ScanMalware.com

Security Scan Report: bank.ctznba.net

Site favicon
Submitted: May 6, 2026, 4:53:22 AMCompleted: May 6, 2026, 4:54:36 AMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 57 HTTP transactions. The main domain is bank.ctznba.net and was registered NaN years ago.

Submitted URL: https://bank.ctznba.net/alpha-bank/dashboard

AI Security Verdict

High Risk

Confidence: 92%

9
Risk Score

The site pretends to be Alpha Bank, hosts a credential‑stealing login form, and triggers critical malware alerts – treat as high‑risk phishing.

Risk Factors
Brand impersonation
Unranked / low‑reputation domain
Critical IDS alerts (malware C2, data exfiltration)
Highly obfuscated JavaScript
Credential collection on non‑official domain
Domain age information unavailable

Details

Page Title

Alpha Bank

Scan Type

public

Language

🇺🇸

English

(60% confidence)

Category

finance banking

(76%)

Domain Information

Within the network infrastructure generic top-level domain (.net), 'bank.ctznba.net' is registered; it also runs on subdomain 'bank'. The core label 'ctznba' covers 6 characters split between one vowel and 5 consonants. Breaking it apart gives three words: c, tz, nba. Median word length comes out to 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://bank.ctznba.net/alpha-bank/dashboard

Page Load Overview

2.97s
Total Load Time
70
HTTP Requests
5
Domains
1.2 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:60%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:60%
Script Type:Latin
Text Length:722 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking76% confidence
Type: spa
Method: ml+structural

All Detected Categories

finance banking
76%
corporate business
42%
finance/banking
25%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
19142.251.14.94United States
AS15169Google LLC
17185.191.124.15Seychelles
AS206264Amarutu Technology Ltd
17104.20.42.169United States
AS13335Cloudflare, Inc.
17142.251.127.95United States
AS15169Google LLC
704--

Detected Technologies8

X-UA-Compatible
100%
PasswordField
100%
JQueryv3.6.4
100%
LiteSpeed
40%
HTTP/3
40%
Tawk.to
20%
Lightbox
20%
GSAP
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1D8B25E3565E9341B4071B6CAA034BF0D1FC2C42BCED6C59670AD2BE9AF8AED6D81341D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:UXM5z5EKRZVRxqDaabqqj4Abn7yxOFLLsZNxtHKG:UX25EK3VnAaabqqruKG

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:24671:BcYAHAFZBPOAZDAMC0NAzgYICOCKKPAdqYHXWCiAnOCUAGFxKgEBQJAcCJpJUUgkGACIMYKaAwqIAXgAlgysAdhgCBYGiJwN

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:24ffffffffc3e7ff
Perceptual Hash:870707270f07379f
Difference Hash:cc00480a22960e00
Wavelet Hash:00fefe86848181ff
Color Hash:#753a78

Other Hashes

Crop Resistant:cc00480a22960e00,ffffffededfffbfb

Scan History

Scan history not available

Unable to load historical scan data