Submitted URL: http://ctbcbanktw.top/
Effective URL: https://ctbcbanktw.top/
Submission: On October 26 via api from NL — Scanned from NL

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 172.67.138.144, located in United States and belongs to CLOUDFLARENET, US. The main domain is ctbcbanktw.top.
TLS certificate: Issued by WE1 on October 25th 2024. Valid for: 3 months.
This is the only time ctbcbanktw.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: CTBC Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
5 172.67.138.144 13335 (CLOUDFLAR...)
5 2
Apex Domain
Subdomains
Transfer
5 ctbcbanktw.top
ctbcbanktw.top
2 MB
5 1
Domain Requested by
5 ctbcbanktw.top ctbcbanktw.top
5 1

This site contains links to these domains. Also see Links.

Domain
www.ctbcbank.com
www.ctbcprivatebank.com
Subject Issuer Validity Valid
ctbcbanktw.top
WE1
2024-10-25 -
2025-01-23
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ctbcbanktw.top/
Frame ID: 18AB5AA4AE39554CA21D932FAC31DFBD
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

中國信託商業銀行

Page URL History Show full URLs

  1. http://ctbcbanktw.top/ HTTP 307
    https://ctbcbanktw.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1721 kB
Transfer

4935 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ctbcbanktw.top/ HTTP 307
    https://ctbcbanktw.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ctbcbanktw.top/
Redirect Chain
  • http://ctbcbanktw.top/
  • https://ctbcbanktw.top/
446 B
916 B
Document
General
Full URL
https://ctbcbanktw.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3975d0d483e10580ea274e6f8320b49a840c08f9f17c486d74f5d030dc7bbc63

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d8748dceaea2a62-CDG
content-encoding
br
content-type
text/html
date
Sat, 26 Oct 2024 03:15:55 GMT
last-modified
Sat, 26 Oct 2024 02:01:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XKI20yvoVaND06HXiNQVCQoSrJ2iB%2BDsHjJxtfxIV6nYLtsNsrOAEigurabz7SdHa5agCnObQDRLKh1pIIjuHS%2BoE5hp6%2BszcLtQK1q6EdjX8%2BoR69HOzyQKdgvd3wTjEA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=48093&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4144&recv_bytes=4485&delivery_rate=411&cwnd=12000&unsent_bytes=0&cid=32cda690a94c5c41&ts=462&x=1" cfExtPri cfHdrFlush;dur=0

Redirect headers

Location
https://ctbcbanktw.top/
Non-Authoritative-Reason
HttpsUpgrades
index-BwnNfrKl.js
ctbcbanktw.top/assets/
2 MB
766 KB
Script
General
Full URL
https://ctbcbanktw.top/assets/index-BwnNfrKl.js
Requested by
Host: ctbcbanktw.top
URL: https://ctbcbanktw.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d27eacdb0189e19f1cd71b539c82907a50894cb756e18a86f3ebf4374618e90b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ctbcbanktw.top
Referer
https://ctbcbanktw.top/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"671c4d7b-251096"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zh5npbP1ZOOoc66vta%2F4fLsAvxNejvBk6iVkfbk9op2gb2z%2FrhuEaHGAQj3C%2BXdQcUGhMp3EVKEoT6tFccuqOdOiVf5Pjt1D6IFl%2BdwAnUSPFQNM9J9BXJKWiazV8NOx2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 15:15:43 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47470&sent=14&recv=13&lost=0&retrans=0&sent_bytes=5130&recv_bytes=5173&delivery_rate=22338&cwnd=12000&unsent_bytes=0&cid=32cda690a94c5c41&ts=1179&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 26 Oct 2024 03:15:56 GMT
content-type
application/javascript
last-modified
Sat, 26 Oct 2024 02:01:31 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8748dfec092a62-CDG
server
cloudflare
index-iWLZaQ3n.css
ctbcbanktw.top/assets/
2 MB
933 KB
Stylesheet
General
Full URL
https://ctbcbanktw.top/assets/index-iWLZaQ3n.css
Requested by
Host: ctbcbanktw.top
URL: https://ctbcbanktw.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1459d149922adabf47ed8b8ead81ddf609d5592788f52a6bac7b33757560e70

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ctbcbanktw.top
Referer
https://ctbcbanktw.top/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"671c4d7f-2780d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QHQhHMU4OW8iJhDNjs2hlPuAKatdHsgMemm1B%2BIhL1WNi7kHr3sFMhxeeNHX4JUB%2FOetc1H7N4eWRM60zakN21W3UhQKHZyR5BD9mRn2vwAHBMqumgoGOnmChS4FGemAeA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 15:15:43 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47470&sent=24&recv=13&lost=0&retrans=0&sent_bytes=17130&recv_bytes=5173&delivery_rate=22338&cwnd=12000&unsent_bytes=0&cid=32cda690a94c5c41&ts=1209&x=1", cfExtPri, cfHdrFlush;dur=13
date
Sat, 26 Oct 2024 03:15:56 GMT
content-type
text/css
last-modified
Sat, 26 Oct 2024 02:01:35 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8748dfec0a2a62-CDG
server
cloudflare
truncated
/
562 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b38a55b2a2f8eb161c35463e5fd7a6c13164fbaf14adad1c6fb69710de9582e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
loading_owl-BqDTsvzB.gif
ctbcbanktw.top/assets/
22 KB
17 KB
Image
General
Full URL
https://ctbcbanktw.top/assets/loading_owl-BqDTsvzB.gif
Requested by
Host: ctbcbanktw.top
URL: https://ctbcbanktw.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f19e9a12014a336da53374ebaaa1063e6aba0ee94545b4b5bf9b0830e11ba7f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ctbcbanktw.top/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"671c4d80-571f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKtIHEM1iSI96Bp9k8EFWF1K47JNNnZHAq8%2BnCVzSSto6ILvGUjFE7m4aY66ygcxg95IHVB29QqW%2BCNEjMUmsMiW8Rtl95TZmT79T7mY6ZXrU0XnBhM%2BH%2BjWGLYE4j4pEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 25 Nov 2024 03:15:45 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43157&sent=1529&recv=220&lost=0&retrans=0&sent_bytes=1784654&recv_bytes=14796&delivery_rate=5047174&cwnd=261300&unsent_bytes=0&cid=32cda690a94c5c41&ts=3818&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 26 Oct 2024 03:15:58 GMT
content-type
image/gif
last-modified
Sat, 26 Oct 2024 02:01:36 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8748f049e22a62-CDG
server
cloudflare
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9682bad4773031ad569063207d66da932b12e956b42f468136f52c1ae54c03f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
411 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43380e29ccc4bf7873770ebd664baa5b91fe98a86789be1d3fc712f22eb6020d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
245 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2276f70eaefac25473bb47fedf36d72211861ce951543e69487a80ace2397c35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
300 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e2eeaac99b4cf71d9dfeca3bb984e481533a6a6473910212cfa68dae9921612

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
246 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dae65218fb285b095b08cf0e0631ec639b606c4ea60f239e485598cc76f6d03f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
314 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd89b362aa651096b75e927c0230c23691936067c218a202661085c1a95dace1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
favicon.ico
ctbcbanktw.top/
5 KB
4 KB
Other
General
Full URL
https://ctbcbanktw.top/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e68c6b0aefb93dcd79dea97f8ddb15802c0752f69e7303bea9fc0096f880836b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ctbcbanktw.top/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"671c4d78-1536"
age
1763
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FTpr7ctzBiOTfiYfgNXLuPhML5CLUvOiJikRxGQzUln9KsDm%2FvYE2gPWU4sdEEzDIOjpPN6oUseWsYVNBh%2BrvNR1zmZKoh21kt%2FUpqL8tl4haMAmspuFAmkLBTloLNMDA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43127&sent=1545&recv=222&lost=0&retrans=0&sent_bytes=1802244&recv_bytes=15191&delivery_rate=24808&cwnd=261300&unsent_bytes=0&cid=32cda690a94c5c41&ts=3876&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 26 Oct 2024 03:15:58 GMT
content-type
image/x-icon
last-modified
Sat, 26 Oct 2024 02:01:28 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8748f4cb572a62-CDG
server
cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: CTBC Bank (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| __vueuse_ssr_handlers__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ object| regeneratorRuntime object| layer function| JsBarcode object| $cookies boolean| __VUE__

0 Cookies