urlscan.io logo urlscan.io
SecurityTrails logo

saml.sgp-sms.top Open in urlscan Pro
149.129.233.12  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.sgp-sms.top/singpass
Effective URL: https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26...
Submission Tags: falconsandbox
Submission: On September 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 32 HTTP transactions. The main IP is 149.129.233.12, located in Jakarta, Indonesia and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is saml.sgp-sms.top.
TLS certificate: Issued by R3 on September 30th 2022. Valid for: 3 months.
This is the only time saml.sgp-sms.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Singpass (Government)

Domain & IP information

IP Address AS Autonomous System
1 26 149.129.233.12 45102 (ALIBABA-C...)
1 2600:9000:21c... 16509 (AMAZON-02)
1 2a02:26f0:10e... 20940 (AKAMAI-ASN1)
32 4
Apex Domain
Subdomains		 Transfer
26 sgp-sms.top
www.sgp-sms.top
saml.sgp-sms.top
868 KB
2 singpass.gov.sg
bio-resources.singpass.gov.sg — Cisco Umbrella Rank: 205446
ww.singpass.gov.sg Failed
saml.singpass.gov.sg — Cisco Umbrella Rank: 179671
158 KB
0 google-analytics.com Failed
1.google-analytics.com Failed
0 go-mpulse.net Failed
1.go-mpulse.net Failed
0 wogaa.sg Failed
1.wogaa.sg Failed
32 5
Domain Requested by
25 saml.sgp-sms.top saml.sgp-sms.top
1 saml.singpass.gov.sg saml.sgp-sms.top
1 bio-resources.singpass.gov.sg saml.sgp-sms.top
1 www.sgp-sms.top 1 redirects
0 1.google-analytics.com Failed saml.sgp-sms.top
0 ww.singpass.gov.sg Failed saml.sgp-sms.top
0 1.go-mpulse.net Failed saml.sgp-sms.top
0 1.wogaa.sg Failed saml.sgp-sms.top
32 8

This site contains links to these domains. Also see Links.

Domain
www.gov.sg
www.singpass.gov.sg
go.gov.sg
www.tech.gov.sg
Subject Issuer Validity Valid
www.sgp-sms.top
R3		 2022-09-30 -
2022-12-29		 3 months crt.sh
bio-resources.singpass.gov.sg
DigiCert SHA2 Extended Validation Server CA		 2022-08-30 -
2023-09-30		 a year crt.sh
singpass.gov.sg
DigiCert SHA2 Extended Validation Server CA		 2022-07-01 -
2023-07-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
Frame ID: 7323187CF2A67228D301E80EC53C9586
Requests: 34 HTTP requests in this frame

Frame: https://1.go-mpulse.net/boomerang/NVNPK-ADYWM-HWK4K-M2CLG-HJ9C3
Frame ID: 719DBC37290313C56BBCDC2605930B3A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Singpass login

Page URL History Show full URLs

  1. http://www.sgp-sms.top/singpass HTTP 302
    https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fres... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

84 %
HTTPS

67 %
IPv6

5
Domains

8
Subdomains

4
IPs

3
Countries

1024 kB
Transfer

2593 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.sgp-sms.top/singpass HTTP 302
    https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
saml.sgp-sms.top/spservice/
Redirect Chain
  • http://www.sgp-sms.top/singpass
  • https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4...
9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
854f91ba8563dd1197439f9d0981859da8ff833a3e902c89af628a6be2702926
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 08:47:03 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Sep 2022 08:47:01 GMT
Location
https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
Server
nginx
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
jquery-3.5.1.min.js
saml.sgp-sms.top/spservice/assets/ 		162 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/spservice/assets/jquery-3.5.1.min.js
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
8033099f632447edd84bd8e2c3d8972154fb4616716c708adb46eb5a5c7ea2a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:47:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, private
localsecurity.js
saml.sgp-sms.top/spservice/assets/ 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/spservice/assets/localsecurity.js
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
50c32148e6ed72fa795840a6148bf9bdd3db27b6143395734dee85cc198b5f08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:47:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, private
deeplink-to-native-app.min.js
saml.sgp-sms.top/spservice/assets/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/spservice/assets/deeplink-to-native-app.min.js
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
c8413e1b91e4e23288efc62c5c06686e3241252676b69c802329ca801b5e55fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:47:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, private
wogaa.js
1.wogaa.sg/scripts/ 		0
0
font.css
saml.sgp-sms.top/spservice/assets/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/spservice/assets/font.css
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
8f4e072e82bb96411b4610c45c3b6311e3590d640c53e049e3bfee5430f19d71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:47:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
nginx
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
2.cbe4ed89.chunk.css
saml.sgp-sms.top/spservice/static/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/spservice/static/css/2.cbe4ed89.chunk.css
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
0eff3b2c44de643b10f16757c48f8445d16d93d527981e9625027aa33c28db67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:47:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
nginx
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
spface-v3.6.1.js
bio-resources.singpass.gov.sg/html5sdk/ 		370 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bio-resources.singpass.gov.sg/html5sdk/spface-v3.6.1.js
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:f800:1d:2183:56c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1324ab3f2bcffce10f7bd0d982c71ebe01ec21614047837afe411a30627d07b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
I953ZzE2ptVNl4c6yTyU4VzDMKB9Wdfk
content-encoding
gzip
via
1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
date
Fri, 30 Sep 2022 04:51:46 GMT
last-modified
Thu, 14 Jul 2022 08:51:03 GMT
server
AmazonS3
x-amz-cf-pop
AMS54-C1
age
15424
x-amz-server-side-encryption
AES256
etag
W/"2eeeaee48ef2f604325a0625a757d5fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
UYr4HBmWVtOmHHhWWqLpg6M7_xDPGO6eAdr0pRWnxdGCcfY_PizJwg==
2.c89f95a0.chunk.js
saml.sgp-sms.top/spservice/static/js/ 		1 MB
515 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/spservice/static/js/2.c89f95a0.chunk.js
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ed3bf778fe67689f36a8c7eef497b7cb2a9538f33f63b4a36c6f9f176ae89877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:47:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, private
main.b91ae1bb.chunk.js
saml.sgp-sms.top/spservice/static/js/ 		323 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/spservice/static/js/main.b91ae1bb.chunk.js
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
dcd2b2353cdd92aa738c63669d62ad55c77dafa1b44f2501f6234cf399741a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:47:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, private
NVNPK-ADYWM-HWK4K-M2CLG-HJ9C3
1.go-mpulse.net/boomerang/ Frame 719D 		0
0
translation.json
saml.sgp-sms.top/spservice/locales/en/ 		27 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/spservice/locales/en/translation.json
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/static/js/2.c89f95a0.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
4cc2c6047fdaa27bb2e425d5672eb3b6b45b68720975235de2e7d77366f505f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:47:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
details
saml.sgp-sms.top/cmn/device/ 		20 B
1007 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/cmn/device/details
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/static/js/2.c89f95a0.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
4a8573eb2407f8a92879c13943afd267534a2e5664708818938d079e8398482a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json
Referer
https://saml.sgp-sms.top/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
X-XSRF-TOKEN
eyJpdiI6ImVvSlVMWllRc0Q5czlDWkEyK2xOM2c9PSIsInZhbHVlIjoiNHEwOHI0WWlhNm1YWW5URGhkM1Rvd0plSEs4Z04rZmpLN05BNTltdncraDVnK0hoMU9CNndvUXN6QVpsa3FpL2tlVThpN0gwS1BKeEpKdGVjVC9TZERnbU9LYnlobTRrUXRTSmtOeHE5a25iRGlZMjZHZ2pETDdNUG1XRnp0eVkiLCJtYWMiOiIyNjAyNTgyZTM3MjdlZjc5ZjY5Yjc4ZWFkMWFjMjU3NTcyMDhjOTNiMzc0MTRjOTI4YTYwZGE4MmE2M2JhNTA1IiwidGFnIjoiIn0=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:47:07 GMT
strict-transport-security
max-age=31536000
server
nginx
vary
Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin
*
content-type
application/json
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
init-login
saml.sgp-sms.top/cmn/eservice/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/cmn/eservice/init-login
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/static/js/2.c89f95a0.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
a16ad672d4a64ec52a82aec1a473c6e309295ca2098df2630b2e20e42a5877bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json
Referer
https://saml.sgp-sms.top/spservice/welcome
X-XSRF-TOKEN
eyJpdiI6Imt0a3lxZUdlditKK2xlUWF5bTVDQlE9PSIsInZhbHVlIjoiVEs5M0RhK3BxcHkzUTkyaWIwU2RUMjBKNEw1VWcvK1FYazlKemliaG1LVDVLL2cyUGtzcUdGY0U3K0tVb3FxZEMvK3BWT3kzdzNMTnlNY3dxallFZ0pveTB3eVVsZldiYklrM1RKMWhkUjZtMnRMRldVR2ljYkhLUThvYXB1WVMiLCJtYWMiOiIyNGZkMDU1ZWI3MTY5NjdhNzU4OWExYTc0MjI2NzZkODg5MWEyOGRmMWY5ZGZiNGI3ZTZmNzNhZDIwN2M0ODNjIiwidGFnIjoiIn0=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:47:08 GMT
strict-transport-security
max-age=31536000
server
nginx
vary
Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin
*
content-type
application/json
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
/
ww.singpass.gov.sg/2.2/w/w-675305/sync/js/ 		0
0
authorize
saml.singpass.gov.sg/mga/sps/oauth/oauth20/ 		370 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://saml.singpass.gov.sg/mga/sps/oauth/oauth20/authorize?response_type=code&client_id=NDI-CORE-BRIDGE&scope=openid&state=73ac96ca-83af-4a22-a4a5-2f366309aba5&redirect_uri=https://id.singpass.gov.sg/auth/singpass-federation&ndi_esrvc=sp_portal&nonce=k_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM&esrvcID=NDI-CORE-BRIDGE
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/static/js/2.c89f95a0.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10e:2aa::236c Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1a39321ba35d94f2891dc13763fe68122d85a196568f04b6f469427c0587af31
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://saml.sgp-sms.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
Date
Fri, 30 Sep 2022 08:47:09 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
x-envoy-upstream-service-time
9
Connection
keep-alive
Server-Timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=667
Content-Length
370
x-xss-protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/json
Location
/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3DNDI-CORE-BRIDGE%26scope%3Dopenid%26state%3D73ac96ca-83af-4a22-a4a5-2f366309aba5%26redirect_uri%3Dhttps%3A%2F%2Fid.singpass.gov.sg%2Fauth%2Fsingpass-federation%26ndi_esrvc%3Dsp_portal%26nonce%3Dk_OPa6ZOXnvfLG5bIVmxHMBJtQ-YzqlY7C91PLWqlTM%26esrvcID%3DNDI-CORE-BRIDGE
Access-Control-Allow-Origin
https://saml.sgp-sms.top
Access-Control-Expose-Headers
location
Cache-Control
no-store
Access-Control-Allow-Credentials
true
x-frame-options
SAMEORIGIN
am-eai-server-task
terminate session YzatDQAAAAIAAAA0Da02Y+h/QRR4fwAANW0wR3d1cUZUM3ZBV1JLTkpmOHlLcUFGNXdPcUhSREhPbjRuTHFSaFhnSSs0TWxCSXJZPQ==:default
analytics.js
1.google-analytics.com/ 		0
0
landing-bg-img.82ae0b28.jpg
saml.sgp-sms.top/spservice/static/media/ 		97 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.sgp-sms.top/spservice/static/media/landing-bg-img.82ae0b28.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
9354ea1538caf8418d807d0184e417948f2eb6faf7e2c62d07475b332a252b90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:47:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
poppins-latin-400-normal.5b8f3ba8.woff2
saml.sgp-sms.top/spservice/static/media/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/spservice/static/media/poppins-latin-400-normal.5b8f3ba8.woff2
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/static/css/2.cbe4ed89.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://saml.sgp-sms.top/spservice/static/css/2.cbe4ed89.chunk.css
Origin
https://saml.sgp-sms.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:47:09 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000
server
nginx
content-type
binary/octet-stream
poppins-v15-latin-600.woff2
saml.sgp-sms.top/spservice/assets/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/spservice/assets/poppins-v15-latin-600.woff2
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/assets/font.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://saml.sgp-sms.top/spservice/assets/font.css
Origin
https://saml.sgp-sms.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:47:10 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000
server
nginx
content-type
binary/octet-stream
poppins-v15-latin-500.woff2
saml.sgp-sms.top/spservice/assets/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/spservice/assets/poppins-v15-latin-500.woff2
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/assets/font.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://saml.sgp-sms.top/spservice/assets/font.css
Origin
https://saml.sgp-sms.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:47:10 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000
server
nginx
content-type
binary/octet-stream
poppins-v15-latin-300.woff2
saml.sgp-sms.top/spservice/assets/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/spservice/assets/poppins-v15-latin-300.woff2
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/assets/font.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://saml.sgp-sms.top/spservice/assets/font.css
Origin
https://saml.sgp-sms.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:47:10 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000
server
nginx
content-type
binary/octet-stream
request
saml.sgp-sms.top/st/qr/ 		0
0
poppins-v15-latin-700.woff2
saml.sgp-sms.top/spservice/assets/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://saml.sgp-sms.top/spservice/assets/poppins-v15-latin-700.woff2
Requested by
Host: saml.sgp-sms.top
URL: https://saml.sgp-sms.top/spservice/assets/font.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://saml.sgp-sms.top/spservice/assets/font.css
Origin
https://saml.sgp-sms.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:47:10 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000
server
nginx
content-type
binary/octet-stream
truncated
/ 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27ca3c00c616112fad5bc83bbdc7cc77a0ff31b6781fbd091257a5f346a9ebea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
singpass-logo.bdceeae1.svg
saml.sgp-sms.top/spservice/static/media/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.sgp-sms.top/spservice/static/media/singpass-logo.bdceeae1.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
c948acf8e99bdf9b29b3cc2c0735f62da4d6b8dd66180914d83c3f4f1109aa58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:47:10 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000
server
nginx
content-type
image/svg+xml
text-increase.145081dd.svg
saml.sgp-sms.top/spservice/static/media/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.sgp-sms.top/spservice/static/media/text-increase.145081dd.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
faa1d888b907a668a5ba0a1195ff75751a925614d6eb09fb668f147ce5396789
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:47:10 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000
server
nginx
content-type
image/svg+xml
truncated
/ 		139 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cd0d7b8b6c66ea3ee946c659c3c2405078bec0f0f352d694c3ea86043ca2cd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
text-original.6c7f0710.svg
saml.sgp-sms.top/spservice/static/media/ 		965 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.sgp-sms.top/spservice/static/media/text-original.6c7f0710.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
9402ab4dd9475d9e02d648bef4405c5750eb7fbbf5b5d746f7f14cb6da8aad5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:47:10 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000
server
nginx
content-type
image/svg+xml
text-decrease.6ce30b7f.svg
saml.sgp-sms.top/spservice/static/media/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.sgp-sms.top/spservice/static/media/text-decrease.6ce30b7f.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
b9e9d46850c7a22d8ff273468e7635bc984e259965c98cbc03e9d1f4961b163d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:47:10 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000
server
nginx
content-type
image/svg+xml
print-icon.448368d9.svg
saml.sgp-sms.top/spservice/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.sgp-sms.top/spservice/static/media/print-icon.448368d9.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
2bdeb38a318665e680c5a0e247310862a54d533496c22bc1fac5e23d3baf8a2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:47:10 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000
server
nginx
content-type
image/svg+xml
search-icon.7144d50d.svg
saml.sgp-sms.top/spservice/static/media/ 		810 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.sgp-sms.top/spservice/static/media/search-icon.7144d50d.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
45c8c53add4594b3f4e89db1ddf4fafdbd896c1d00f5273094cbad6eada285cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:47:10 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000
server
nginx
content-type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0ba0dbb5319276b718f3da1de064df4687d8c7705b813592d2bb2bd74de2d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
icon-sp-mascot.56e6db83.svg
saml.sgp-sms.top/spservice/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.sgp-sms.top/spservice/static/media/icon-sp-mascot.56e6db83.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
bf010ca2669f1c352a93b11b499a622b6431d6d6ba1227d04744ada8986167c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:47:10 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000
server
nginx
content-type
image/svg+xml
singpass-logo-white.b764b183.svg
saml.sgp-sms.top/spservice/static/media/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.sgp-sms.top/spservice/static/media/singpass-logo-white.b764b183.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.233.12 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
70c70d5702072f5c797ec57ff38d94e6fbb6b5793336788f06bba4b6a0d111ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.sgp-sms.top/spservice/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:47:10 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000
server
nginx
content-type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
1.wogaa.sg
URL
https://1.wogaa.sg/scripts/wogaa.js
Domain
1.go-mpulse.net
URL
https://1.go-mpulse.net/boomerang/NVNPK-ADYWM-HWK4K-M2CLG-HJ9C3
Domain
ww.singpass.gov.sg
URL
https://ww.singpass.gov.sg/2.2/w/w-675305/sync/js/
Domain
1.google-analytics.com
URL
https://1.google-analytics.com/analytics.js
Domain
saml.sgp-sms.top
URL
https://saml.sgp-sms.top/st/qr/request

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Singpass (Government)

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| des function| des_createKeys boolean| Is2048 function| stringToHex function| encryptSetPwdNoVerifyRSABlockMD5 function| encryptSetPwdRSABlock256 function| encryptSetPwdNoVerifyRSABlock256 function| encryptSetPwdNoVerifyNoUserRSABlock256 function| encryptSetPwdNoVerifyNoUserRSABlock256U function| encryptSetPwdNoVerifyNoUserRSABlock512 function| encryptVerifyStaticRSABlockMD5 function| encryptVerifyStaticRSABlock256 function| encryptVerifyStaticNoUserRSABlock256 function| encryptVerifyStaticNoUserRSABlock256U function| encryptVerifyNoUserRSABlock256 function| encryptVerifyNoUserRSABlock256U function| encryptVerifyRSABlock256 function| encryptVerifyStaticNoUserRSABlock512 function| encryptVerifyNoUserRSABlock512 function| encryptChangePwdNoVerifyRSABlockMD5 function| encryptChangePwdNoVerifyRSABlock256 function| encryptChangePwdNoVerifyNoUserRSABlock256 function| encryptChangePwdNoVerifyNoUserRSABlock256U function| encryptChangePwdRSABlock256 function| encryptChangePwdNoVerifyNoUserRSABlock512 function| encryptMigratePwdNoVerifyNoUser256RSABlock512 function| encryptVerifyOtipNoUserRSABlock function| doSHA256Hash function| rsaDES3EncryptDataPKCS5Padding_CBC function| des3EncryptPKCS5Padding_CBC function| des3KeyGen function| getByteArray number| dbits boolean| j_lm function| BigInteger function| nbi function| am1 function| MD5 function| dW function| tH function| lf function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnpBitwiseTo function| op_xor function| bnXor function| lbit function| parseBigInt function| pkcs1pad2B function| randomBytes function| pkcs1pad2 function| pkcs1pad2S function| RSAKey function| sha256Hash function| ROTR function| Sigma0 function| Sigma1 function| sigma0 function| sigma1 function| Ch function| Maj function| Util function| SHA512 object| NativeAppLauncher string| BOOMR_API_key object| BOOMR number| BOOMR_lstart object| webpackChunk_name_ function| setImmediate function| clearImmediate object| regeneratorRuntime object| WebComponents function| IProov object| webpackJsonpeservice-login number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ number| BOOMR_onload boolean| browserSupport object| ndsapi string| GoogleAnalyticsObject function| ga string| qrCodeState string| ndiEventCallbackState

2 Cookies

Domain/Path Name / Value
.sgp-sms.top/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik9wTmhKenQrZk0rQStKRzQ4UkoyWUE9PSIsInZhbHVlIjoiN25iN1dEcUlHZ3FkMFh4KzY5WUJBOHRHd3pVMjVnY3J1RGNZMDB3QWhZVUFFdWxMS0hPUEd6dzU0U1grQ0YwcDJETldCT2gvSFIrVDRNTUx6RFlQbG1nTzRISXpZWCttYnpWOTRZei9DaWJFVWxSeEwraXJKRUpTSmRBZy9XSFIiLCJtYWMiOiI3Njc0NjNhYWI1ZDFkNDM3YzIyZDA5NmViY2I3Yjc3OWQ5ZmI1MDZiMTljOTFiODgzNDVlYjUxOGQ1MWFmZDRiIiwidGFnIjoiIn0%3D
.sgp-sms.top/ Name: laravel_session
Value: eyJpdiI6IlhDK0t2UGo1N3IwWGR6ejdsckNlZUE9PSIsInZhbHVlIjoiVGVrQnVZcDAvbnJiS0lJVW5wUDBJOHlQZUlQL29yMmgzZ2o4Q0Q1L2tIdjM1R1Y4eE4yUHloR3ZOT1J0QzhqbndxcXd2Rk5EVk5LWis2Y3N0d0RHbWJzcU9qN1orZzY5T2orci94YTlqaFlGMmVHazJXczA1TFBLMUMzVXFyYXYiLCJtYWMiOiJjOGJlZjE0NzBjNjEyMmE4MmI2ZGM4MmMyZWE1MmUxNzg3ODQxNDJlNDNlNWYyYjljYzgyZWEwMjFlZDM4ZDQ0IiwidGFnIjoiIn0%3D

4 Console Messages

Source Level URL
Text
network error URL: https://1.wogaa.sg/scripts/wogaa.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://1.go-mpulse.net/boomerang/NVNPK-ADYWM-HWK4K-M2CLG-HJ9C3
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ww.singpass.gov.sg/2.2/w/w-675305/sync/js/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://1.google-analytics.com/analytics.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.go-mpulse.net
1.google-analytics.com
1.wogaa.sg
bio-resources.singpass.gov.sg
saml.sgp-sms.top
saml.singpass.gov.sg
ww.singpass.gov.sg
www.sgp-sms.top
1.go-mpulse.net
1.google-analytics.com
1.wogaa.sg
saml.sgp-sms.top
ww.singpass.gov.sg
149.129.233.12
2600:9000:21c7:f800:1d:2183:56c0:93a1
2a02:26f0:10e:2aa::236c
0eff3b2c44de643b10f16757c48f8445d16d93d527981e9625027aa33c28db67
1324ab3f2bcffce10f7bd0d982c71ebe01ec21614047837afe411a30627d07b0
1a39321ba35d94f2891dc13763fe68122d85a196568f04b6f469427c0587af31
27ca3c00c616112fad5bc83bbdc7cc77a0ff31b6781fbd091257a5f346a9ebea
2bdeb38a318665e680c5a0e247310862a54d533496c22bc1fac5e23d3baf8a2b
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
3cd0d7b8b6c66ea3ee946c659c3c2405078bec0f0f352d694c3ea86043ca2cd5
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
45c8c53add4594b3f4e89db1ddf4fafdbd896c1d00f5273094cbad6eada285cb
4a8573eb2407f8a92879c13943afd267534a2e5664708818938d079e8398482a
4cc2c6047fdaa27bb2e425d5672eb3b6b45b68720975235de2e7d77366f505f8
50c32148e6ed72fa795840a6148bf9bdd3db27b6143395734dee85cc198b5f08
70c70d5702072f5c797ec57ff38d94e6fbb6b5793336788f06bba4b6a0d111ab
8033099f632447edd84bd8e2c3d8972154fb4616716c708adb46eb5a5c7ea2a8
854f91ba8563dd1197439f9d0981859da8ff833a3e902c89af628a6be2702926
8f4e072e82bb96411b4610c45c3b6311e3590d640c53e049e3bfee5430f19d71
9354ea1538caf8418d807d0184e417948f2eb6faf7e2c62d07475b332a252b90
9402ab4dd9475d9e02d648bef4405c5750eb7fbbf5b5d746f7f14cb6da8aad5d
a16ad672d4a64ec52a82aec1a473c6e309295ca2098df2630b2e20e42a5877bf
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b0ba0dbb5319276b718f3da1de064df4687d8c7705b813592d2bb2bd74de2d93
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
b9e9d46850c7a22d8ff273468e7635bc984e259965c98cbc03e9d1f4961b163d
bf010ca2669f1c352a93b11b499a622b6431d6d6ba1227d04744ada8986167c3
c8413e1b91e4e23288efc62c5c06686e3241252676b69c802329ca801b5e55fe
c948acf8e99bdf9b29b3cc2c0735f62da4d6b8dd66180914d83c3f4f1109aa58
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
dcd2b2353cdd92aa738c63669d62ad55c77dafa1b44f2501f6234cf399741a2e
ed3bf778fe67689f36a8c7eef497b7cb2a9538f33f63b4a36c6f9f176ae89877
faa1d888b907a668a5ba0a1195ff75751a925614d6eb09fb668f147ce5396789