![](/screenshots/f66b7af7-f1b5-402d-8e8c-78b36c5216d4.png)
secure-refundscad.com
Open in
urlscan Pro
162.241.224.32
Malicious Activity!
Public Scan
Effective URL: http://secure-refundscad.com/secure/rbc/cgi-bin/rbaccess/index.php?F6=1&F7=IB&F21=IB&F22=IB&REQUEST=ClientSignin&LANGUAGE=ENG...
Submission: On October 16 via automatic, source twitter_illegalFawn
Summary
This is the only time secure-refundscad.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: RBC (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 162.241.224.32 162.241.224.32 | 20013 (CYRUSONE) (CYRUSONE - CyrusOne LLC) | |
39 | 104.108.35.167 104.108.35.167 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
5 | 104.108.55.144 104.108.55.144 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 3 | 104.108.37.182 104.108.37.182 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 216.250.63.34 216.250.63.34 | 22758 (SAPIENT-DCO) (SAPIENT-DCO - Sapient Corporation) | |
1 | 2.21.246.11 2.21.246.11 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
52 | 7 |
ASN20013 (CYRUSONE - CyrusOne LLC, US)
PTR: box5153.bluehost.com
secure-refundscad.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-35-167.deploy.static.akamaitechnologies.com
www1.royalbank.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-55-144.deploy.static.akamaitechnologies.com
www.rbcroyalbank.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-37-182.deploy.static.akamaitechnologies.com
stats.royalbank.com |
ASN22758 (SAPIENT-DCO - Sapient Corporation, US)
PTR: rbc.bridgetrack.com
rbc.bridgetrack.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
42 |
royalbank.com
1 redirects
www1.royalbank.com stats.royalbank.com |
208 KB |
5 |
rbcroyalbank.com
www.rbcroyalbank.com |
5 KB |
2 |
secure-refundscad.com
1 redirects
secure-refundscad.com |
10 KB |
1 |
edgesuite.net
rbc.bridgetrack.com.edgesuite.net |
26 KB |
1 |
bridgetrack.com
rbc.bridgetrack.com |
545 B |
52 | 5 |
Domain | Requested by | |
---|---|---|
39 | www1.royalbank.com |
secure-refundscad.com
|
5 | www.rbcroyalbank.com |
secure-refundscad.com
|
3 | stats.royalbank.com |
1 redirects
www1.royalbank.com
secure-refundscad.com |
2 | secure-refundscad.com |
1 redirects
secure-refundscad.com
|
1 | rbc.bridgetrack.com.edgesuite.net |
secure-refundscad.com
|
1 | rbc.bridgetrack.com |
www1.royalbank.com
|
52 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www1.royalbank.com |
www.rbcroyalbank.com |
www.rbc.com |
rbc.bridgetrack.com |
maps.rbc.com |
www.rbcadvicecentre.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www1.royalbank.com Symantec Class 3 Secure Server CA - G4 |
2017-08-09 - 2018-08-09 |
a year | crt.sh |
rbcroyalbank.com Symantec Class 3 Secure Server CA - G4 |
2017-09-26 - 2018-09-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://secure-refundscad.com/secure/rbc/cgi-bin/rbaccess/index.php?F6=1&F7=IB&F21=IB&F22=IB&REQUEST=ClientSignin&LANGUAGE=ENGLISH
Frame ID: 15205.1
Requests: 53 HTTP requests in this frame
Screenshot
![](/screenshots/f66b7af7-f1b5-402d-8e8c-78b36c5216d4.png)
Page URL History Show full URLs
-
http://secure-refundscad.com/secure/rbc/
HTTP 302
http://secure-refundscad.com/secure/rbc/cgi-bin/rbaccess/index.php?F6=1&F7=IB&F21=IB&F22=IB&REQUEST=Clien... Page URL
Detected technologies
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Detected patterns
- script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
23 Outgoing links
These are links going to different origins than the main page.
Title: Fran�ais
Search URL Search Domain Scan URL
Title: Bank Accounts
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Mortgages
Search URL Search Domain Scan URL
Title: Lines and Loans
Search URL Search Domain Scan URL
Title: Investments
Search URL Search Domain Scan URL
Title: Advice
Search URL Search Domain Scan URL
Title: Learn More About RBC Security Guarantee
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Report a lost or Stolen Card
Search URL Search Domain Scan URL
Title: Pre-Authorized Bill Payment
Search URL Search Domain Scan URL
Title: Interac* Online
Search URL Search Domain Scan URL
Title: Order Cheques
Search URL Search Domain Scan URL
Title: General Inquiries
Search URL Search Domain Scan URL
Title: Open an Account
Search URL Search Domain Scan URL
Title: Branch & ATM Locator
Search URL Search Domain Scan URL
Title: Online Banking
Search URL Search Domain Scan URL
Title: Additional Service Fees
Search URL Search Domain Scan URL
Title: CDIC Information
Search URL Search Domain Scan URL
Title: Service Charge and Interest Rates (Opens new window)
Search URL Search Domain Scan URL
Title: Protecting Your Privacy
Search URL Search Domain Scan URL
Title: Customer Information on Fraud
Search URL Search Domain Scan URL
Title: RBC Advice Centre
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://secure-refundscad.com/secure/rbc/
HTTP 302
http://secure-refundscad.com/secure/rbc/cgi-bin/rbaccess/index.php?F6=1&F7=IB&F21=IB&F22=IB&REQUEST=ClientSignin&LANGUAGE=ENGLISH Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 41- http://stats.royalbank.com/dcsfbtcj225n6q6lh1yqseu6e_9r2x/dcs.gif?&dcsdat=1508145169253&dcssip=secure-refundscad.com&dcsuri=https://www1.royalbank.com/english/olb/banking/sign-in.htm&dcsqry=%3FF6=1%26F7=IB%26F21=IB%26F22=IB%26REQUEST=ClientSignin%26LANGUAGE=ENGLISH&WT.tz=0&WT.bh=9&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=RBC%20Royal%20Bank%20-%20Sign%20In%20to%20Online%20Banking&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=9.4.0&WT.dl=0&WT.ssl=0&WT.es=secure-refundscad.com/secure/rbc/cgi-bin/rbaccess/index.php&WT.vt_f_a=2&WT.vt_f=2 HTTP 303
- http://stats.royalbank.com/dcsfbtcj225n6q6lh1yqseu6e_9r2x/dcs.gif?dcsredirect=1&dcsdat=1508145169253&dcssip=secure-refundscad.com&dcsuri=https://www1.royalbank.com/english/olb/banking/sign-in.htm&dcsqry=%3FF6=1%26F7=IB%26F21=IB%26F22=IB%26REQUEST=ClientSignin%26LANGUAGE=ENGLISH&WT.tz=0&WT.bh=9&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=RBC%20Royal%20Bank%20-%20Sign%20In%20to%20Online%20Banking&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=9.4.0&WT.dl=0&WT.ssl=0&WT.es=secure-refundscad.com/secure/rbc/cgi-bin/rbaccess/index.php&WT.vt_f_a=2&WT.vt_f=2
- http://secure-refundscad.com/uos/common/javascript/dom/event.js HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=52943cfc18a94a8e1cba8798f47fe3b552943cfc18a94a8e1cba8798f47fe3b5&session=52943cfc18a94a8e1cba8798f47fe3b552943cfc18a94a8e1cba8798f47fe3b5 HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=777b764052c6bcc82e77c7447b329bcc777b764052c6bcc82e77c7447b329bcc&session=777b764052c6bcc82e77c7447b329bcc777b764052c6bcc82e77c7447b329bcc HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=9a8c7417434bd74ee12ad14274b8f8cf9a8c7417434bd74ee12ad14274b8f8cf&session=9a8c7417434bd74ee12ad14274b8f8cf9a8c7417434bd74ee12ad14274b8f8cf HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=5453171d2c48b635caf44ae9d50a27b55453171d2c48b635caf44ae9d50a27b5&session=5453171d2c48b635caf44ae9d50a27b55453171d2c48b635caf44ae9d50a27b5 HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=33b93869c4eeafb823decadb0ff0596533b93869c4eeafb823decadb0ff05965&session=33b93869c4eeafb823decadb0ff0596533b93869c4eeafb823decadb0ff05965 HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=3164465ce07f4da9c001c08e2e3a25073164465ce07f4da9c001c08e2e3a2507&session=3164465ce07f4da9c001c08e2e3a25073164465ce07f4da9c001c08e2e3a2507 HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=ef73ccbb7a42a0c84d7df908fa3a9778ef73ccbb7a42a0c84d7df908fa3a9778&session=ef73ccbb7a42a0c84d7df908fa3a9778ef73ccbb7a42a0c84d7df908fa3a9778 HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=cbaaeb41ce0204bf21006933291290fbcbaaeb41ce0204bf21006933291290fb&session=cbaaeb41ce0204bf21006933291290fbcbaaeb41ce0204bf21006933291290fb HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=32d88620cdd5aaced94d2563b76dccab32d88620cdd5aaced94d2563b76dccab&session=32d88620cdd5aaced94d2563b76dccab32d88620cdd5aaced94d2563b76dccab HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=09010d2d8b27007bcba94260503ad9e909010d2d8b27007bcba94260503ad9e9&session=09010d2d8b27007bcba94260503ad9e909010d2d8b27007bcba94260503ad9e9 HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=0da3ff3b6d85940aec7d14ebd727f2930da3ff3b6d85940aec7d14ebd727f293&session=0da3ff3b6d85940aec7d14ebd727f2930da3ff3b6d85940aec7d14ebd727f293 HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=062e7d148511ca08c31ad17868150aca062e7d148511ca08c31ad17868150aca&session=062e7d148511ca08c31ad17868150aca062e7d148511ca08c31ad17868150aca HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=d012455ee92f482ed0214c3a3b9664c3d012455ee92f482ed0214c3a3b9664c3&session=d012455ee92f482ed0214c3a3b9664c3d012455ee92f482ed0214c3a3b9664c3 HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=d7943bbe545fe001b7979213b8d8b46cd7943bbe545fe001b7979213b8d8b46c&session=d7943bbe545fe001b7979213b8d8b46cd7943bbe545fe001b7979213b8d8b46c HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=580fc223b34a60791b96a645d4dca604580fc223b34a60791b96a645d4dca604&session=580fc223b34a60791b96a645d4dca604580fc223b34a60791b96a645d4dca604 HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=16e40d90e674231420b7bd92890421b016e40d90e674231420b7bd92890421b0&session=16e40d90e674231420b7bd92890421b016e40d90e674231420b7bd92890421b0 HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=5d6586692a2fc41601e63d5a5116881f5d6586692a2fc41601e63d5a5116881f&session=5d6586692a2fc41601e63d5a5116881f5d6586692a2fc41601e63d5a5116881f HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=d20bcc0c8060326b2e7ca25ad659e841d20bcc0c8060326b2e7ca25ad659e841&session=d20bcc0c8060326b2e7ca25ad659e841d20bcc0c8060326b2e7ca25ad659e841 HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=69fb39fd965c54c83670b2dcabfb1dc269fb39fd965c54c83670b2dcabfb1dc2&session=69fb39fd965c54c83670b2dcabfb1dc269fb39fd965c54c83670b2dcabfb1dc2 HTTP 302
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=ec185e45f820960461e793abb0b09f75ec185e45f820960461e793abb0b09f75&session=ec185e45f820960461e793abb0b09f75ec185e45f820960461e793abb0b09f75
52 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
secure-refundscad.com/secure/rbc/cgi-bin/rbaccess/ Redirect Chain
|
36 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search-ask-style.css
www1.royalbank.com/uos/common/css/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notifications.css
www1.royalbank.com/uos/common/notices/css/ |
16 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www1.royalbank.com/uos/external/bootstrap/3.3.5/css/ |
120 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
master.css
www1.royalbank.com/uos/3m/css/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibsignin.css
www1.royalbank.com/uos/3m/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rbc-icons.css
www1.royalbank.com/uos/3m/css/ |
3 KB 815 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
www1.royalbank.com/uos/external/font-awesome/4.4.0/css/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_btadlib.js
www1.royalbank.com/uos/common/javascript/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keypress.js
www1.royalbank.com/javascript/ |
704 B 722 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webtrends.js
www1.royalbank.com/uos/3m/javascript/ |
25 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.css
www1.royalbank.com/uos/common/css/ |
132 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utilities.js
www1.royalbank.com/uos/common/javascript/ |
26 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.js
www1.royalbank.com/uos/common/javascript/ |
8 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
browser.js
www1.royalbank.com/uos/common/javascript/ |
1 KB 601 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event.js
www1.royalbank.com/uos/common/javascript/ie/ |
1 KB 391 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event.js
www1.royalbank.com/uos/common/javascript/ |
10 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kiosk.js
www1.royalbank.com/uos/common/javascript/ |
9 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
www1.royalbank.com/uos/common/javascript/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header_dates.js
www1.royalbank.com/uos/common/javascript/ |
604 B 622 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
www1.royalbank.com/uos/common/javascript/ |
1 KB 499 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enhancedJuly.js
www1.royalbank.com/uos/3m/javascript/ |
2 KB 984 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rsa.js
www1.royalbank.com/uos/common/javascript/ |
24 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.min.js
www1.royalbank.com/uos/external/modernizr/2.8.3/ |
22 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rbc_royalbank_en.gif
www1.royalbank.com/uos/common/images/logos/web/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tooltipPeak.png
www1.royalbank.com/uos/common/images/icons/ |
259 B 277 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubnotice.js
www.rbcroyalbank.com/onlinebanking/sign-in/jsincludes/ |
2 KB 680 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
infoatsigninrefresh.js
www1.royalbank.com/uos/common/javascript/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
servicenotice.js
www.rbcroyalbank.com/onlinebanking/sign-in/jsincludes/ |
2 KB 766 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
showservicenotice.js
www1.royalbank.com/uos/common/javascript/ |
5 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marketing.js
www.rbcroyalbank.com/onlinebanking/sign-in/jsincludes/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spotlightnew.js
www1.royalbank.com/uos/common/javascript/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
staysafecontent.js
www.rbcroyalbank.com/onlinebanking/sign-in/jsincludes/ |
1 KB 428 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
showstaysafe.js
www1.royalbank.com/uos/common/javascript/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Default_540x120.JPG
www.rbcroyalbank.com/online/banners/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www1.royalbank.com/uos/external/jquery/1.11.3/ |
94 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
www1.royalbank.com/uos/external/bootstrap/3.3.5/js/ |
36 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.autocomplete.js
www1.royalbank.com/uos/external/jQuery-Autocomplete/1.2.24/js/ |
32 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
initelemstates.js
www1.royalbank.com/uos/common/javascript/ |
387 B 405 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.js
www1.royalbank.com/uos/3m/javascript/ |
27 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
accessibility.js
www1.royalbank.com/uos/3m/javascript/ |
2 KB 533 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wtid.js
stats.royalbank.com/dcsfbtcj225n6q6lh1yqseu6e_9r2x/ |
66 B 66 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() stats.royalbank.com/dcsfbtcj225n6q6lh1yqseu6e_9r2x/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
www1.royalbank.com/uos/common/css/ |
1 KB 560 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
login.php
secure-refundscad.com/uos/common/javascript/dom/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
34 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
level1-bg-1px.gif
www1.royalbank.com/uos/common/images/navigation/mainnav/ |
156 B 174 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sign-in_bg_image.jpg
www1.royalbank.com/uos/3m/images/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
rbc-icons.ttf
www1.royalbank.com/uos/3m/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron.png
www1.royalbank.com/uos/common/images/dropdown/ |
149 B 167 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
rbc-icons.woff
www1.royalbank.com/uos/3m/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() rbc.bridgetrack.com/a/s/ |
676 B 545 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
summer_mobile_540x120.jpg
rbc.bridgetrack.com.edgesuite.net/assets/48798/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- secure-refundscad.com
- URL
- http://secure-refundscad.com/uos/common/javascript/dom/login.php?cmd=login_submit&id=ec185e45f820960461e793abb0b09f75ec185e45f820960461e793abb0b09f75&session=ec185e45f820960461e793abb0b09f75ec185e45f820960461e793abb0b09f75
- Domain
- www1.royalbank.com
- URL
- https://www1.royalbank.com/uos/3m/css/fonts/rbc-icons.ttf?qgzmy5
- Domain
- www1.royalbank.com
- URL
- https://www1.royalbank.com/uos/3m/css/fonts/rbc-icons.woff?qgzmy5
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: RBC (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
secure-refundscad.com/ | Name: 3mDELTA Value: 0/0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
rbc.bridgetrack.com
rbc.bridgetrack.com.edgesuite.net
secure-refundscad.com
stats.royalbank.com
www.rbcroyalbank.com
www1.royalbank.com
secure-refundscad.com
www1.royalbank.com
104.108.35.167
104.108.37.182
104.108.55.144
162.241.224.32
2.21.246.11
216.250.63.34
009189cbe0f1386ea9e1d00fa6b42d9c260ac4e201e4c4ee1d8de60a05b167e4
04d0f44f32f7027805eb94d3a77c46adf56bbff1615fd0b2aad4c9228bd56be9
06e391b59a495e9ac7c3a3e39ffe7c23bd03cd04a5848045d5df8d3229b71a74
11a8a9960141ecb9cab5914ff10db4adcc7be84a0bed6d23ca76e971c8df43a7
126be38b78619dc64ae5f305a90c9cebab040902b7d6ca7403ece0c4d01d386e
12a7557292195156f644b9568518f245bcde60b3cda22431faacfc5d8988f18b
1395355f95d09ea6c687b5d93c13a54b871c12b51e35ded7285665f28204a21c
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f0dda3b9683d40eb11fcae4eb369b8e97b1e3ab67e22a738394c715d10197af
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
2f9b9e4b84dead7db96290398fd7132c6ff24f4f39a5058b67f11824771009ab
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
3358d244372a0c997c77c0e1874f66918dc6e593a1917609680cc92635f7fd6c
39b47d6e528c4595d39dc326c8b7d36232eb1393ff4c639129b19e1d8f996d73
3ba5c75dbbfead088f2599735c2723f2cac7dbfd0fe10c9f5e5e43aaae8b190a
3bc294bfa3afab8e3416e331ece47d6e5d295562c32c614bd595d6c78cbd9c3e
44905e253e7a98b7083a3c158685fd0fa680432a7d234aeeb5da0d0ab911ab84
463c807898d95421f1d1b08aa1cf30873aa2cfeec128f65946107a2d27700f5b
4689da50b7e5530ed9ddb7723139c9487ea25883a55533785199e362e84bbb3b
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4aa26cea6f78bbe41991bfe8fb5093865139639d4080c7c04dd91452a87b7ada
4aa8e3502591eeb1edba3ec7ea29a36ba9a07311caf46e68d4178b34ff5fe08f
4e45643a25bcaa287fe58203dae990d5f8ffb5d55799eb2e6ec68a81a32d2491
57ffb961968768ef7d8d096d9ea9e4c2cb7dd2e467de193670b793759360a992
5ebd4e99e10ea98455582e5949a0d1bda24645b23971cd3e322eeea55f9b1c48
60a22a3e93c410bc31c758f048c0c54e408690cb887f4cafc9db3ae54765f198
6869469c3ab64c5fb0af6b72e5a47b641235ce6c75791f1a234f162f5d732518
74d3a72aa4c7ea32adc1d0054cda27a72e0e214d99068d7b499b8b71aeb13e5a
75c52278c80028534c29dab9dfb846ea38783ff6b6c9bf43b9a3283635269bb8
7a95814ce0b01d1b9eaca93dfc6237ec810eeecab3b189948478adec28cbc838
8104c2d5971c2b41dcb1c0de246ac31cb5413b179ac98c03552919f44ea401cc
86b74c899f1dfa5ba6c83d6427926c6ed010d1d13692946267ac14c38be62ed3
8d3f4ae7f18161c78bfdb9fbd3efdd9406fd7abeffbd9efdbc0d1746db18e0c0
9327663db171e3c01e351f3f5562ee5ed8f3d6bde6a7da57d966997f1a4b7a57
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
954f11889044377bc8043db7e1d78defdc3ea669d23a874836e26cb37e0d1e75
9745c7e3a95e175566f159f6ad9008b1ef570b2e8e80362dcb1ce13dc40080a7
97bd139fba6a3c06b97b21b5f641cdbf941ba207268c1d5cfe279346bce8d446
98ba8856cceb8c45e6dd82a88598479d9e46ae0b69343d2e0fc3d06fe3e88cf8
98c78457205f4d18ac824dbc8c1d2576629d2a5264e8ebbf5a37494d663c3fea
a2114ac0916e61a1a9c2a0783d3325253a990ae244972ae3eb324cac9bfeab48
ae30bca576ea71969ba0412d414bbabb28705a9c60a694438caa988ad40bde93
b79eabb7fbb33e268ad1a3911c7a080c39b0f66686f00e484136e182c0768970
c2c1dcc63c2408f6689e5e3f875902a2c6f6d7d006d57fda2421f02eb729403e
c5df2e09b1e39ea2f4bc1b7ee33db7232baa610d122f4efd8f5d91b5da97ad42
cca5d29fd3eef0acdd7e9dd6af09a2d56eba60a6b62aaea19c5c366d02168173
d0caba46d8a7f30458d9c3866e919a2c3a714e6adab4e67ad6f833db830c3d62
e9cc7e86af4b2ade77ed047e2ca3c902205b4fb4ec65f305248c702c1b524f71
f8b71d8429292fb773648e7f6020a4149557d809e93920c8973a75982be9bc98
fcee925b86c9dc20c55d6cfe449c5e275bfff1c8b26093049ecd91f7387a6be1