URL: https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
Submission: On April 17 via automatic, source openphish — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 162.241.203.171, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is untxi.com.br.
TLS certificate: Issued by R3 on March 12th 2023. Valid for: 3 months.
This is the only time untxi.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Scotiabank (Banking)

Domain & IP information

IP Address AS Autonomous System
8 162.241.203.171 19871 (NETWORK-S...)
8 1
Apex Domain
Subdomains
Transfer
8 untxi.com.br
untxi.com.br
242 KB
8 1
Domain Requested by
8 untxi.com.br untxi.com.br
8 1

This site contains no links.

Subject Issuer Validity Valid
mail.untxi.com.br
R3
2023-03-12 -
2023-06-10
3 months crt.sh

This page contains 1 frames:

Primary Page: https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
Frame ID: 17D6286CA4DF640F64C163BF48AD281B
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

RBC Secure formRBC

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

242 kB
Transfer

566 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/
68 KB
20 KB
Document
General
Full URL
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.203.171 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-171.unifiedlayer.com
Software
Apache /
Resource Hash
aff28fdb83f965ae77beb2e5e7a01416d9516d110733e5ce1b7809c71ee9fee7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 17 Apr 2023 03:08:17 GMT
server
Apache
vary
Accept-Encoding
jquery.min.js
untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/datainf/
95 KB
42 KB
Script
General
Full URL
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/datainf/jquery.min.js
Requested by
Host: untxi.com.br
URL: https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.203.171 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-171.unifiedlayer.com
Software
Apache /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 03:08:17 GMT
content-encoding
gzip
last-modified
Tue, 04 Feb 2020 02:29:54 GMT
server
Apache
accept-ranges
none
vary
Accept-Encoding
content-type
application/javascript
jsdata.min.js
untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/datainf/
917 B
548 B
Script
General
Full URL
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/datainf/jsdata.min.js
Requested by
Host: untxi.com.br
URL: https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.203.171 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-171.unifiedlayer.com
Software
Apache /
Resource Hash
ca52d3636168260386dc617870115ce4f8819f9d96a50f72e89fd4d9a9149ded

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 03:08:17 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 03:45:22 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
none
content-length
476
styles.css
untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/datainf/
326 KB
103 KB
Stylesheet
General
Full URL
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/datainf/styles.css
Requested by
Host: untxi.com.br
URL: https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.203.171 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-171.unifiedlayer.com
Software
Apache /
Resource Hash
2b6c6365b4433c5dee0b264f0ffb8125f809af60046a77786cfb275be7516eae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 03:08:17 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2022 02:57:42 GMT
server
Apache
accept-ranges
none
vary
Accept-Encoding
content-type
text/css
index.php
untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/
0
41 B
XHR
General
Full URL
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/index.php
Requested by
Host: untxi.com.br
URL: https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/datainf/jsdata.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.203.171 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-171.unifiedlayer.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 17 Apr 2023 03:08:18 GMT
server
Apache
accept-ranges
none
content-length
0
content-type
text/html; charset=UTF-8
8424a042624210828b0fbe7a8c533b2a.woff2
untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/datainf/
23 KB
24 KB
Font
General
Full URL
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/datainf/8424a042624210828b0fbe7a8c533b2a.woff2
Requested by
Host: untxi.com.br
URL: https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.203.171 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-171.unifiedlayer.com
Software
Apache /
Resource Hash
d1e87295d125e7f5f258383b2e35751dbec33675f7ac6ebcb7570ede83413ba6

Request headers

Referer
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
Origin
https://untxi.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 03:08:18 GMT
last-modified
Sat, 01 Feb 2020 16:05:54 GMT
server
Apache
accept-ranges
bytes
content-length
23992
content-type
font/woff2
fd1c0f449fc8540f82c47e1629cbd5dd.woff2
untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/datainf/
23 KB
23 KB
Font
General
Full URL
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/datainf/fd1c0f449fc8540f82c47e1629cbd5dd.woff2
Requested by
Host: untxi.com.br
URL: https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.203.171 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-171.unifiedlayer.com
Software
Apache /
Resource Hash
e1f8e67d54b287369f8fb000d14af4ea5ea2da8519ffae2e04f4be83d3af9141

Request headers

Referer
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
Origin
https://untxi.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 03:08:18 GMT
last-modified
Sat, 01 Feb 2020 16:05:58 GMT
server
Apache
accept-ranges
bytes
content-length
23716
content-type
font/woff2
8fd30bd010d9e2c7677ec339685f958b.woff
untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/datainf/
30 KB
30 KB
Font
General
Full URL
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/datainf/8fd30bd010d9e2c7677ec339685f958b.woff
Requested by
Host: untxi.com.br
URL: https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.203.171 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-171.unifiedlayer.com
Software
Apache /
Resource Hash
5f45b253b0621b40b352b1ec52c4b2066bca8e71c5ac54d922459fc8109d9366

Request headers

Referer
https://untxi.com.br/acc-usr-rbuncxx-username-4128942910510210420412521/?idm=bWV0YUBnb2wuY29t&F105113119N114117111=
Origin
https://untxi.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 03:08:18 GMT
last-modified
Tue, 04 Feb 2020 11:50:42 GMT
server
Apache
accept-ranges
bytes
content-length
30656
content-type
font/woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Scotiabank (Banking)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery object| canvas object| gl string| platform object| debugInfo string| vendor string| renderer number| width number| width2 number| height number| height2 number| color_depth number| bitspp number| ram string| s object| xhr string| ret_js string| html

0 Cookies