royalbank.com-ssl-ca.info Open in urlscan Pro
190.14.37.247  Malicious Activity! Public Scan

URL: http://royalbank.com-ssl-ca.info/
Submission: On September 26 via automatic, source twitter_phishingalert

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 190.14.37.247, located in Panama and belongs to Offshore Racks S.A, PA. The main domain is royalbank.com-ssl-ca.info.
This is the only time royalbank.com-ssl-ca.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: RBC (Banking)

Domain & IP information

IP Address AS Autonomous System
7 190.14.37.247 52469 (Offshore ...)
7 1
Apex Domain
Subdomains
Transfer
7 com-ssl-ca.info
royalbank.com-ssl-ca.info
62 KB
7 1
Domain Requested by
7 royalbank.com-ssl-ca.info royalbank.com-ssl-ca.info
7 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://royalbank.com-ssl-ca.info/
Frame ID: 13083.1
Requests: 7 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

62 kB
Transfer

62 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
royalbank.com-ssl-ca.info/
13 KB
13 KB
Document
General
Full URL
http://royalbank.com-ssl-ca.info/
Protocol
HTTP/1.1
Server
190.14.37.247 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS
thermalgame.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6af180a1b7c15274863d97146be2234bc7382bbc18c04c3cdd4f54473f3e5b59

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
royalbank.com-ssl-ca.info
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 26 Sep 2017 14:13:33 GMT
Last-Modified
Tue, 26 Sep 2017 06:21:33 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"603c0-331e-55a11afc89889"
Content-Type
text/html; charset=UTF-8
Connection
close
Accept-Ranges
bytes
Content-Length
13086
logo.gif
royalbank.com-ssl-ca.info/pics/
2 KB
2 KB
Image
General
Full URL
http://royalbank.com-ssl-ca.info/pics/logo.gif
Requested by
Host: royalbank.com-ssl-ca.info
URL: http://royalbank.com-ssl-ca.info/
Protocol
HTTP/1.1
Server
190.14.37.247 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS
thermalgame.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
60a22a3e93c410bc31c758f048c0c54e408690cb887f4cafc9db3ae54765f198

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
royalbank.com-ssl-ca.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://royalbank.com-ssl-ca.info/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://royalbank.com-ssl-ca.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 26 Sep 2017 14:13:33 GMT
Last-Modified
Tue, 26 Sep 2017 06:22:18 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"603d6-9ba-55a11b26d85de"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
2490
info.png
royalbank.com-ssl-ca.info/pics/
4 KB
4 KB
Image
General
Full URL
http://royalbank.com-ssl-ca.info/pics/info.png
Requested by
Host: royalbank.com-ssl-ca.info
URL: http://royalbank.com-ssl-ca.info/
Protocol
HTTP/1.1
Server
190.14.37.247 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS
thermalgame.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f73fa9e0446a21a1dbb11a7125cf68f1537f9c5cf81ccc427f5b5f8fa1961da7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
royalbank.com-ssl-ca.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://royalbank.com-ssl-ca.info/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://royalbank.com-ssl-ca.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 26 Sep 2017 14:13:33 GMT
Last-Modified
Tue, 26 Sep 2017 06:22:15 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"603d4-ee6-55a11b24592d3"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
3814
arrow_yellow.jpg
royalbank.com-ssl-ca.info/pics/
1 KB
1 KB
Image
General
Full URL
http://royalbank.com-ssl-ca.info/pics/arrow_yellow.jpg
Requested by
Host: royalbank.com-ssl-ca.info
URL: http://royalbank.com-ssl-ca.info/
Protocol
HTTP/1.1
Server
190.14.37.247 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS
thermalgame.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
09d60f0284e65d16916fc25a76dd1da2ffb6921939ccc346f766cabd92d01dc3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
royalbank.com-ssl-ca.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://royalbank.com-ssl-ca.info/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://royalbank.com-ssl-ca.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 26 Sep 2017 14:13:33 GMT
Last-Modified
Tue, 26 Sep 2017 06:22:00 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"603cb-56c-55a11b15cb6a3"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
1388
bg_bar.jpg
royalbank.com-ssl-ca.info/pics/
11 KB
11 KB
Image
General
Full URL
http://royalbank.com-ssl-ca.info/pics/bg_bar.jpg
Requested by
Host: royalbank.com-ssl-ca.info
URL: http://royalbank.com-ssl-ca.info/
Protocol
HTTP/1.1
Server
190.14.37.247 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS
thermalgame.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
92f4f679f58083ab425b3c05eb4678b57cc455508f62f4259362719a2df9e49f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
royalbank.com-ssl-ca.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://royalbank.com-ssl-ca.info/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://royalbank.com-ssl-ca.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 26 Sep 2017 14:13:33 GMT
Last-Modified
Tue, 26 Sep 2017 06:22:02 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"603cc-2baf-55a11b181dae5"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
11183
bluebg.jpg
royalbank.com-ssl-ca.info/pics/
30 KB
30 KB
Image
General
Full URL
http://royalbank.com-ssl-ca.info/pics/bluebg.jpg
Requested by
Host: royalbank.com-ssl-ca.info
URL: http://royalbank.com-ssl-ca.info/
Protocol
HTTP/1.1
Server
190.14.37.247 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS
thermalgame.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0484e9b746134e13606c6840f303bc7c86f23d179937fdd9089333fb0e8e3752

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
royalbank.com-ssl-ca.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://royalbank.com-ssl-ca.info/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://royalbank.com-ssl-ca.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 26 Sep 2017 14:13:33 GMT
Last-Modified
Tue, 26 Sep 2017 06:22:05 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"603ce-76cc-55a11b1b41eb1"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
30412
blackarrow.jpg
royalbank.com-ssl-ca.info/pics/
1 KB
1 KB
Image
General
Full URL
http://royalbank.com-ssl-ca.info/pics/blackarrow.jpg
Requested by
Host: royalbank.com-ssl-ca.info
URL: http://royalbank.com-ssl-ca.info/
Protocol
HTTP/1.1
Server
190.14.37.247 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS
thermalgame.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1142e3247283f1f86a80a16a9a35bca81218f5d81e43e65b4a09d48e02abe39a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
royalbank.com-ssl-ca.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://royalbank.com-ssl-ca.info/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://royalbank.com-ssl-ca.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 26 Sep 2017 14:13:33 GMT
Last-Modified
Tue, 26 Sep 2017 06:22:03 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"603cd-4ba-55a11b18e94dd"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
1210

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: RBC (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies