2royalbankcanada.com Open in urlscan Pro
185.81.156.60  Malicious Activity! Public Scan

URL: http://2royalbankcanada.com/lndex.php
Submission: On April 02 via automatic, source openphish

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 185.81.156.60, located in Villejuif, France and belongs to INU-AS, FR. The main domain is 2royalbankcanada.com.
This is the only time 2royalbankcanada.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: RBC (Banking)

Domain & IP information

IP Address AS Autonomous System
1 185.81.156.60 198375 (INU-AS)
17 185.81.156.53 198375 (INU-AS)
18 2
Apex Domain
Subdomains
Transfer
18 2royalbankcanada.com
2royalbankcanada.com
49 KB
18 1
Domain Requested by
18 2royalbankcanada.com 2royalbankcanada.com
18 1

This site contains links to these domains. Also see Links.

Domain
www1.royalbank.com
www.rbc.com
www.rbcroyalbank.com
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://2royalbankcanada.com/lndex.php
Frame ID: 584.1
Requests: 18 HTTP requests in this frame

Screenshot


Page Statistics

18
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

49 kB
Transfer

176 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request lndex.php
2royalbankcanada.com/
32 KB
6 KB
Document
General
Full URL
http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.60 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front10.pf3.vitry.inulogic.com
Software
/
Resource Hash
753ccdb03923a5efb32ed6dd64cac829b9872fad3ca5490f2689688dec614d37

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
PASS
Date
Sun, 02 Apr 2017 15:00:58 GMT
Content-Encoding
gzip
Served-By
web03
Age
0
X-Varnish-Server
v01
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/html
Accept-Ranges
bytes
Content-Length
5788
X-Cache-Hits
0
common.css
2royalbankcanada.com/files/
91 KB
12 KB
Stylesheet
General
Full URL
http://2royalbankcanada.com/files/common.css
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
711f3d4857e67b5c7167f19a3627c189715683822e4ff3b890b6226666575a45

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://2royalbankcanada.com/lndex.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:16 GMT
Content-Encoding
gzip
Served-By
web04
Last-Modified
Thu, 30 Mar 2017 01:17:24 GMT
Age
42
X-Varnish-Server
v02
ETag
"6f172bb-16b3d-54be874978345"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
12329
X-Cache-Hits
2
custom.css
2royalbankcanada.com/files/
7 KB
2 KB
Stylesheet
General
Full URL
http://2royalbankcanada.com/files/custom.css
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
4cd1e6a1f377ce80073d52d597f487cfe7d6b3007ab66632c11c05af8242a744

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://2royalbankcanada.com/lndex.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:43 GMT
Content-Encoding
gzip
Served-By
web04
Last-Modified
Thu, 30 Mar 2017 01:17:34 GMT
Age
16
X-Varnish-Server
v01
ETag
"6f172e4-1df7-54be8753c1045"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1700
X-Cache-Hits
1
legacy.css
2royalbankcanada.com/files/
9 KB
1 KB
Stylesheet
General
Full URL
http://2royalbankcanada.com/files/legacy.css
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
0e3056d6a21d7841c9dfeabbd79bff7a6774019f0bbb31c3b09a041ad3e002aa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://2royalbankcanada.com/lndex.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:43 GMT
Content-Encoding
gzip
Served-By
web04
Last-Modified
Thu, 30 Mar 2017 01:17:49 GMT
Age
16
X-Varnish-Server
v02
ETag
"6f17306-237c-54be8761950e5"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1509
X-Cache-Hits
1
main01.css
2royalbankcanada.com/files/
3 KB
970 B
Stylesheet
General
Full URL
http://2royalbankcanada.com/files/main01.css
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
6fd91600f77aa05ee1e02f5ab5091377d24e1423d8cd449af3b2ffceafef46e8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://2royalbankcanada.com/lndex.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:58 GMT
Content-Encoding
gzip
Served-By
web02
Last-Modified
Thu, 30 Mar 2017 01:17:54 GMT
Age
0
X-Varnish-Server
v02
ETag
"6f17315-dea-54be876685b45"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
970
X-Cache-Hits
0
main02.css
2royalbankcanada.com/files/
5 KB
1 KB
Stylesheet
General
Full URL
http://2royalbankcanada.com/files/main02.css
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
b2d491df3a0bdd20e431c8a352a5b4aacdd05f1be7a3eaaea5144962f7fbf41e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://2royalbankcanada.com/lndex.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:58 GMT
Content-Encoding
gzip
Served-By
web04
Last-Modified
Thu, 30 Mar 2017 01:17:55 GMT
Age
0
X-Varnish-Server
v01
ETag
"6f17317-14f1-54be8767da865"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1158
X-Cache-Hits
0
tabs.css
2royalbankcanada.com/files/
389 B
191 B
Stylesheet
General
Full URL
http://2royalbankcanada.com/files/tabs.css
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
593d555f93d2ab14881453bbf9c80f85b7f318be68393e61f9ea66f053227c1b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://2royalbankcanada.com/lndex.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:43 GMT
Content-Encoding
gzip
Served-By
web02
Last-Modified
Thu, 30 Mar 2017 01:18:22 GMT
Age
16
X-Varnish-Server
v01
ETag
"6f17342-185-54be8780bf925"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
191
X-Cache-Hits
1
a1.js
2royalbankcanada.com/
1 KB
246 B
Script
General
Full URL
http://2royalbankcanada.com/a1.js
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
7f51900a0f0df4f66aa96d9293ffc0b21311ac872e3b034b943a5e7bd7c72a49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
http://2royalbankcanada.com/lndex.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:16 GMT
Content-Encoding
gzip
Served-By
web03
Last-Modified
Thu, 30 Mar 2017 01:15:39 GMT
Age
42
X-Varnish-Server
v01
ETag
"6f171e4-499-54be86e5ad545"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
246
X-Cache-Hits
1
rbc_royalbank_en.gif
2royalbankcanada.com/files/
2 KB
2 KB
Image
General
Full URL
http://2royalbankcanada.com/files/rbc_royalbank_en.gif
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
60a22a3e93c410bc31c758f048c0c54e408690cb887f4cafc9db3ae54765f198

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://2royalbankcanada.com/lndex.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:16 GMT
Served-By
web03
Last-Modified
Thu, 30 Mar 2017 01:18:05 GMT
Age
42
X-Varnish-Server
v02
ETag
"6f17322-9ba-54be877096da5"
X-Cache
HIT
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2490
X-Cache-Hits
1
secure.gif
2royalbankcanada.com/files/
589 B
589 B
Image
General
Full URL
http://2royalbankcanada.com/files/secure.gif
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
fcd69ac86df7eecd7219c4d9b73b938736e64522e03ef115b6e857c9a82f1171

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://2royalbankcanada.com/lndex.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:16 GMT
Served-By
web04
Last-Modified
Thu, 30 Mar 2017 01:18:13 GMT
Age
42
X-Varnish-Server
v01
ETag
"6f1732f-24d-54be877871985"
X-Cache
HIT
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
589
X-Cache-Hits
2
screenreaderimage.gif
2royalbankcanada.com/files/
43 B
43 B
Image
General
Full URL
http://2royalbankcanada.com/files/screenreaderimage.gif
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://2royalbankcanada.com/lndex.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:58 GMT
Served-By
web02
Last-Modified
Thu, 30 Mar 2017 01:18:11 GMT
Age
0
X-Varnish-Server
v02
ETag
"6f1732a-2b-54be87763e1e5"
X-Cache
MISS
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
43
X-Cache-Hits
0
print.css
2royalbankcanada.com/files/
1 KB
501 B
Stylesheet
General
Full URL
http://2royalbankcanada.com/files/print.css
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
99f33b091cc50ecf1f5c4fe90f8a3f8e4320dc2eaef376e5743a28cc0cde6dfd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://2royalbankcanada.com/lndex.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:43 GMT
Content-Encoding
gzip
Served-By
web02
Last-Modified
Thu, 30 Mar 2017 01:18:01 GMT
Age
15
X-Varnish-Server
v01
ETag
"6f1731f-5a5-54be876d69605"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
501
X-Cache-Hits
1
highlight-house.gif
2royalbankcanada.com/files/
59 B
59 B
Image
General
Full URL
http://2royalbankcanada.com/files/highlight-house.gif
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
e74218f409ea0ff113fa0b5d281915ca6f769899a97702d555575cafc3ec71a9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://2royalbankcanada.com/lndex.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:43 GMT
Served-By
web02
Last-Modified
Thu, 30 Mar 2017 01:17:44 GMT
Age
16
X-Varnish-Server
v02
ETag
"6f172fd-3b-54be875d37de5"
X-Cache
HIT
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
59
X-Cache-Hits
1
btn_continue.gif
2royalbankcanada.com/files/
1020 B
1020 B
Image
General
Full URL
http://2royalbankcanada.com/files/btn_continue.gif
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
5ef09b87e0bd5b854561f66cb2b4dcf13817271e20c6591b7a223d18b69a3d9d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://2royalbankcanada.com/lndex.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:43 GMT
Served-By
web04
Last-Modified
Thu, 30 Mar 2017 01:17:19 GMT
Age
16
X-Varnish-Server
v01
ETag
"6f172af-3fc-54be8744ced85"
X-Cache
HIT
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1020
X-Cache-Hits
1
newwindow.gif
2royalbankcanada.com/files/
319 B
319 B
Image
General
Full URL
http://2royalbankcanada.com/files/newwindow.gif
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
1dfdc9c1479cd6f057202c500743628d6f5372fcdb8c296dba1c62f1eb5870a7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://2royalbankcanada.com/lndex.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:16 GMT
Served-By
web04
Last-Modified
Thu, 30 Mar 2017 01:17:58 GMT
Age
42
X-Varnish-Server
v02
ETag
"6f1731b-13f-54be876a1bac5"
X-Cache
HIT
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
319
X-Cache-Hits
2
bg-legacy.gif
2royalbankcanada.com/files/
15 KB
15 KB
Image
General
Full URL
http://2royalbankcanada.com/files/bg-legacy.gif
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
8536a6a63cbeea431a6929ef06fdfd91edcee60876f34bba06cb68e1586d8abc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://2royalbankcanada.com/files/common.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/files/common.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:43 GMT
Served-By
web04
Last-Modified
Thu, 30 Mar 2017 01:17:17 GMT
Age
16
X-Varnish-Server
v02
ETag
"6f172a9-3ad9-54be8742d5f65"
X-Cache
HIT
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
15065
X-Cache-Hits
1
secure-bg.gif
2royalbankcanada.com/files/
5 KB
5 KB
Image
General
Full URL
http://2royalbankcanada.com/files/secure-bg.gif
Requested by
Host: 2royalbankcanada.com
URL: http://2royalbankcanada.com/lndex.php
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
775bd9df2c430495e3622fefc74b708cdb16b1ea9afbe4f185be00aea9151257

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://2royalbankcanada.com/files/common.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/files/common.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:17 GMT
Served-By
web03
Last-Modified
Thu, 30 Mar 2017 01:18:13 GMT
Age
42
X-Varnish-Server
v01
ETag
"6f1732e-1599-54be87782c425"
X-Cache
HIT
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
5529
X-Cache-Hits
1
favicon.ico
2royalbankcanada.com/
966 B
557 B
Other
General
Full URL
http://2royalbankcanada.com/favicon.ico
Protocol
HTTP/1.1
Server
185.81.156.53 Villejuif, France, ASN198375 (INU-AS, FR),
Reverse DNS
front03.pf3.vitry.inulogic.com
Software
/
Resource Hash
56c5dc812c2e62fd10094dcf7817d3425752c2a7fec081966b302ae4610445ca

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
2royalbankcanada.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://2royalbankcanada.com/lndex.php
Cookie
PPAGE=ChangePVQsA
Connection
keep-alive
Cache-Control
no-cache
Referer
http://2royalbankcanada.com/lndex.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

X-Varnish-Cache
POSSIBLE
Date
Sun, 02 Apr 2017 15:00:16 GMT
Content-Encoding
gzip
Served-By
web04
Last-Modified
Wed, 29 Mar 2017 23:25:29 GMT
Age
42
X-Varnish-Server
v01
ETag
"6f18aae-3c6-54be6e464e3e9"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html
Content-Length
557
X-Cache-Hits
1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: RBC (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
2royalbankcanada.com/ Name: PPAGE
Value: ChangePVQsA