. Valid for: 3 months.
This is the only time mobile.acc-user-info.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: RBC (Banking)

Domain & IP information

IP Address AS Autonomous System
3 111.90.151.66 45839 (SHINJIRU-...)
23 104.89.41.118 16625 (AKAMAI-AS)
26 2
Apex Domain
Subdomains		 Transfer
23 royalbank.com
www1.royalbank.com
109 KB
3 acc-user-info.live
mobile.acc-user-info.live
6 KB
26 2
Domain Requested by
23 www1.royalbank.com mobile.acc-user-info.live
www1.royalbank.com
3 mobile.acc-user-info.live mobile.acc-user-info.live
www1.royalbank.com
26 2

This site contains no links.

Subject Issuer Validity Valid
mobile.acc-user-info.live
ZeroSSL RSA Domain Secure Site CA		 2021-09-17 -
2021-12-16		 3 months crt.sh
www1.royalbank.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-03-13 -
2022-03-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Frame ID: 13C5F1412B142EDAEA43E5FA8A698857
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RBC Financial Group - Onlιne bankιng

Page URL History Show full URLs

  1. https://mobile.acc-user-info.live/directing/royalbank/logging.php Page URL
  2. https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

115 kB
Transfer

287 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mobile.acc-user-info.live/directing/royalbank/logging.php Page URL
  2. https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
logging.php
mobile.acc-user-info.live/directing/royalbank/ 		842 B
683 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mobile.acc-user-info.live/directing/royalbank/logging.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
111.90.151.66 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
server1.kamon.la
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Host
mobile.acc-user-info.live
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 20 Sep 2021 01:04:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
431
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Primary Request rbcgi3m01.php
mobile.acc-user-info.live/directing/royalbank/ 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/logging.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
111.90.151.66 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
server1.kamon.la
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
c1417ebc3497d2f99a841b6fb11b0a75610114cd51bf1c9e67e4db5556988ad5

Request headers

Host
mobile.acc-user-info.live
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://mobile.acc-user-info.live/directing/royalbank/logging.php
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/directing/royalbank/logging.php

Response headers

Date
Mon, 20 Sep 2021 01:04:46 GMT
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
4753
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
common.css
www1.royalbank.com/uos/common/css/ 		132 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/css/common.css?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
067167a8d5b836db9aca44194f8410a50f47183939a1c9410c1d956f3b218151

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:47 GMT
content-encoding
gzip
last-modified
Sun, 26 Apr 2020 20:36:53 GMT
etag
"8bdf7a9b-21187-5a4378f024340"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
text/css
content-length
33530
legacy.css
www1.royalbank.com/uos/common/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/css/legacy.css?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
252e7a9efba0b935d299903b9c83577bcc54e4fd8514d75b65f3d861a42f9934

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:46 GMT
content-encoding
gzip
last-modified
Tue, 08 Dec 2009 18:10:32 GMT
etag
"c5bf7a9e-242a-47a3b7d60d600"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
text/css
content-length
2007
main01.css
www1.royalbank.com/uos/common/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/css/main01.css?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5a73fb5417eeb388e5552badddcee2634a0e10ebd05554e9763fd900d3fd8177

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Nov 2017 17:31:37 GMT
etag
"c5bf7aa0-162c-55d035c37d040"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
text/css
content-length
2045
main02.css
www1.royalbank.com/uos/common/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/css/main02.css?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a305d558dc77defeea6e5684c20d52d6046c9bcfe87c147a198366bdf48e528

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:47 GMT
content-encoding
gzip
last-modified
Tue, 08 Dec 2009 18:10:03 GMT
etag
"c5bf7aa1-1583-47a3b7ba654c0"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
text/css
content-length
1626
tabs.css
www1.royalbank.com/uos/common/css/ 		394 B
551 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/css/tabs.css?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
36eaf89e51905a0f7788c6d943bfecb6548a736523fefe6eacd8d28fc25604dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:46 GMT
content-encoding
gzip
last-modified
Mon, 21 Sep 2009 19:54:31 GMT
etag
"c5bf7aa4-18a-4741bd9a12bc0"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
text/css
content-length
240
utilities.js
www1.royalbank.com/uos/common/javascript/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/javascript/utilities.js?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcee925b86c9dc20c55d6cfe449c5e275bfff1c8b26093049ecd91f7387a6be1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:46 GMT
content-encoding
gzip
last-modified
Fri, 27 Jan 2017 20:21:38 GMT
etag
"c5b9c3f0-6758-5471936851880"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
application/x-javascript
content-length
8758
browser.js
www1.royalbank.com/uos/common/javascript/ 		1 KB
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/javascript/browser.js?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
954f11889044377bc8043db7e1d78defdc3ea669d23a874836e26cb37e0d1e75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:46 GMT
content-encoding
gzip
last-modified
Mon, 21 Sep 2009 20:02:17 GMT
etag
"c5bba19a-5a3-4741bf567c440"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
application/x-javascript
content-length
641
event.js
www1.royalbank.com/uos/common/javascript/ie/ 		1 KB
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/javascript/ie/event.js?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4aa8e3502591eeb1edba3ec7ea29a36ba9a07311caf46e68d4178b34ff5fe08f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:46 GMT
content-encoding
gzip
last-modified
Mon, 21 Sep 2009 20:02:24 GMT
etag
"c5bba190-40f-4741bf5d29400"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
application/x-javascript
content-length
402
event.js
www1.royalbank.com/uos/common/javascript/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/javascript/event.js?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8d3f4ae7f18161c78bfdb9fbd3efdd9406fd7abeffbd9efdbc0d1746db18e0c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:46 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2009 18:10:40 GMT
etag
"c5b9c3e5-272c-476ee98852800"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
application/x-javascript
content-length
2762
kiosk.js
www1.royalbank.com/uos/common/javascript/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/javascript/kiosk.js?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4b49307ee683cc466f6cb2da1281bc9c81e53b4cba01f08a201ea064c71cddde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:46 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2019 19:54:42 GMT
etag
"c5b9c3e7-228e-583ff2d368480"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
1
accept-ranges
bytes
content-type
application/x-javascript
content-length
2285
buttons.js
www1.royalbank.com/uos/common/javascript/ 		809 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/javascript/buttons.js?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0de1fda4ccdc98c71815349366f366dc1a2dd70cc74ceca7ac8c640fa89e0eb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:46 GMT
content-encoding
gzip
last-modified
Mon, 21 Sep 2009 20:02:17 GMT
etag
"c5bba19b-329-4741bf567c440"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
application/x-javascript
content-length
401
cookie.js
www1.royalbank.com/uos/common/javascript/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/javascript/cookie.js?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
10571cea5731cddfe7d9e3517b771d62f57465f400c5bc913a3afdf3110dcd44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:46 GMT
content-encoding
gzip
last-modified
Fri, 21 Aug 2020 16:39:09 GMT
etag
"c5b9c3de-1065-5ad65e03dc540"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
application/x-javascript
content-length
1746
header_dates.js
www1.royalbank.com/uos/common/javascript/ 		604 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/javascript/header_dates.js?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
98c78457205f4d18ac824dbc8c1d2576629d2a5264e8ebbf5a37494d663c3fea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:46 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2009 18:10:40 GMT
etag
"c5ba77c4-25c-476ee98852800"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
application/x-javascript
content-length
379
safaricss.js
www1.royalbank.com/uos/common/javascript/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/javascript/safaricss.js?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
rbc_royalbank_en.gif
www1.royalbank.com/uos/common/images/logos/web/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.royalbank.com/uos/common/images/logos/web/rbc_royalbank_en.gif
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60a22a3e93c410bc31c758f048c0c54e408690cb887f4cafc9db3ae54765f198

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:46 GMT
last-modified
Mon, 21 Sep 2009 20:01:15 GMT
etag
"c5bf184c-9ba-4741bf1b5b8c0"
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
image/gif
content-length
2490
rsa.js
www1.royalbank.com/uos/common/javascript/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/javascript/rsa.js
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
75c52278c80028534c29dab9dfb846ea38783ff6b6c9bf43b9a3283635269bb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:46 GMT
content-encoding
gzip
last-modified
Mon, 31 May 2010 17:42:23 GMT
etag
"c5bf0e9e-5f2c-487e76117fdc0"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
application/x-javascript
content-length
8808
chevron.gif
www1.royalbank.com/uos/common/images/buttons/ 		73 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.royalbank.com/uos/common/images/buttons/chevron.gif
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a3fd2e07fecbbfd8898786ea9b6ed19c118d77af0fc2cbfedb58917cf75c2dc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:47 GMT
last-modified
Mon, 21 Sep 2009 19:54:41 GMT
etag
"68c69-49-4741bda39c240"
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
1
accept-ranges
bytes
content-type
image/gif
content-length
73
x-dynatrace
PT=409751546;PA=272582195;SP=XQF0 TWS Infrastructure;PS=-1440303390
print.css
www1.royalbank.com/uos/common/css/ 		1 KB
971 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/css/print.css?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ba5c75dbbfead088f2599735c2723f2cac7dbfd0fe10c9f5e5e43aaae8b190a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:47 GMT
content-encoding
gzip
last-modified
Tue, 01 Dec 2009 18:54:57 GMT
etag
"8bdf7aa2-5d4-479af4b55e240"
vary
Accept-Encoding
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
2
accept-ranges
bytes
content-type
text/css
content-length
658
event.js
mobile.acc-user-info.live/uos/common/javascript/dom/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mobile.acc-user-info.live/uos/common/javascript/dom/event.js
Requested by
Host: www1.royalbank.com
URL: https://www1.royalbank.com/uos/common/javascript/event.js?6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
111.90.151.66 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
server1.kamon.la
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
mobile.acc-user-info.live
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 20 Sep 2021 01:04:47 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
288
Content-Type
text/html; charset=iso-8859-1
bg-standard.gif
www1.royalbank.com/uos/common/images/layout/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.royalbank.com/uos/common/images/layout/bg-standard.gif
Requested by
Host: www1.royalbank.com
URL: https://www1.royalbank.com/uos/common/css/legacy.css?6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5a9896fd1307cd571282bca32397d18cf3fecb8696503e66bf94edd1434facc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.royalbank.com/uos/common/css/legacy.css?6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:47 GMT
last-modified
Mon, 21 Sep 2009 20:00:52 GMT
etag
"c5bfdc2e-3ae5-4741bf056c500"
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
1
accept-ranges
bytes
content-type
image/gif
content-length
15077
safaricss.js
www1.royalbank.com/uos/common/javascript/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www1.royalbank.com/uos/common/javascript/safaricss.js?6
Requested by
Host: mobile.acc-user-info.live
URL: https://mobile.acc-user-info.live/directing/royalbank/rbcgi3m01.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mobile.acc-user-info.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
secure-bg.gif
www1.royalbank.com/uos/common/images/header/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.royalbank.com/uos/common/images/header/secure-bg.gif
Requested by
Host: www1.royalbank.com
URL: https://www1.royalbank.com/uos/common/css/common.css?6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
775bd9df2c430495e3622fefc74b708cdb16b1ea9afbe4f185be00aea9151257

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.royalbank.com/uos/common/css/common.css?6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:47 GMT
last-modified
Mon, 21 Sep 2009 20:00:03 GMT
etag
"8bda5056-1599-4741bed6b16c0"
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
1
accept-ranges
bytes
content-type
image/gif
content-length
5529
secondary-bg.gif
www1.royalbank.com/uos/common/images/buttons/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.royalbank.com/uos/common/images/buttons/secondary-bg.gif
Requested by
Host: www1.royalbank.com
URL: https://www1.royalbank.com/uos/common/css/common.css?6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1836a71ef2b5ef314e45a077db071502001826c00ba953fbb81e4cfa4681e03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.royalbank.com/uos/common/css/common.css?6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:47 GMT
last-modified
Mon, 21 Sep 2009 19:54:52 GMT
etag
"3e08b-1503-4741bdae19b00"
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
1
accept-ranges
bytes
content-type
image/gif
content-length
5379
x-dynatrace
PT=233545367;PA=1714253503;SP=XQF0 TWS Infrastructure;PS=-1440303390
primary-bg.gif
www1.royalbank.com/uos/common/images/buttons/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.royalbank.com/uos/common/images/buttons/primary-bg.gif
Requested by
Host: www1.royalbank.com
URL: https://www1.royalbank.com/uos/common/css/common.css?6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.41.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-41-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d2b61727ae1d441e8b28c19b71c975358c32a43bf7d4dfdb69c1a1542ab5dce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.royalbank.com/uos/common/css/common.css?6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:04:47 GMT
last-modified
Mon, 21 Sep 2009 19:54:50 GMT
etag
"3e087-2612-4741bdac31680"
p3p
policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
x-edgeconnect-cache-status
1
accept-ranges
bytes
content-type
image/gif
content-length
9746
x-dynatrace
PT=960502098;PA=1665942362;SP=XQF0 TWS Infrastructure;PS=-1440303390

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: RBC (Banking)

256 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| popup function| popupHelp function| popupFlash function| popupPrint function| popupThirdparty function| popupNewbrowser function| popupNonhtml function| stripe function| getElementsByClass function| toggleIcon function| toggleIconFrench function| toggleHelpInline function| toggleHelpInlineFrench function| xstooltip_findPosX function| xstooltip_findPosY function| toggleHelpAbsolute function| toggleHelpAbsoluteForStopPayments function| toggleHelpAbsoluteForStopPaymentsFrench function| toggleHelpAbsoluteFrench function| hidejshideObject function| hidejsaccessiblehideObject function| ddtabcontent function| addLoadEvent function| niceSelect boolean| browser_DOM boolean| browser_NS4 boolean| browser_IE boolean| browser_IE4 boolean| browser_MAC boolean| browser_IE4M string| browser_Path string| browser_BaseDir string| browser_PathDOM string| browser_PathNS4 string| browser_PathIE string| browser_PathIE4 string| browser_PathMAC string| browser_PathIE4M string| browser_PathALL object| browser_JSArray function| browser_IncludeJS function| browser_AddJS function| browser_ExistJS function| event_fix function| event_addOnLoad function| event_remOnLoad function| event_delOnLoad function| event_onLoad function| event_addOnUnload function| event_remOnUnload function| event_delOnUnload function| event_onUnload function| event_addOnFocusForm function| event_remOnFocusForm function| event_delOnFocusForm function| event_onFocusForm function| event_addOnBlurForm function| event_remOnBlurForm function| event_delOnBlurForm function| event_onBlurForm function| event_addOnFocus function| event_remOnFocus function| event_delOnFocus function| event_onFocus function| event_addOnBlur function| event_remOnBlur function| event_delOnBlur function| event_onBlur function| event_addMouseDown function| event_remMouseDown function| event_delMouseDown function| event_mouseDown function| event_addMouseUp function| event_remMouseUp function| event_delMouseUp function| event_mouseUp function| event_addMouseMove function| event_remMouseMove function| event_delMouseMove function| event_mouseMove function| event_addDblClick function| event_remDblClick function| event_delDblClick function| event_dblClick function| event_addKeyPress function| event_remKeyPress function| event_delKeyPress function| event_keyPress function| event_addKeyUp function| event_remKeyUp function| event_delKeyUp function| event_keyUp function| event_addKeyDown function| event_remKeyDown function| event_delKeyDown function| event_keyDown function| event_addValidation function| event_remValidation function| event_delValidation function| event_doEventValidation function| event_doValidation function| event_event function| event_setCurrentField function| event_setCurrentForm function| event_PostValue function| event_addArray function| event_remArray function| event_existArray function| event_mouseOver function| event_ActivateEvents object| event_OnLoadArray object| event_OnUnloadArray object| event_OnFocusFormArray object| event_OnBlurFormArray object| event_OnFocusArray object| event_OnBlurArray object| event_MouseDownArray object| event_MouseUpArray object| event_MouseOverArray object| event_MouseMoveArray object| event_DblClickArray object| event_KeyPressArray object| event_KeyUpArray object| event_KeyDownArray object| event_ValidationArray object| event_CurrentField object| event_CurrentForm string| event_CurrentFieldValue object| event_MESelect number| event_BaseKey number| event_AltKey number| event_CtrlKey number| event_ShiftKey boolean| event_ListenersDone number| kiosk_Type1X number| kiosk_Type1Y number| kiosk_Type1W number| kiosk_Type1H string| kiosk_Type1R string| kiosk_Type1C number| kiosk_Type2X number| kiosk_Type2Y number| kiosk_Type2W number| kiosk_Type2H string| kiosk_Type2R string| kiosk_Type2C number| kiosk_Type3X number| kiosk_Type3Y number| kiosk_Type3W number| kiosk_Type3H string| kiosk_Type3R string| kiosk_Type3C number| kiosk_Type4X number| kiosk_Type4Y number| kiosk_Type4W number| kiosk_Type4H string| kiosk_Type4R string| kiosk_Type4C number| kiosk_Type5X number| kiosk_Type5Y number| kiosk_Type5W number| kiosk_Type5H string| kiosk_Type5R string| kiosk_Type5C number| kiosk_Type6X number| kiosk_Type6Y number| kiosk_Type6W number| kiosk_Type6H string| kiosk_Type6R string| kiosk_Type6C number| kiosk_Type7X number| kiosk_Type7Y number| kiosk_Type7W number| kiosk_Type7H string| kiosk_Type7R string| kiosk_Type7C number| kiosk_Type8X number| kiosk_Type8Y number| kiosk_Type8W number| kiosk_Type8H string| kiosk_Type8R string| kiosk_Type8C number| kiosk_Type9X number| kiosk_Type9Y number| kiosk_Type9W number| kiosk_Type9H string| kiosk_Type9R string| kiosk_Type9C number| kiosk_Type10X number| kiosk_Type10Y number| kiosk_Type10W number| kiosk_Type10H string| kiosk_Type10R string| kiosk_Type10C number| kiosk_Type11X number| kiosk_Type11Y number| kiosk_Type11W number| kiosk_Type11H string| kiosk_Type11R string| kiosk_Type11C string| kiosk_Type12C string| kiosk_Type13R number| kiosk_Type14X number| kiosk_Type14Y string| kiosk_Type14R function| kiosk_SetPropsRTS function| kiosk_SetPropsRTB function| kiosk_SetPropsVCTS function| kiosk_SetPropsVCTB function| kiosk_SetPropsCTS function| kiosk_SetPropsCTB function| kiosk_Open function| kiosk_Close function| kiosk_Win function| kiosk_OpenWinRTS function| kiosk_OpenWinRTB function| kiosk_OpenWinVCTS function| kiosk_OpenWinVCTB function| kiosk_OpenWinCTS function| kiosk_OpenWinCTB function| kiosk_AreYouSure function| buttons_ButtonPreload function| buttons_ButtonPreload_release function| buttons_ButtonPreload_press function| buttons_ButtonPreload_oneClick function| buttons_RadioButtonSubmit function| rbcSetCookie function| rbcDeleteCookie function| rbcGetCookie function| EdsShouldntGetSameSiteNoneFull function| shouldntGetSameSiteNoneFull function| shouldntGetSameSiteNone function| isOlderUcBrowser function| dates_currentDate function| shellExpired function| checkOnFocusForm string| SEP string| PAIR function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| FingerPrint function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| add_deviceprint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| v3mRSA_GetData object| c3mbp

1 Cookies

Domain/Path Name / Value
mobile.acc-user-info.live/ Name: F100
Value: 1/WX5/2F-6fGkqLkFcS.N9LYG6foKJloaPm-jbIv1NCBA1pOmFEezmPC8YyqcL5cOY4kZ8CBUlnyxKvUQdoACINaU6qg__/GQAAAA__/S0/PB

3 Console Messages

Source Level URL
Text
network error URL: https://www1.royalbank.com/uos/common/javascript/safaricss.js?6
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mobile.acc-user-info.live/uos/common/javascript/dom/event.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://www1.royalbank.com/uos/common/javascript/safaricss.js?6
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mobile.acc-user-info.live
www1.royalbank.com
104.89.41.118
111.90.151.66
067167a8d5b836db9aca44194f8410a50f47183939a1c9410c1d956f3b218151
0de1fda4ccdc98c71815349366f366dc1a2dd70cc74ceca7ac8c640fa89e0eb0
10571cea5731cddfe7d9e3517b771d62f57465f400c5bc913a3afdf3110dcd44
252e7a9efba0b935d299903b9c83577bcc54e4fd8514d75b65f3d861a42f9934
36eaf89e51905a0f7788c6d943bfecb6548a736523fefe6eacd8d28fc25604dc
3ba5c75dbbfead088f2599735c2723f2cac7dbfd0fe10c9f5e5e43aaae8b190a
4aa8e3502591eeb1edba3ec7ea29a36ba9a07311caf46e68d4178b34ff5fe08f
4b49307ee683cc466f6cb2da1281bc9c81e53b4cba01f08a201ea064c71cddde
5a73fb5417eeb388e5552badddcee2634a0e10ebd05554e9763fd900d3fd8177
5a9896fd1307cd571282bca32397d18cf3fecb8696503e66bf94edd1434facc4
60a22a3e93c410bc31c758f048c0c54e408690cb887f4cafc9db3ae54765f198
6a305d558dc77defeea6e5684c20d52d6046c9bcfe87c147a198366bdf48e528
75c52278c80028534c29dab9dfb846ea38783ff6b6c9bf43b9a3283635269bb8
775bd9df2c430495e3622fefc74b708cdb16b1ea9afbe4f185be00aea9151257
8d3f4ae7f18161c78bfdb9fbd3efdd9406fd7abeffbd9efdbc0d1746db18e0c0
954f11889044377bc8043db7e1d78defdc3ea669d23a874836e26cb37e0d1e75
98c78457205f4d18ac824dbc8c1d2576629d2a5264e8ebbf5a37494d663c3fea
a3fd2e07fecbbfd8898786ea9b6ed19c118d77af0fc2cbfedb58917cf75c2dc3
b1836a71ef2b5ef314e45a077db071502001826c00ba953fbb81e4cfa4681e03
c1417ebc3497d2f99a841b6fb11b0a75610114cd51bf1c9e67e4db5556988ad5
d2b61727ae1d441e8b28c19b71c975358c32a43bf7d4dfdb69c1a1542ab5dce0
fcee925b86c9dc20c55d6cfe449c5e275bfff1c8b26093049ecd91f7387a6be1