www.unionbank.ceramikaydekorados.com
Open in
urlscan Pro
162.241.60.255
Malicious Activity!
Public Scan
Submission: On February 25 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on February 2nd 2023. Valid for: 3 months.
This is the only time www.unionbank.ceramikaydekorados.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Union Bank of the Philippines (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 162.241.60.255 162.241.60.255 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
2 4 | 2606:4700::68... 2606:4700::6810:7caf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2.23.97.178 2.23.97.178 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
16 | 6 |
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 162-241-60-255.unifiedlayer.com
www.unionbank.ceramikaydekorados.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-178.deploy.static.akamaitechnologies.com
online.unionbankph.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
ceramikaydekorados.com
www.unionbank.ceramikaydekorados.com |
320 KB |
4 |
unpkg.com
2 redirects
unpkg.com — Cisco Umbrella Rank: 761 |
16 KB |
3 |
unionbankph.com
online.unionbankph.com — Cisco Umbrella Rank: 313286 |
449 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 788 |
7 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 195 |
14 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 693 |
31 KB |
16 | 6 |
Domain | Requested by | |
---|---|---|
8 | www.unionbank.ceramikaydekorados.com |
www.unionbank.ceramikaydekorados.com
|
4 | unpkg.com |
2 redirects
www.unionbank.ceramikaydekorados.com
|
3 | online.unionbankph.com |
www.unionbank.ceramikaydekorados.com
|
1 | maxcdn.bootstrapcdn.com |
www.unionbank.ceramikaydekorados.com
|
1 | cdnjs.cloudflare.com |
www.unionbank.ceramikaydekorados.com
|
1 | code.jquery.com |
www.unionbank.ceramikaydekorados.com
|
16 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ceramikaydekorados.com R3 |
2023-02-02 - 2023-05-03 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
online.unionbankph.com GlobalSign Extended Validation CA - SHA256 - G3 |
2022-10-17 - 2023-11-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.unionbank.ceramikaydekorados.com/
Frame ID: 5940EDF89FCB5000E52BFA33115B43D5
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Union Bank of the PhilippinesDetected technologies
Alpine.js (JavaScript frameworks) ExpandDetected patterns
- <[^>]+[^\w-]x-data[^\w-][^<]+
Ant Design (JavaScript Frameworks) Expand
Detected patterns
- <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://unpkg.com/alpinejs@3.x.x/dist/cdn.min.js HTTP 302
- https://unpkg.com/alpinejs@3.11.1/dist/cdn.min.js
- https://unpkg.com/@alpinejs/persist@3.x.x/dist/cdn.min.js HTTP 302
- https://unpkg.com/@alpinejs/persist@3.11.1/dist/cdn.min.js
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.unionbank.ceramikaydekorados.com/ |
68 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.3.min.js
code.jquery.com/ |
88 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fae70cfb8bad4187caae.css
www.unionbank.ceramikaydekorados.com/assets/ |
226 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ef8286c6d8339f3f5050.css
www.unionbank.ceramikaydekorados.com/assets/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0089da83917d9e4611a5.css
www.unionbank.ceramikaydekorados.com/assets/ |
2 KB 643 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
56f5b3db29ac1f3e6b94.css
www.unionbank.ceramikaydekorados.com/assets/ |
926 KB 200 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cdn.min.js
unpkg.com/alpinejs@3.11.1/dist/ Redirect Chain
|
40 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cdn.min.js
unpkg.com/@alpinejs/persist@3.11.1/dist/ Redirect Chain
|
626 B 482 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ |
47 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
77bcca0a353436ad0ea0.png
online.unionbankph.com/online-banking/ |
82 KB 83 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
58cfe04e893f01896e51.png
online.unionbankph.com/online-banking/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
www.unionbank.ceramikaydekorados.com/ |
128 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8c9480f4bf7dd79ae693.png
online.unionbankph.com/online-banking/ |
358 KB 358 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4cad99e6a344e4d69fc5.ttf
www.unionbank.ceramikaydekorados.com/online-banking/ |
0 18 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9db8bbe1f50d6c57847c.ttf
www.unionbank.ceramikaydekorados.com/online-banking/ |
0 18 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Union Bank of the Philippines (Banking)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery object| CryptoJS function| _0x13a594 function| _0x4aa4 function| _0x1776a2 function| _0x5271c7 function| ub function| _0x346c94 function| _0x320f function| _0x34effb function| _0x39fab9 object| Alpine0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
code.jquery.com
maxcdn.bootstrapcdn.com
online.unionbankph.com
unpkg.com
www.unionbank.ceramikaydekorados.com
162.241.60.255
2.23.97.178
2001:4de0:ac18::1:a:1b
2606:4700::6810:7caf
2606:4700::6811:190e
2606:4700::6812:bcf
03c1ce963c323b9254ab601832c2630da3f4607d8b8fd33bbaad36c2622292f8
03d12a13fc3b1126405c0e0f7bdfdc197f8c64c1ac608c7e759228291f0c1b97
481f237f5a19ceb4a4f2f4e7918dda78f041b492e438f46edcf9ae78b77bbfab
6fe156a0cbf68b8e34b11079b1b4ba5f5aaf67a2f61278cb226e7ab11d5d9d1f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
903cde6ca8e4be563f02e5b1a7a75e676a08c6809141b42e90d1db43a8258ab3
98beb0e665f5d2724b955f00a4b80a0c5db2ba5bb8830054482a75c4384eedaa
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
addcc131568abc7aa9a29970192293be04b775523e8236884d0b7522530d8a53
b80a5858ecff354ce9df3bfa7f5b75bc041dcf36defe9af8ed3f495b6cb7acf3
b9a4c593506d5e83c9f7f382c837e2174133ef51bd5729f5068c186ae4d7d559
c832fe55fc65f709def6e7dadfb4fbe326fbe0347896bb47e2e1e629b037b66f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e567d07017d0775ae5e5e27531649630d1d95d32cbe75ec04c84da4c0b4324d8