vcbbankdigi.com Open in urlscan Pro
103.173.226.53 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vcbbankdigi.com/
Submission: On March 25 via automatic, source chongluadao (March 25th 2022, 7:01:10 am UTC) — Scanned from DE

Summary HTTP 23 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 23 HTTP transactions. The main IP is 103.173.226.53, located in Viet Nam and belongs to INTERDATA-AS-VN INTER GROUP VIET NAM JOINT STOCK COMPANY, VN. The main domain is vcbbankdigi.com.
TLS certificate: Issued by R3 on March 24th 2022. Valid for: 3 months.

This is the only time vcbbankdigi.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Vietcombank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3	103.173.226.53 103.173.226.53	140826 (INTERDATA...) (INTERDATA-AS-VN INTER GROUP VIET NAM JOINT STOCK COMPANY)
15	172.247.109.43 172.247.109.43	40065 (CNSERVERS) (CNSERVERS)
1	188.114.97.7 188.114.97.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	4

3 103.173.226.53 (Viet Nam)

ASN140826 (INTERDATA-AS-VN INTER GROUP VIET NAM JOINT STOCK COMPANY, VN)

vcbbankdigi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.247.109.43 (United States)

ASN40065 (CNSERVERS, US)

vcbdigibank.vietinb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.7 (Medellín, Colombia)

ASN13335 (CLOUDFLARENET, US)

cdn.bootcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	vietinb.com vcbdigibank.vietinb.com	400 KB
3	vcbbankdigi.com vcbbankdigi.com	8 KB
1	bootcss.com cdn.bootcss.com — Cisco Umbrella Rank: 46113	20 KB
0	cnzz.com Failed v1.cnzz.com Failed
23	4

	Domain	Requested by
15	vcbdigibank.vietinb.com	vcbbankdigi.com vcbdigibank.vietinb.com
3	vcbbankdigi.com	vcbbankdigi.com vcbdigibank.vietinb.com
1	cdn.bootcss.com	vcbbankdigi.com
0	v1.cnzz.com Failed	vcbbankdigi.com
23	4

This site contains links to these domains. Also see Links.

Domain
digibankm5.vietcombank.com.vn
vcbdigibank.vietinb.com

Subject Issuer	Validity	Valid
vcbbankdigi.com R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
vcbdigibank.vietinb.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.bootcss.com E1	`2022-02-11` - `2022-05-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://vcbbankdigi.com/
Frame ID: 18509099F00502B10AD3D1088CCA5266
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vietcombank

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

428 kB
Transfer

1267 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://digibankm5.vietcombank.com.vn/get_file/ibomni/html/chuyen-doi-ib-en.pdf
Title: Hướng dẫn chuyển đổi sang VCB Digibank

Search URL Search Domain Scan URL

URL: https://digibankm5.vietcombank.com.vn/get_file/ibomni/html/dieu-khoan-dk-kh-ca-nhan-en.html
Title: Điều khoản sử dụng dịch vụ

Search URL Search Domain Scan URL

URL: https://digibankm5.vietcombank.com.vn/get_file/ibomni/html/EBanking-service-tariff.html
Title: Biểu phí dịch vụ

Search URL Search Domain Scan URL

URL: https://digibankm5.vietcombank.com.vn/get_file/ibomni/html/hdsdib/hdsd-en.pdf
Title: Hướng dẫn sử dụng dịch vụ

Search URL Search Domain Scan URL

URL: https://digibankm5.vietcombank.com.vn/get_file/ibomni/html/huong-dan-giao-dich-an-toan-en.html
Title: Hướng dẫn giao dịch an toàn

Search URL Search Domain Scan URL

URL: https://digibankm5.vietcombank.com.vn/get_file/ibomni/html/faq/index-en.html
Title: Câu hỏi thường gặp

Search URL Search Domain Scan URL

URL: https://vcbdigibank.vietinb.com/user/login/data_id/796093.html?lang=en
Title: English

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vcbbankdigi.com/ 18 KB
4 KB 592ms
201ms Document
text/html 103.173.226.53
INTERDATA-AS-VN I...

General

Check archive.org

Show headers Download Go to

Full URL: https://vcbbankdigi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 103.173.226.53 , Viet Nam, ASN140826 (INTERDATA-AS-VN INTER GROUP VIET NAM JOINT STOCK COMPANY, VN),
Reverse DNS
Software: Apache/2 / PHP/7.4.27
Resource Hash: 9aec0dd9e4f22f913bb0101cc5875cc305f5a2e425532d250de5b15b59c930aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-powered-by: PHP/7.4.27
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3903
content-type: text/html; charset=UTF-8
date: Fri, 25 Mar 2022 07:00:36 GMT
server: Apache/2

GET
H2 200 frontend.min.css
vcbdigibank.vietinb.com/assets/css/ 369 KB
83 KB 602ms
293ms Stylesheet
text/css 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcbdigibank.vietinb.com/assets/css/frontend.min.css?v=1.0.176

Requested by

Host: vcbbankdigi.com
URL: https://vcbbankdigi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

13f075ca220f539eb452cd13f1df74eae33b3cd24363e2255888bfbbee121086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:37 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 04:10:28 GMT
server: nginx
etag: W/"61a84734-5c4e2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 25 Mar 2022 19:00:37 GMT

GET
H2 200 socket.io.js Show response
cdn.bootcss.com/socket.io/2.0.3/ 60 KB
20 KB 63ms
26ms Script
application/javascript 188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bootcss.com/socket.io/2.0.3/socket.io.js
Requested by: Host: vcbbankdigi.com
URL: https://vcbbankdigi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb10a51082ecd975645974bdb9cc366574ba2b9ae3ca90319feff9a305a7ecf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-encoding: br
age: 16831
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KuKYQIxOmkxAWdpfbdcoTWYqy9UFaVN1OFq8r52pk06nSWJ8Y8RvnNJ8ohCSFn92SBv%2F2cOYZmBy26icH8l8rgHUpe7fP3ZQeLPGmdH5NSvKtr8rDHEaolsqp9HJ4Tac4s%3D"}],"group":"cf-nel","max_age":604800}
x-swift-cachetime: 11481
content-disposition: inline; filename="socket.io.js"; filename*=utf-8''socket.io.js
x-swift-savetime: Sun, 06 Mar 2022 14:04:51 GMT
cf-bgj: minify
etag: W/"FhxTRquXNMIESjaQkuakmILl0JAv.gz"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: max-age=43200
x-qiniu-zone: 0
eagleid: 2ff62e9516465754910978847e
expires: Fri, 25 Mar 2022 14:20:05 GMT
x-log: X-Log
date: Fri, 25 Mar 2022 07:00:36 GMT
via: cache26.l2sg2[0,0,200-0,H], cache8.l2sg2[0,0], cache7.it2[173,173,200-0,M], cache1.it2[174,0]
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-reqid: ElMAAAA5-gOMi9kW
cf-polished: origSize=61211
cf-ray: 6f15c5428b2f90a3-FRA
x-cache: MISS TCP_MISS dirn:-2:-2, HIT
content-transfer-encoding: binary
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Jun 2017 10:01:34 GMT
server: cloudflare
x-svr: IO
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
ali-swift-global-savetime: 1646500572
timing-allow-origin: *

GET
H2 200 user.css
vcbdigibank.vietinb.com/assets/css/ 2 KB
880 B 754ms
446ms Stylesheet
text/css 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcbdigibank.vietinb.com/assets/css/user.css?v=1.0.176

Requested by

Host: vcbbankdigi.com
URL: https://vcbbankdigi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

e4f34baaa3a5872c11965d214906a999559aa52497f16c617c3f37b1ec5c0550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:37 GMT
content-encoding: gzip
last-modified: Wed, 19 May 2021 07:21:44 GMT
server: nginx
etag: W/"60a4bc88-672"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 25 Mar 2022 19:00:37 GMT

GET
H2 200 bundles.css
vcbdigibank.vietinb.com/assets/vcb/ 190 KB
35 KB 754ms
446ms Stylesheet
text/css 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcbdigibank.vietinb.com/assets/vcb/bundles.css?v=1.0.176

Requested by

Host: vcbbankdigi.com
URL: https://vcbbankdigi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

1c27d0e3c7a5c848c30f08bb65009a4558f5c7840e5cc1282864112dda367e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:37 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 02:55:04 GMT
server: nginx
etag: W/"61a83588-2f913"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 25 Mar 2022 19:00:37 GMT

GET
H2 200 style.search.css
vcbdigibank.vietinb.com/assets/vcb/ 150 KB
26 KB 755ms
447ms Stylesheet
text/css 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcbdigibank.vietinb.com/assets/vcb/style.search.css?v=1.0.176

Requested by

Host: vcbbankdigi.com
URL: https://vcbbankdigi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

9cc44253f59761e608063438df929c3e94e9ab81a94d19347ca3c71478f56309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:37 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 03:10:10 GMT
server: nginx
etag: W/"61a83912-257a6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 25 Mar 2022 19:00:37 GMT

GET
H2 200 component.css
vcbdigibank.vietinb.com/assets/vcb/ 41 KB
10 KB 754ms
446ms Stylesheet
text/css 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcbdigibank.vietinb.com/assets/vcb/component.css?v=1.0.176

Requested by

Host: vcbbankdigi.com
URL: https://vcbbankdigi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

bfc82ce73a4aa1b5fb9ed5727e4d59afaa0fe6f0bda0fd2d14fb1709d6365c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:37 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 03:17:00 GMT
server: nginx
etag: W/"61a83aac-a572"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 25 Mar 2022 19:00:37 GMT

GET
H2 200 custom.css
vcbdigibank.vietinb.com/assets/vcb/ 114 KB
24 KB 755ms
447ms Stylesheet
text/css 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcbdigibank.vietinb.com/assets/vcb/custom.css?v=1.0.176

Requested by

Host: vcbbankdigi.com
URL: https://vcbbankdigi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

ef542005ee847a79e0642c62eeee84a082d62d76901507e75be3213dffa27cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:37 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 03:55:52 GMT
server: nginx
etag: W/"61a843c8-1c783"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 25 Mar 2022 19:00:37 GMT

GET
H2 200 custom1.css
vcbdigibank.vietinb.com/assets/vcb/ 1 KB
814 B 754ms
447ms Stylesheet
text/css 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcbdigibank.vietinb.com/assets/vcb/custom1.css?v=1.0.176

Requested by

Host: vcbbankdigi.com
URL: https://vcbbankdigi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

495be7ddf465748fa4c6a67a81b9575f2ff04c782c5a8e3a9839eeba2f2129f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:37 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 03:19:50 GMT
server: nginx
etag: W/"61a83b56-5df"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 25 Mar 2022 19:00:37 GMT

GET
H2 200 jquery.bundles.js Show response
vcbdigibank.vietinb.com/assets/vcb/ 85 KB
33 KB 755ms
448ms Script
application/javascript 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcbdigibank.vietinb.com/assets/vcb/jquery.bundles.js

Requested by

Host: vcbbankdigi.com
URL: https://vcbbankdigi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:37 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 03:50:40 GMT
server: nginx
etag: W/"60c82390-15287"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 25 Mar 2022 19:00:37 GMT

GET
H2 200 momentjs.bundles.js Show response
vcbdigibank.vietinb.com/assets/vcb/ 50 KB
18 KB 755ms
448ms Script
application/javascript 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcbdigibank.vietinb.com/assets/vcb/momentjs.bundles.js

Requested by

Host: vcbbankdigi.com
URL: https://vcbbankdigi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:37 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 03:50:40 GMT
server: nginx
etag: W/"60c82390-c9df"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 25 Mar 2022 19:00:37 GMT

GET
H2 200 logo-white.svg
vcbdigibank.vietinb.com/assets/vcb/images/ 5 KB
5 KB 149ms
149ms Image
image/svg+xml 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vcbdigibank.vietinb.com/assets/vcb/images/logo-white.svg

Requested by

Host: vcbbankdigi.com
URL: https://vcbbankdigi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

c50190463b5337a20d5baea04b937aad3040d22230ba504d8005e8f903bb258d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:37 GMT
last-modified: Thu, 02 Dec 2021 04:14:46 GMT
server: nginx
etag: "61a84836-1490"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
accept-ranges: bytes
content-length: 5264

GET
H2 200 logo-digibank.svg
vcbdigibank.vietinb.com/assets/vcb/images/ 4 KB
5 KB 148ms
147ms Image
image/svg+xml 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vcbdigibank.vietinb.com/assets/vcb/images/logo-digibank.svg

Requested by

Host: vcbbankdigi.com
URL: https://vcbbankdigi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

bd9c7ef50ca1f06bfc56b519c374cd967f87de8661b7e93e5796070fbc05ded2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:37 GMT
last-modified: Thu, 02 Dec 2021 04:15:16 GMT
server: nginx
etag: "61a84854-1195"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4501

GET
H2 200 captcha.php
vcbbankdigi.com/ 4 KB
4 KB 191ms
191ms Image
image/jpeg 103.173.226.53
INTERDATA-AS-VN I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcbbankdigi.com/captcha.php
Requested by: Host: vcbbankdigi.com
URL: https://vcbbankdigi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 103.173.226.53 , Viet Nam, ASN140826 (INTERDATA-AS-VN INTER GROUP VIET NAM JOINT STOCK COMPANY, VN),
Reverse DNS
Software: Apache/2 / PHP/7.4.27
Resource Hash: 097052c74e5c9d221b95a63d9d2e77346c1c0268d8d6b83c7b6566503a7e59c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 07:00:38 GMT
content-encoding: gzip
server: Apache/2
x-powered-by: PHP/7.4.27
vary: Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: no-store, no-cache, must-revalidate
content-length: 3571
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 require.min.js Show response
vcbdigibank.vietinb.com/assets/js/ 17 KB
7 KB 149ms
148ms Script
application/javascript 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcbdigibank.vietinb.com/assets/js/require.min.js

Requested by

Host: vcbbankdigi.com
URL: https://vcbbankdigi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

563bac9ba2a1d94effb5bea3061f8c39fc6769fd935ac4e9877e1b30a842d507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:37 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 21:13:40 GMT
server: nginx
etag: W/"60663784-44fe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 25 Mar 2022 19:00:37 GMT

GET
H2 200 1600.jpg
vcbdigibank.vietinb.com/assets/vcb/images/web/img/bg-login/noon/ 149 KB
149 KB 148ms
147ms Image
image/jpeg 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vcbdigibank.vietinb.com/assets/vcb/images/web/img/bg-login/noon/1600.jpg

Requested by

Host: vcbdigibank.vietinb.com
URL: https://vcbdigibank.vietinb.com/assets/vcb/custom.css?v=1.0.176

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

b3d190f0a92b36ebb98dae78b4306b6e774189fe713becfb268072fbf8946305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbdigibank.vietinb.com/assets/vcb/custom.css?v=1.0.176
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:37 GMT
last-modified: Thu, 02 Dec 2021 03:36:02 GMT
server: nginx
etag: "61a83f22-25286"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 152198
expires: Sun, 24 Apr 2022 07:00:37 GMT

GET
H2 200 ic_eye-open.svg
vcbdigibank.vietinb.com/assets/vcb/images/web/icons/dark/ 1 KB
2 KB 149ms
149ms Image
image/svg+xml 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vcbdigibank.vietinb.com/assets/vcb/images/web/icons/dark/ic_eye-open.svg

Requested by

Host: vcbdigibank.vietinb.com
URL: https://vcbdigibank.vietinb.com/assets/vcb/custom.css?v=1.0.176

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

ffad05700eaed5e53b6b01a77588e38661a8dbcf743fa64a42434fb6b8297cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbdigibank.vietinb.com/assets/vcb/custom.css?v=1.0.176
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:37 GMT
last-modified: Thu, 02 Dec 2021 03:31:20 GMT
server: nginx
etag: "61a83e08-56d"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1389

GET Roboto-Regular.ttf
vcbdigibank.vietinb.com/assets/vcb/fonts/ 0
0

GET Roboto-Bold.ttf
vcbdigibank.vietinb.com/assets/vcb/fonts/ 0
0

GET Roboto-Medium.ttf
vcbdigibank.vietinb.com/assets/vcb/fonts/ 0
0

GET
DATA 200
OK truncated
/ 855 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d480b8351b233a2b50ad9df3096a93d3c29b1eac23d630781510dfc1472ed7b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 557 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66ff9bf552d9a8b9b10ec9027cce6e32e718743d8e329216d0a6d4e6b145fc2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET z_stat.php
v1.cnzz.com/ 0
0

GET
H2 200 require-frontend.min.js Show response
vcbdigibank.vietinb.com/assets/js/ 5 KB
2 KB 147ms
147ms Script
application/javascript 172.247.109.43
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcbdigibank.vietinb.com/assets/js/require-frontend.min.js?v=1.0.176

Requested by

Host: vcbdigibank.vietinb.com
URL: https://vcbdigibank.vietinb.com/assets/js/require.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.247.109.43 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

7266cc4583aa5d870dde2c14b08861ff090ec0b49c841c09eff79b1c5514e1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:38 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 23:59:24 GMT
server: nginx
etag: W/"60e39cdc-1273"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 25 Mar 2022 19:00:38 GMT

GET
H2 404 jquery.min.js
vcbbankdigi.com/assets/libs/jquery/dist/ 0
0 188ms
188ms Script
text/html 103.173.226.53
INTERDATA-AS-VN I...

General

Check archive.org

Show headers Download Go to

Full URL: https://vcbbankdigi.com/assets/libs/jquery/dist/jquery.min.js?v=1.0.176
Requested by: Host: vcbdigibank.vietinb.com
URL: https://vcbdigibank.vietinb.com/assets/js/require.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 103.173.226.53 , Viet Nam, ASN140826 (INTERDATA-AS-VN INTER GROUP VIET NAM JOINT STOCK COMPANY, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vcbbankdigi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:00:38 GMT
server: Apache/2
content-length: 315
content-type: text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vcbdigibank.vietinb.com
URL: https://vcbdigibank.vietinb.com/assets/vcb/fonts/Roboto-Regular.ttf

Domain: vcbdigibank.vietinb.com
URL: https://vcbdigibank.vietinb.com/assets/vcb/fonts/Roboto-Bold.ttf

Domain: vcbdigibank.vietinb.com
URL: https://vcbdigibank.vietinb.com/assets/vcb/fonts/Roboto-Medium.ttf

Domain: v1.cnzz.com
URL: https://v1.cnzz.com/z_stat.php?id=1280065227

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Vietcombank (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			vcbbankdigi.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: i1vc5mai7bre30ob79j2g040lm

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://vcbbankdigi.com/(Line 275) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://v1.cnzz.com/z_stat.php?id=1280065227, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://vcbbankdigi.com/(Line 275) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://v1.cnzz.com/z_stat.php?id=1280065227, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://vcbbankdigi.com/assets/libs/jquery/dist/jquery.min.js?v=1.0.176 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://vcbbankdigi.com/ Message: Access to font at 'https://vcbdigibank.vietinb.com/assets/vcb/fonts/Roboto-Regular.ttf' from origin 'https://vcbbankdigi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://vcbdigibank.vietinb.com/assets/vcb/fonts/Roboto-Regular.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://vcbbankdigi.com/ Message: Access to font at 'https://vcbdigibank.vietinb.com/assets/vcb/fonts/Roboto-Bold.ttf' from origin 'https://vcbbankdigi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://vcbdigibank.vietinb.com/assets/vcb/fonts/Roboto-Bold.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://vcbbankdigi.com/ Message: Access to font at 'https://vcbdigibank.vietinb.com/assets/vcb/fonts/Roboto-Medium.ttf' from origin 'https://vcbbankdigi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://vcbdigibank.vietinb.com/assets/vcb/fonts/Roboto-Medium.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bootcss.com
v1.cnzz.com
vcbbankdigi.com
vcbdigibank.vietinb.com
v1.cnzz.com
vcbdigibank.vietinb.com
103.173.226.53
172.247.109.43
188.114.97.7
097052c74e5c9d221b95a63d9d2e77346c1c0268d8d6b83c7b6566503a7e59c9
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
13f075ca220f539eb452cd13f1df74eae33b3cd24363e2255888bfbbee121086
1c27d0e3c7a5c848c30f08bb65009a4558f5c7840e5cc1282864112dda367e8e
495be7ddf465748fa4c6a67a81b9575f2ff04c782c5a8e3a9839eeba2f2129f0
563bac9ba2a1d94effb5bea3061f8c39fc6769fd935ac4e9877e1b30a842d507
66ff9bf552d9a8b9b10ec9027cce6e32e718743d8e329216d0a6d4e6b145fc2e
7266cc4583aa5d870dde2c14b08861ff090ec0b49c841c09eff79b1c5514e1e7
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
9aec0dd9e4f22f913bb0101cc5875cc305f5a2e425532d250de5b15b59c930aa
9cc44253f59761e608063438df929c3e94e9ab81a94d19347ca3c71478f56309
b3d190f0a92b36ebb98dae78b4306b6e774189fe713becfb268072fbf8946305
bd9c7ef50ca1f06bfc56b519c374cd967f87de8661b7e93e5796070fbc05ded2
bfc82ce73a4aa1b5fb9ed5727e4d59afaa0fe6f0bda0fd2d14fb1709d6365c78
c50190463b5337a20d5baea04b937aad3040d22230ba504d8005e8f903bb258d
d480b8351b233a2b50ad9df3096a93d3c29b1eac23d630781510dfc1472ed7b3
e4f34baaa3a5872c11965d214906a999559aa52497f16c617c3f37b1ec5c0550
ef542005ee847a79e0642c62eeee84a082d62d76901507e75be3213dffa27cbe
efb10a51082ecd975645974bdb9cc366574ba2b9ae3ca90319feff9a305a7ecf
ffad05700eaed5e53b6b01a77588e38661a8dbcf743fa64a42434fb6b8297cb9

vcbbankdigi.com Open in urlscan Pro 103.173.226.53 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

23 Requests

83 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

428 kBTransfer

1267 kBSize

1 Cookies

7 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

1 Cookies

9 Console Messages

Indicators

vcbbankdigi.com Open in urlscan Pro
103.173.226.53 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

428 kB
Transfer

1267 kB
Size

1
Cookies

23 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!