www.unionbank.ceramikaydekorados.com Open in urlscan Pro
162.241.60.255 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.unionbank.ceramikaydekorados.com/
Submission: On February 25 via automatic, source certstream-suspicious (February 25th 2023, 4:00:13 am UTC) — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 16 HTTP transactions. The main IP is 162.241.60.255, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is www.unionbank.ceramikaydekorados.com.
TLS certificate: Issued by R3 on February 2nd 2023. Valid for: 3 months.

This is the only time www.unionbank.ceramikaydekorados.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Union Bank of the Philippines (Banking)

Domain & IP information

	IP Address	AS Autonomous System
8	162.241.60.255 162.241.60.255	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
2 4	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2.23.97.178 2.23.97.178	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	6

8 162.241.60.255 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 162-241-60-255.unifiedlayer.com

www.unionbank.ceramikaydekorados.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7caf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.23.97.178 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-178.deploy.static.akamaitechnologies.com

online.unionbankph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	ceramikaydekorados.com www.unionbank.ceramikaydekorados.com	320 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 761	16 KB
3	unionbankph.com online.unionbankph.com — Cisco Umbrella Rank: 313286	449 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 788	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	14 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 693	31 KB
16	6

	Domain	Requested by
8	www.unionbank.ceramikaydekorados.com	www.unionbank.ceramikaydekorados.com
4	unpkg.com	2 redirects www.unionbank.ceramikaydekorados.com
3	online.unionbankph.com	www.unionbank.ceramikaydekorados.com
1	maxcdn.bootstrapcdn.com	www.unionbank.ceramikaydekorados.com
1	cdnjs.cloudflare.com	www.unionbank.ceramikaydekorados.com
1	code.jquery.com	www.unionbank.ceramikaydekorados.com
16	6

This site contains no links.

Subject Issuer	Validity	Valid
ceramikaydekorados.com R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
online.unionbankph.com GlobalSign Extended Validation CA - SHA256 - G3	`2022-10-17` - `2023-11-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.unionbank.ceramikaydekorados.com/
Frame ID: 5940EDF89FCB5000E52BFA33115B43D5
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Union Bank of the Philippines

Detected technologies

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 75%
Detected patterns

<[^>]+[^\w-]x-data[^\w-][^<]+

Ant Design (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

38 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

838 kB
Transfer

2008 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://unpkg.com/alpinejs@3.x.x/dist/cdn.min.js HTTP 302
https://unpkg.com/alpinejs@3.11.1/dist/cdn.min.js

Request Chain 6

https://unpkg.com/@alpinejs/persist@3.x.x/dist/cdn.min.js HTTP 302
https://unpkg.com/@alpinejs/persist@3.11.1/dist/cdn.min.js

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.unionbank.ceramikaydekorados.com/ 68 KB
18 KB 1103ms
268ms Document
text/html 162.241.60.255
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unionbank.ceramikaydekorados.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.60.255 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-60-255.unifiedlayer.com
Software: Apache /
Resource Hash: 903cde6ca8e4be563f02e5b1a7a75e676a08c6809141b42e90d1db43a8258ab3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 25 Feb 2023 04:00:06 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 jquery-3.6.3.min.js Show response
code.jquery.com/ 88 KB
31 KB 145ms
43ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.3.min.js
Requested by: Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

Referer: https://www.unionbank.ceramikaydekorados.com/
Origin: https://www.unionbank.ceramikaydekorados.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 04:00:07 GMT
content-encoding: gzip
last-modified: Tue, 20 Dec 2022 21:10:40 GMT
server: nginx
etag: W/"63a224d0-15f5b"
vary: Accept-Encoding
x-hw: 1677297607.dop107.fr8.t,1677297607.cds320.fr8.hn,1677297607.cds203.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 31046

GET
H2 200 fae70cfb8bad4187caae.css
www.unionbank.ceramikaydekorados.com/assets/ 226 KB
49 KB 154ms
153ms Stylesheet
text/css 162.241.60.255
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unionbank.ceramikaydekorados.com/assets/fae70cfb8bad4187caae.css
Requested by: Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.60.255 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-60-255.unifiedlayer.com
Software: Apache /
Resource Hash: 03d12a13fc3b1126405c0e0f7bdfdc197f8c64c1ac608c7e759228291f0c1b97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionbank.ceramikaydekorados.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 04:00:07 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 18:48:24 GMT
server: Apache
accept-ranges: none
vary: Accept-Encoding
content-type: text/css

GET
H2 200 ef8286c6d8339f3f5050.css
www.unionbank.ceramikaydekorados.com/assets/ 5 KB
2 KB 143ms
141ms Stylesheet
text/css 162.241.60.255
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unionbank.ceramikaydekorados.com/assets/ef8286c6d8339f3f5050.css
Requested by: Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.60.255 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-60-255.unifiedlayer.com
Software: Apache /
Resource Hash: b80a5858ecff354ce9df3bfa7f5b75bc041dcf36defe9af8ed3f495b6cb7acf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionbank.ceramikaydekorados.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 04:00:07 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 18:48:18 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: none
content-length: 1659

GET
H2 200 0089da83917d9e4611a5.css
www.unionbank.ceramikaydekorados.com/assets/ 2 KB
643 B 142ms
142ms Stylesheet
text/css 162.241.60.255
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unionbank.ceramikaydekorados.com/assets/0089da83917d9e4611a5.css
Requested by: Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.60.255 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-60-255.unifiedlayer.com
Software: Apache /
Resource Hash: 6fe156a0cbf68b8e34b11079b1b4ba5f5aaf67a2f61278cb226e7ab11d5d9d1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionbank.ceramikaydekorados.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 04:00:07 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 18:48:14 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: none
content-length: 588

GET
H2 200 56f5b3db29ac1f3e6b94.css
www.unionbank.ceramikaydekorados.com/assets/ 926 KB
200 KB 287ms
287ms Stylesheet
text/css 162.241.60.255
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unionbank.ceramikaydekorados.com/assets/56f5b3db29ac1f3e6b94.css
Requested by: Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.60.255 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-60-255.unifiedlayer.com
Software: Apache /
Resource Hash: 481f237f5a19ceb4a4f2f4e7918dda78f041b492e438f46edcf9ae78b77bbfab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionbank.ceramikaydekorados.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 04:00:07 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 18:48:06 GMT
server: Apache
accept-ranges: none
vary: Accept-Encoding
content-type: text/css

GET
H2

200

cdn.min.js Show response
unpkg.com/alpinejs@3.11.1/dist/
Redirect Chain

https://unpkg.com/alpinejs@3.x.x/dist/cdn.min.js
https://unpkg.com/alpinejs@3.11.1/dist/cdn.min.js

40 KB
15 KB

50ms
50ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/alpinejs@3.11.1/dist/cdn.min.js

Requested by

Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c832fe55fc65f709def6e7dadfb4fbe326fbe0347896bb47e2e1e629b037b66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionbank.ceramikaydekorados.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 04:00:07 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3321347
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GQ0C58G0RJFQMRBVCQHTN043-fra
server: cloudflare
etag: W/"a189-HF5Aobd/qvljxt08i5meixNxEOw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ed88407f662be9-FRA

Redirect headers

date: Sat, 25 Feb 2023 04:00:07 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GT3BD5NZG3STRT1G2AY43AJ4-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 249
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /alpinejs@3.11.1/dist/cdn.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 79ed88402f272be9-FRA

GET
H2

200

cdn.min.js Show response
unpkg.com/@alpinejs/persist@3.11.1/dist/
Redirect Chain

https://unpkg.com/@alpinejs/persist@3.x.x/dist/cdn.min.js
https://unpkg.com/@alpinejs/persist@3.11.1/dist/cdn.min.js

626 B
482 B

49ms
49ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@alpinejs/persist@3.11.1/dist/cdn.min.js

Requested by

Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

addcc131568abc7aa9a29970192293be04b775523e8236884d0b7522530d8a53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionbank.ceramikaydekorados.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 04:00:07 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3320800
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GQ0CNYTX2JNNHM3QNW76VHVX-fra
server: cloudflare
etag: W/"272-26hgMvwsu72d4j/KfBklq4z7UKU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ed884158352be9-FRA

Redirect headers

date: Sat, 25 Feb 2023 04:00:07 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GT3BC7XTZB7Z61KB3BM65Y4G-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 278
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@alpinejs/persist@3.11.1/dist/cdn.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 79ed88408f6e2be9-FRA

GET
H2 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 47 KB
14 KB 143ms
61ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

Requested by

Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.unionbank.ceramikaydekorados.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 04:00:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6425319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13972
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61182885-3694"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouYiQyEqF8KFK48XN93PCsi9szx9iXZz6dYZOJG8TT0CGR%2BpKXfNXly2gCdOXwBl%2Fdyoj6bWjfvGlUMU%2FF2EWyKgG67cpYkKBM6APbsz2jrtgP5DR7fgGekRBH6Py5LbyMeB4dCrXqsow%2BgDIk6TLeTB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79ed883cbd039bf5-FRA
expires: Thu, 15 Feb 2024 04:00:07 GMT

GET
H/1.1 200
OK 77bcca0a353436ad0ea0.png
online.unionbankph.com/online-banking/ 82 KB
83 KB 574ms
226ms Image
image/png 2.23.97.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.unionbankph.com/online-banking/77bcca0a353436ad0ea0.png

Requested by

Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.23.97.178 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-23-97-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

98beb0e665f5d2724b955f00a4b80a0c5db2ba5bb8830054482a75c4384eedaa

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' appdynamics.com .appdynamics.com facebook.net .facebook.net google-analytics.com .google-analytics.com cloudfront.net .cloudfront.net google.com .google.com gstatic.com .gstatic.com googleapis.com .googleapis.com images-home.com .images-home.com *.walkme.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionbank.ceramikaydekorados.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: script-src 'self' appdynamics.com *.appdynamics.com facebook.net *.facebook.net google-analytics.com *.google-analytics.com cloudfront.net *.cloudfront.net google.com *.google.com gstatic.com *.gstatic.com googleapis.com *.googleapis.com images-home.com *.images-home.com *.walkme.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Sat, 25 Feb 2023 04:00:08 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 84281
X-XSS-Protection: 1; mode=block
Pragma
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 03 Feb 2023 04:24:28 GMT
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: max-age=75546
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Expires: Sun, 26 Feb 2023 00:59:14 GMT

GET
H/1.1 200
OK 58cfe04e893f01896e51.png
online.unionbankph.com/online-banking/ 7 KB
8 KB 564ms
216ms Image
image/png 2.23.97.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.unionbankph.com/online-banking/58cfe04e893f01896e51.png

Requested by

Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.23.97.178 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-23-97-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

b9a4c593506d5e83c9f7f382c837e2174133ef51bd5729f5068c186ae4d7d559

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' appdynamics.com .appdynamics.com facebook.net .facebook.net google-analytics.com .google-analytics.com cloudfront.net .cloudfront.net google.com .google.com gstatic.com .gstatic.com googleapis.com .googleapis.com images-home.com .images-home.com *.walkme.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionbank.ceramikaydekorados.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: script-src 'self' appdynamics.com *.appdynamics.com facebook.net *.facebook.net google-analytics.com *.google-analytics.com cloudfront.net *.cloudfront.net google.com *.google.com gstatic.com *.gstatic.com googleapis.com *.googleapis.com images-home.com *.images-home.com *.walkme.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Sat, 25 Feb 2023 04:00:08 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 6841
X-XSS-Protection: 1; mode=block
Pragma
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 03 Feb 2023 04:24:28 GMT
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: max-age=52340
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Expires: Sat, 25 Feb 2023 18:32:28 GMT

GET
H2 200 script.js Show response
www.unionbank.ceramikaydekorados.com/ 128 KB
50 KB 267ms
267ms Script
application/javascript 162.241.60.255
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unionbank.ceramikaydekorados.com/script.js
Requested by: Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.60.255 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-60-255.unifiedlayer.com
Software: Apache /
Resource Hash: e567d07017d0775ae5e5e27531649630d1d95d32cbe75ec04c84da4c0b4324d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionbank.ceramikaydekorados.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 04:00:07 GMT
content-encoding: gzip
last-modified: Sat, 25 Feb 2023 04:00:07 GMT
server: Apache
accept-ranges: none
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 134ms
51ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/assets/56f5b3db29ac1f3e6b94.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionbank.ceramikaydekorados.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 04:00:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 3744990
cdn-cachedat: 03/12/2022 14:32:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d59b1bc690982b057c0e17bb58696d82
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 79ed88403e2f90d6-FRA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 8c9480f4bf7dd79ae693.png
online.unionbankph.com/online-banking/ 358 KB
358 KB 567ms
228ms Image
image/png 2.23.97.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.unionbankph.com/online-banking/8c9480f4bf7dd79ae693.png

Requested by

Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.23.97.178 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-23-97-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

03c1ce963c323b9254ab601832c2630da3f4607d8b8fd33bbaad36c2622292f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' appdynamics.com .appdynamics.com facebook.net .facebook.net google-analytics.com .google-analytics.com cloudfront.net .cloudfront.net google.com .google.com gstatic.com .gstatic.com googleapis.com .googleapis.com images-home.com .images-home.com *.walkme.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionbank.ceramikaydekorados.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: script-src 'self' appdynamics.com *.appdynamics.com facebook.net *.facebook.net google-analytics.com *.google-analytics.com cloudfront.net *.cloudfront.net google.com *.google.com gstatic.com *.gstatic.com googleapis.com *.googleapis.com images-home.com *.images-home.com *.walkme.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Sat, 25 Feb 2023 04:00:08 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 366107
X-XSS-Protection: 1; mode=block
Pragma
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 03 Feb 2023 04:24:28 GMT
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: max-age=61227
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Expires: Sat, 25 Feb 2023 21:00:35 GMT

GET
H2 200 4cad99e6a344e4d69fc5.ttf
www.unionbank.ceramikaydekorados.com/online-banking/ 0
18 B 148ms
147ms Font
text/html 162.241.60.255
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unionbank.ceramikaydekorados.com/online-banking/4cad99e6a344e4d69fc5.ttf
Requested by: Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/assets/56f5b3db29ac1f3e6b94.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.60.255 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-60-255.unifiedlayer.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.unionbank.ceramikaydekorados.com/assets/56f5b3db29ac1f3e6b94.css
Origin: https://www.unionbank.ceramikaydekorados.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 04:00:07 GMT
server: Apache
accept-ranges: none
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 9db8bbe1f50d6c57847c.ttf
www.unionbank.ceramikaydekorados.com/online-banking/ 0
18 B 149ms
149ms Font
text/html 162.241.60.255
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unionbank.ceramikaydekorados.com/online-banking/9db8bbe1f50d6c57847c.ttf
Requested by: Host: www.unionbank.ceramikaydekorados.com
URL: https://www.unionbank.ceramikaydekorados.com/assets/56f5b3db29ac1f3e6b94.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.60.255 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-60-255.unifiedlayer.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.unionbank.ceramikaydekorados.com/assets/56f5b3db29ac1f3e6b94.css
Origin: https://www.unionbank.ceramikaydekorados.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 04:00:07 GMT
server: Apache
accept-ranges: none
content-length: 0
content-type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Union Bank of the Philippines (Banking)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.unionbank.ceramikaydekorados.com/ Message: Failed to decode downloaded font: https://www.unionbank.ceramikaydekorados.com/online-banking/4cad99e6a344e4d69fc5.ttf
other	warning	URL: https://www.unionbank.ceramikaydekorados.com/ Message: Failed to decode downloaded font: https://www.unionbank.ceramikaydekorados.com/online-banking/4cad99e6a344e4d69fc5.ttf
other	warning	URL: https://www.unionbank.ceramikaydekorados.com/ Message: Failed to decode downloaded font: https://www.unionbank.ceramikaydekorados.com/online-banking/9db8bbe1f50d6c57847c.ttf

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
maxcdn.bootstrapcdn.com
online.unionbankph.com
unpkg.com
www.unionbank.ceramikaydekorados.com
162.241.60.255
2.23.97.178
2001:4de0:ac18::1:a:1b
2606:4700::6810:7caf
2606:4700::6811:190e
2606:4700::6812:bcf
03c1ce963c323b9254ab601832c2630da3f4607d8b8fd33bbaad36c2622292f8
03d12a13fc3b1126405c0e0f7bdfdc197f8c64c1ac608c7e759228291f0c1b97
481f237f5a19ceb4a4f2f4e7918dda78f041b492e438f46edcf9ae78b77bbfab
6fe156a0cbf68b8e34b11079b1b4ba5f5aaf67a2f61278cb226e7ab11d5d9d1f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
903cde6ca8e4be563f02e5b1a7a75e676a08c6809141b42e90d1db43a8258ab3
98beb0e665f5d2724b955f00a4b80a0c5db2ba5bb8830054482a75c4384eedaa
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
addcc131568abc7aa9a29970192293be04b775523e8236884d0b7522530d8a53
b80a5858ecff354ce9df3bfa7f5b75bc041dcf36defe9af8ed3f495b6cb7acf3
b9a4c593506d5e83c9f7f382c837e2174133ef51bd5729f5068c186ae4d7d559
c832fe55fc65f709def6e7dadfb4fbe326fbe0347896bb47e2e1e629b037b66f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e567d07017d0775ae5e5e27531649630d1d95d32cbe75ec04c84da4c0b4324d8

www.unionbank.ceramikaydekorados.com Open in urlscan Pro 162.241.60.255 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

38 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

838 kBTransfer

2008 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

www.unionbank.ceramikaydekorados.com Open in urlscan Pro
162.241.60.255 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

38 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

838 kB
Transfer

2008 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!