twelvebd.com Open in urlscan Pro
198.54.123.76 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://twelvebd.com/rbc/details.php
Submission: On April 03 via automatic, source openphish (April 3rd 2017, 6:41:08 pm UTC)

Summary HTTP 17 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 198.54.123.76, located in Los Angeles, United States and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is twelvebd.com.

This is the only time twelvebd.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: RBC (Banking)

Domain & IP information

	IP Address		AS Autonomous System
17	198.54.123.76 198.54.123.76		22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap)
17	1

17 198.54.123.76 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: servercheap.wamhost.com

twelvebd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	twelvebd.com twelvebd.com	51 KB
17	1

	Domain	Requested by
17	twelvebd.com	twelvebd.com
17	1

This site contains links to these domains. Also see Links.

Domain
www1.royalbank.com
www.rbc.com
www.rbcroyalbank.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://twelvebd.com/rbc/details.php
Frame ID: 7230.1
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

17
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

51 kB
Transfer

193 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www1.royalbank.com/cgi-bin/rbaccess/rbunxcgi?F8=1&F22=HT&REQUEST=SIGNOUT&CPG=55230&LANGUAGE=ENGLISH
Title: Sign Out

Search URL Search Domain Scan URL

URL: http://www.rbc.com/canada.html
Title: Products & Services

Search URL Search Domain Scan URL

URL: https://www.rbcroyalbank.com/customer-service/online-banking/index.html
Title: Customer Service

Search URL Search Domain Scan URL

URL: https://www.rbcroyalbank.com/onlineservices/personal/apply-for-products-and-services.html
Title: Apply for Products and Services

Search URL Search Domain Scan URL

URL: http://www.rbcroyalbank.com/online/rbcguarantee.html
Title: RBC Online Banking Security Guarantee

Search URL Search Domain Scan URL

URL: https://www.rbcroyalbank.com/onlinebanking/bankingusertips/security/features.html#2
Title: RBC Online Banking Security Features

Search URL Search Domain Scan URL

URL: http://www.rbc.com/privacysecurity/ca/index.html
Title: Privacy & Security

Search URL Search Domain Scan URL

URL: https://www.rbcroyalbank.com/onlinebanking/legal.html
Title: Legal

Search URL Search Domain Scan URL

URL: http://www.rbc.com/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request details.php Show response twelvebd.com/rbc/	48 KB 7 KB	552ms 207ms	Document text/html	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Full URL http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `b516d0e295499b18044d355cb73ded17ee734c0c21cc78cfab1a22ad81a94114` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Date Mon, 03 Apr 2017 18:40:58 GMT Content-Encoding gzip Vary Accept-Encoding Server nginx X-Cache-Status EXPIRED Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 X-Server-Powered-By Engintron Connection keep-alive
GET H/1.1	200 OK	common.css twelvebd.com/rbc/files/	91 KB 12 KB	163ms 162ms	Stylesheet text/css	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Full URL http://twelvebd.com/rbc/files/common.css Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `711f3d4857e67b5c7167f19a3627c189715683822e4ff3b890b6226666575a45` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept text/css,/;q=0.1 Referer http://twelvebd.com/rbc/details.php Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/details.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:58 GMT Content-Encoding gzip Last-Modified Sun, 05 Dec 2010 13:20:36 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 public Transfer-Encoding chunked X-Server-Powered-By Engintron Connection keep-alive Expires Wed, 03 May 2017 18:40:58 GMT
GET H/1.1	200 OK	custom.css twelvebd.com/rbc/files/	8 KB 2 KB	161ms 160ms	Stylesheet text/css	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Full URL http://twelvebd.com/rbc/files/custom.css Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `647561a0ade09f50617b59782aa0d81402ca25140ef1f50f51e2a47dba456935` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept text/css,/;q=0.1 Referer http://twelvebd.com/rbc/details.php Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/details.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:58 GMT Content-Encoding gzip Last-Modified Sat, 18 Sep 2010 02:45:36 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 public Transfer-Encoding chunked X-Server-Powered-By Engintron Connection keep-alive Expires Wed, 03 May 2017 18:40:58 GMT
GET H/1.1	200 OK	legacy.css twelvebd.com/rbc/files/	9 KB 2 KB	315ms 157ms	Stylesheet text/css	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Full URL http://twelvebd.com/rbc/files/legacy.css Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `def4fe5664e6cc8496fc6e263b0d41f29fff850bbde794f05a6654bf9c7bd647` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept text/css,/;q=0.1 Referer http://twelvebd.com/rbc/details.php Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/details.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:58 GMT Content-Encoding gzip Last-Modified Sat, 18 Sep 2010 02:35:54 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 public Transfer-Encoding chunked X-Server-Powered-By Engintron Connection keep-alive Expires Wed, 03 May 2017 18:40:58 GMT
GET H/1.1	200 OK	main01.css twelvebd.com/rbc/files/	4 KB 998 B	316ms 158ms	Stylesheet text/css	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Full URL http://twelvebd.com/rbc/files/main01.css Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `039c3b5639ff16b2440e0d5eed91d3b6c49a63781ad12bf9391f7712ec0fd895` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept text/css,/;q=0.1 Referer http://twelvebd.com/rbc/details.php Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/details.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:58 GMT Content-Encoding gzip Last-Modified Sat, 18 Sep 2010 02:21:46 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 public Transfer-Encoding chunked X-Server-Powered-By Engintron Connection keep-alive Expires Wed, 03 May 2017 18:40:58 GMT
GET H/1.1	200 OK	main02.css twelvebd.com/rbc/files/	5 KB 1 KB	320ms 160ms	Stylesheet text/css	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Full URL http://twelvebd.com/rbc/files/main02.css Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `1af89983ee4a17b75047a8269f13f08f46cd22be15c8fe2d71a0a176d977b94a` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept text/css,/;q=0.1 Referer http://twelvebd.com/rbc/details.php Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/details.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:58 GMT Content-Encoding gzip Last-Modified Sat, 18 Sep 2010 02:35:02 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 public Transfer-Encoding chunked X-Server-Powered-By Engintron Connection keep-alive Expires Wed, 03 May 2017 18:40:58 GMT
GET H/1.1	200 OK	tabs.css twelvebd.com/rbc/files/	394 B 207 B	321ms 160ms	Stylesheet text/css	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Full URL http://twelvebd.com/rbc/files/tabs.css Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `36eaf89e51905a0f7788c6d943bfecb6548a736523fefe6eacd8d28fc25604dc` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept text/css,/;q=0.1 Referer http://twelvebd.com/rbc/details.php Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/details.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:58 GMT Content-Encoding gzip Last-Modified Sat, 18 Sep 2010 02:21:46 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 public Transfer-Encoding chunked X-Server-Powered-By Engintron Connection keep-alive Expires Wed, 03 May 2017 18:40:58 GMT
GET H/1.1	200 OK	print.css twelvebd.com/rbc/files/	1 KB 520 B	160ms 160ms	Stylesheet text/css	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Full URL http://twelvebd.com/rbc/files/print.css Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `3ba5c75dbbfead088f2599735c2723f2cac7dbfd0fe10c9f5e5e43aaae8b190a` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept text/css,/;q=0.1 Referer http://twelvebd.com/rbc/details.php Cookie PPAGE=ChangePVQsA Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/details.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:59 GMT Content-Encoding gzip Last-Modified Sat, 18 Sep 2010 02:21:46 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 public Transfer-Encoding chunked X-Server-Powered-By Engintron Connection keep-alive Expires Wed, 03 May 2017 18:40:59 GMT
GET H/1.1	200 OK	rbc_royalbank_en.gif twelvebd.com/rbc/files/	2 KB 2 KB	160ms 160ms	Image image/gif	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Show image Full URL http://twelvebd.com/rbc/files/rbc_royalbank_en.gif Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `60a22a3e93c410bc31c758f048c0c54e408690cb887f4cafc9db3ae54765f198` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://twelvebd.com/rbc/details.php Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/details.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:59 GMT Last-Modified Sat, 18 Sep 2010 02:21:46 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=5184000 public X-Server-Powered-By Engintron Connection keep-alive Accept-Ranges bytes Content-Length 2490 Expires Fri, 02 Jun 2017 18:40:59 GMT
GET H/1.1	200 OK	secure.gif twelvebd.com/rbc/files/	589 B 589 B	160ms 160ms	Image image/gif	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Show image Full URL http://twelvebd.com/rbc/files/secure.gif Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `fcd69ac86df7eecd7219c4d9b73b938736e64522e03ef115b6e857c9a82f1171` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://twelvebd.com/rbc/details.php Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/details.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:59 GMT Last-Modified Sat, 18 Sep 2010 02:21:46 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=5184000 public X-Server-Powered-By Engintron Connection keep-alive Accept-Ranges bytes Content-Length 589 Expires Fri, 02 Jun 2017 18:40:59 GMT
GET H/1.1	200 OK	screenreaderimage.gif twelvebd.com/rbc/files/	43 B 43 B	158ms 157ms	Image image/gif	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Show image Full URL http://twelvebd.com/rbc/files/screenreaderimage.gif Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://twelvebd.com/rbc/details.php Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/details.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:59 GMT Last-Modified Sat, 18 Sep 2010 02:21:46 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=5184000 public X-Server-Powered-By Engintron Connection keep-alive Accept-Ranges bytes Content-Length 43 Expires Fri, 02 Jun 2017 18:40:59 GMT
GET H/1.1	200 OK	highlight-house.gif twelvebd.com/rbc/files/	59 B 59 B	157ms 157ms	Image image/gif	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Show image Full URL http://twelvebd.com/rbc/files/highlight-house.gif Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `e74218f409ea0ff113fa0b5d281915ca6f769899a97702d555575cafc3ec71a9` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://twelvebd.com/rbc/details.php Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/details.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:59 GMT Last-Modified Sat, 18 Sep 2010 02:21:46 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=5184000 public X-Server-Powered-By Engintron Connection keep-alive Accept-Ranges bytes Content-Length 59 Expires Fri, 02 Jun 2017 18:40:59 GMT
GET H/1.1	200 OK	btn_continue.gif twelvebd.com/rbc/files/	1020 B 1020 B	161ms 160ms	Image image/gif	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Show image Full URL http://twelvebd.com/rbc/files/btn_continue.gif Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `5ef09b87e0bd5b854561f66cb2b4dcf13817271e20c6591b7a223d18b69a3d9d` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://twelvebd.com/rbc/details.php Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/details.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:59 GMT Last-Modified Sat, 18 Sep 2010 02:21:46 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=5184000 public X-Server-Powered-By Engintron Connection keep-alive Accept-Ranges bytes Content-Length 1020 Expires Fri, 02 Jun 2017 18:40:59 GMT
GET H/1.1	200 OK	newwindow.gif twelvebd.com/rbc/files/	319 B 319 B	160ms 160ms	Image image/gif	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Show image Full URL http://twelvebd.com/rbc/files/newwindow.gif Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `1dfdc9c1479cd6f057202c500743628d6f5372fcdb8c296dba1c62f1eb5870a7` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://twelvebd.com/rbc/details.php Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/details.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:59 GMT Last-Modified Sat, 18 Sep 2010 02:21:46 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=5184000 public X-Server-Powered-By Engintron Connection keep-alive Accept-Ranges bytes Content-Length 319 Expires Fri, 02 Jun 2017 18:40:59 GMT
GET H/1.1	200 OK	bg-legacy.gif twelvebd.com/rbc/files/	15 KB 15 KB	310ms 158ms	Image image/gif	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Show image Full URL http://twelvebd.com/rbc/files/bg-legacy.gif Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `8536a6a63cbeea431a6929ef06fdfd91edcee60876f34bba06cb68e1586d8abc` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://twelvebd.com/rbc/files/common.css Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/files/common.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:59 GMT Last-Modified Sat, 18 Sep 2010 02:48:28 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=5184000 public X-Server-Powered-By Engintron Connection keep-alive Accept-Ranges bytes Content-Length 15065 Expires Fri, 02 Jun 2017 18:40:59 GMT
GET H/1.1	200 OK	secure-bg.gif twelvebd.com/rbc/files/	5 KB 5 KB	309ms 157ms	Image image/gif	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Show image Full URL http://twelvebd.com/rbc/files/secure-bg.gif Requested by Host: twelvebd.com URL: http://twelvebd.com/rbc/details.php Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `775bd9df2c430495e3622fefc74b708cdb16b1ea9afbe4f185be00aea9151257` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://twelvebd.com/rbc/files/common.css Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/files/common.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:59 GMT Last-Modified Sat, 18 Sep 2010 02:48:46 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=5184000 public X-Server-Powered-By Engintron Connection keep-alive Accept-Ranges bytes Content-Length 5529 Expires Fri, 02 Jun 2017 18:40:59 GMT
GET H/1.1	200 OK	favicon.ico twelvebd.com/rbc/	2 KB 798 B	158ms 158ms	Other image/x-icon	198.54.123.76 Namecheap
General Check archive.org Show headers Download Go to Full URL http://twelvebd.com/rbc/favicon.ico Protocol HTTP/1.1 Server 198.54.123.76 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS servercheap.wamhost.com Software nginx / Resource Hash `4ce04021dcad4967eb75870b28569d812455223682a6dfd6aa948115944c692d` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host twelvebd.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://twelvebd.com/rbc/details.php Cookie PPAGE=ChangePVQsA Connection keep-alive Cache-Control no-cache Referer http://twelvebd.com/rbc/details.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Pragma public Date Mon, 03 Apr 2017 18:40:59 GMT Content-Encoding gzip Last-Modified Sat, 18 Sep 2010 03:10:52 GMT Server nginx X-Cache-Status REVALIDATED Vary Accept-Encoding Accept-Encoding Content-Type image/x-icon Cache-Control max-age=5184000 public Transfer-Encoding chunked X-Server-Powered-By Engintron Connection keep-alive Expires Fri, 02 Jun 2017 18:40:59 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: RBC (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			twelvebd.com/	1970-01-01 00:00:00	Name: PPAGE Value: ChangePVQsA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

twelvebd.com
198.54.123.76
039c3b5639ff16b2440e0d5eed91d3b6c49a63781ad12bf9391f7712ec0fd895
1af89983ee4a17b75047a8269f13f08f46cd22be15c8fe2d71a0a176d977b94a
1dfdc9c1479cd6f057202c500743628d6f5372fcdb8c296dba1c62f1eb5870a7
36eaf89e51905a0f7788c6d943bfecb6548a736523fefe6eacd8d28fc25604dc
3ba5c75dbbfead088f2599735c2723f2cac7dbfd0fe10c9f5e5e43aaae8b190a
4ce04021dcad4967eb75870b28569d812455223682a6dfd6aa948115944c692d
5ef09b87e0bd5b854561f66cb2b4dcf13817271e20c6591b7a223d18b69a3d9d
60a22a3e93c410bc31c758f048c0c54e408690cb887f4cafc9db3ae54765f198
647561a0ade09f50617b59782aa0d81402ca25140ef1f50f51e2a47dba456935
711f3d4857e67b5c7167f19a3627c189715683822e4ff3b890b6226666575a45
775bd9df2c430495e3622fefc74b708cdb16b1ea9afbe4f185be00aea9151257
8536a6a63cbeea431a6929ef06fdfd91edcee60876f34bba06cb68e1586d8abc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b516d0e295499b18044d355cb73ded17ee734c0c21cc78cfab1a22ad81a94114
def4fe5664e6cc8496fc6e263b0d41f29fff850bbde794f05a6654bf9c7bd647
e74218f409ea0ff113fa0b5d281915ca6f769899a97702d555575cafc3ec71a9
fcd69ac86df7eecd7219c4d9b73b938736e64522e03ef115b6e857c9a82f1171

twelvebd.com Open in urlscan Pro 198.54.123.76 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

17 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

51 kBTransfer

193 kBSize

1 Cookies

9 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

twelvebd.com Open in urlscan Pro
198.54.123.76 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

51 kB
Transfer

193 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!