capitera.info
Open in
urlscan Pro
195.201.198.148
Malicious Activity!
Public Scan
Submission: On January 17 via automatic, source openphish
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 16th 2019. Valid for: 3 months.
This is the only time capitera.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ATB Financial (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 195.201.198.148 195.201.198.148 | 24940 (HETZNER-AS) (HETZNER-AS) | |
14 | 2 |
ASN24940 (HETZNER-AS, DE)
PTR: static.148.198.201.195.clients.your-server.de
capitera.info |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
capitera.info
capitera.info |
623 KB |
14 | 1 |
Domain | Requested by | |
---|---|---|
14 | capitera.info |
capitera.info
|
14 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.atbonline.com |
www.atb.com |
www.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
capitera.info cPanel, Inc. Certification Authority |
2019-01-16 - 2019-04-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://capitera.info/taxesrefund/CRAetransfer/banks/ATB/last.html
Frame ID: B2E5B696EE29DC0374FED1D15BED9318
Requests: 21 HTTP requests in this frame
19 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Branch Locator
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Help with This Page
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Title: Tools & Calculators
Search URL Search Domain Scan URL
Title: Self-Service
Search URL Search Domain Scan URL
Title: Log out
Search URL Search Domain Scan URL
Title: Pay Bills
Search URL Search Domain Scan URL
Title: Interac e-Transfer®
Search URL Search Domain Scan URL
Title: Transfers
Search URL Search Domain Scan URL
Title: Global Transfers
Search URL Search Domain Scan URL
Title: TrackIt
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Title: www.atb.com
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
last.html
capitera.info/taxesrefund/CRAetransfer/banks/ATB/ |
56 KB 56 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
capitera.info/taxesrefund/CRAetransfer/banks/ATB/last_files/ |
100 KB 101 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
commonStyles_5932C9A3B926A146025EB2EA9D8165E8.css
capitera.info/taxesrefund/CRAetransfer/banks/ATB/last_files/ |
281 KB 281 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-gradient.jpg
capitera.info/taxesrefund/CRAetransfer/banks/ATB/last_files/ |
760 B 1002 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spacer.gif
capitera.info/taxesrefund/CRAetransfer/banks/ATB/last_files/ |
43 B 283 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebResource.axd
capitera.info/taxesrefund/CRAetransfer/banks/ATB/last_files/ |
23 KB 23 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebResource(1).axd
capitera.info/taxesrefund/CRAetransfer/banks/ATB/last_files/ |
923 B 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AppsUI.DateExtensions.js.download
capitera.info/taxesrefund/CRAetransfer/banks/ATB/last_files/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timeout.js.download
capitera.info/taxesrefund/CRAetransfer/banks/ATB/last_files/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ScriptResource.axd
capitera.info/taxesrefund/CRAetransfer/banks/ATB/last_files/ |
100 KB 101 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ScriptResource(1).axd
capitera.info/taxesrefund/CRAetransfer/banks/ATB/last_files/ |
39 KB 40 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
printStyles_CFEA2BA09EB54DE325A59BCCD84B572D.css
capitera.info/taxesrefund/CRAetransfer/banks/ATB/last_files/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spinner-lg.gif
capitera.info/taxesrefund/CRAetransfer/banks/ATB/last_files/ |
7 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite.png
capitera.info/taxesrefund/CRAetransfer/banks/Images/ |
365 B 365 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ATB Financial (Banking)83 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| __registerAntiForgeryAjaxServicesController string| timeout_sessionTimeoutCountdown string| timeout_popupWarningCountdown string| timeout_popupCenteringInterval undefined| timeout_sessionLife undefined| timeout_warningThreshold undefined| timeout_popupWarningLife undefined| timeout_heartRate number| timeout_extensionLength number| timeout_warningDisplayed string| timeout_signOutDestinationUrl string| timeout_extensionPageUrl string| timeout_popupWindowAttributes function| timeout_initializeTimeoutCode function| timeout_initializeTimeoutCountdown function| timeout_initializePopupWarningCountdown function| timeout_stopTimeoutCountdown function| timeout_timeoutPulse function| timeout_popupWarningPulse function| timeout_expireSession function| timeout_showExtendSessionPopup function| timeout_hideExtendSessionPopupWarning function| timeout_extendSession function| timeout_showObject function| timeout_hideObject function| PopupCenter function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events undefined| gDES_Actions0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
capitera.info
195.201.198.148
07b0b01025c07156bb94c5f12f6776ae598f5a2662e18abf9e7ad4d58435d2ff
09ee49aaa70ba826bcaf27ac60ada09aa6b35b637f3b5c3afc44b0c9f82ca818
138376ba413b29d8a4354768884cfa9f31417e682385990bdc02136cc2616087
14a174147ddbddee334cdcacd0d485cfa340080b2f28f312cbed56fd1ec9b482
297a5269f31b7c501886f8f980b01e5e14048f7f8f279ce1fb76f33e3edd6a14
299883406c128ae8de04ed518b00607c540b7e87fd56e00fbe9fa569e8d2b676
354ce291bcbc432ae57bfe6270722810506dbb069e934d852e2b304d8a20efc5
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3a82ca9b0c3f5347784886619c79dad0ea32833ad5b0d0f10228f0618bf76753
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
51a09ba9a0b20ae1facf17a05ec09d4c04976eb5370157537745e588f295b2e9
635d07c91cc9433fd2086a967966aec7b08b9b6558450bf6c242608e364c2c45
67684c537e08f5b9efe1ae3fd8824ad8b362dabd97496e4849bc40cf0006dd69
68f2754a833a25d7b577b98dbd1995d2ee46122c912750991b6e0e2aac71f809
72da7b996e10c7a2a69be39a1a403fbc0eea85182551d12c1b47e02821a86411
936aaa639be8fa6c83d6090a016cf175282c6102980ebb6ef79e84cd25ecf950
bc1d20c0f75e6882604dc25043446dcdf17c5634c98b56a667b2c56779b83b5a
d915ab9f10d0f1f5e305022e272bde591ff92e9f6c0a34e50d81a15e72a08369
deb2a116767d78f67f173f4e446a5a33dfdd8de4621d9a8fb83c76c3009dcc3e
def7cf30fc48246e05479853b072d4ff6678f0859ef681e7022ed27a88d02405
f086aa0e1c26471f649c6299304d8d0a03541484d73101b39092e7cd3fee1a0f