carousell-hk.kebahd.shop Open in urlscan Pro
172.67.135.35 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://carousell-hk.kebahd.shop/login/114BV617MU333V7261156/
Submission Tags: @phish_report
Submission: On December 05 via api (December 5th 2024, 4:28:40 am UTC) from FI — Scanned from FI

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 172.67.135.35, located in United States and belongs to CLOUDFLARENET, US. The main domain is carousell-hk.kebahd.shop.
TLS certificate: Issued by WE1 on November 25th 2024. Valid for: 3 months.

This is the only time carousell-hk.kebahd.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DBS Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
15	172.67.135.35 172.67.135.35		13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	1

15 172.67.135.35 (United States)

ASN13335 (CLOUDFLARENET, US)

carousell-hk.kebahd.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	kebahd.shop carousell-hk.kebahd.shop	889 KB
15	1

	Domain	Requested by
15	carousell-hk.kebahd.shop	carousell-hk.kebahd.shop
15	1

This site contains no links.

Subject Issuer	Validity	Valid
kebahd.shop WE1	`2024-11-25` - `2025-02-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://carousell-hk.kebahd.shop/login/114BV617MU333V7261156/
Frame ID: 39E79ADC699D0F903F28000CC7A3E6BE
Requests: 5 HTTP requests in this frame

Frame: https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe.htm
Frame ID: 93E684DA5FEAE71CAFE766FF99922413
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DBS iBanking

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

889 kB
Transfer

1157 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response carousell-hk.kebahd.shop/login/114BV617MU333V7261156/	45 KB 5 KB	226ms 165ms	Document text/html	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell-hk.kebahd.shop/login/114BV617MU333V7261156/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c3b2e4132ac0ac0cb56538dc2de9c826f05ebf68b5245553d6c1294cc491d7ac` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8ed14a4fcd7db4f3-OSL content-encoding zstd content-type text/html; charset=UTF-8 date Thu, 05 Dec 2024 04:28:35 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D6kppTF5ve%2BXyI1zPdE%2F%2FRo6NzBklGK9L4owZ6nataOqPIjcj3zhkpXVAwk6Wcpihq%2FEXVwisajYR%2FW%2BqGVunFfGTqyBNgiwkDeOlbKG00%2BB5gUdLY%2FuKiGjLYVpKD16kEYaqYEtuQiRfUY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=46313&min_rtt=46234&rtt_var=7449&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4154&recv_bytes=4515&delivery_rate=393&cwnd=12000&unsent_bytes=0&cid=aa0909734292fcb7&ts=171&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding
GET H3	200	login.css carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/	21 KB 4 KB	146ms 146ms	Stylesheet text/css	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/login.css Requested by Host: carousell-hk.kebahd.shop URL: https://carousell-hk.kebahd.shop/login/114BV617MU333V7261156/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `70c931a6f1730e094af30a79b1c2cbdcd24f5d4e5857b0077b14bd59eba0921a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://carousell-hk.kebahd.shop/login/114BV617MU333V7261156/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"66b33c7d-5217" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2Ben07Khqrju4GEVk7gfo52JlCDIOFjcI%2BoFhnKLoF%2BY1lzbB0G5McDewPxiaCvdedv%2BkY3miZyQmkL3C0HLJ2aTeVfZ7p3l3bwrJqSfKz4kihsJuu7ryAft%2FvKKUQzIi6g6ZXtep62LwYQ%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ed14a50ee23b4f3-OSL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46312&min_rtt=46132&rtt_var=1449&sent=31&recv=19&lost=0&retrans=0&sent_bytes=19402&recv_bytes=6066&delivery_rate=62753&cwnd=12000&unsent_bytes=0&cid=aa0909734292fcb7&ts=328&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 05 Dec 2024 04:28:35 GMT content-type text/css last-modified Wed, 07 Aug 2024 09:21:01 GMT vary Accept-Encoding priority u=0,i=?0
GET H3	200	component.css carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/	1 KB 1 KB	145ms 144ms	Stylesheet text/css	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/component.css Requested by Host: carousell-hk.kebahd.shop URL: https://carousell-hk.kebahd.shop/login/114BV617MU333V7261156/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `11b3eb34179c48954ba90b86e041241912d28e3a0fafaf1e94d2ca5f51947029` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://carousell-hk.kebahd.shop/login/114BV617MU333V7261156/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"66b33c7d-4ea" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NAolrleMNe0iCcgsrElDYsHv6XF%2Bm%2FIw3UgAOzT2GzQcv1V411Wq1HhaRdQKHAleYnz0lRilUZJEfCTNmwXfRLbcY0TEWd9r4ZiMdqiukJsM99kYGuFgcp%2BQotcWPhQqzhIDaZ01jZ3cJEQ%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ed14a50ee24b4f3-OSL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46354&min_rtt=46132&rtt_var=3289&sent=29&recv=16&lost=0&retrans=0&sent_bytes=18166&recv_bytes=5937&delivery_rate=114994&cwnd=12000&unsent_bytes=0&cid=aa0909734292fcb7&ts=327&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 05 Dec 2024 04:28:35 GMT content-type text/css last-modified Wed, 07 Aug 2024 09:21:01 GMT vary Accept-Encoding priority u=0,i=?0
GET H3	200	iframe.htm Show response carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/ Frame 93E6	24 KB 8 KB	97ms 97ms	Document text/html	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe.htm Requested by Host: carousell-hk.kebahd.shop URL: https://carousell-hk.kebahd.shop/login/114BV617MU333V7261156/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f3e22cee96a52e656431bee88a340bfce552393d17b1db1545a6799ce03e4dc0` Request headers Referer https://carousell-hk.kebahd.shop/login/114BV617MU333V7261156/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8ed14a50ee25b4f3-OSL content-encoding zstd content-type text/html date Thu, 05 Dec 2024 04:28:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBJaI%2FFhrwCkqgmWWU3OLe%2FxPg4vqM0xMZ8%2BMrvAMpEfOBCfKxlUasY8hpopP11csuG6iCEEF%2FdP6OnX%2FV%2BoH4wVxH8nrLUHH%2FRHqve13RmZ8Fy%2Fq4AxZh%2FLGQvubWtudwgHhAmKP0Px6OM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=46354&min_rtt=46132&rtt_var=3289&sent=19&recv=16&lost=0&retrans=0&sent_bytes=9482&recv_bytes=5937&delivery_rate=114994&cwnd=12000&unsent_bytes=0&cid=aa0909734292fcb7&ts=281&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding
GET H3	200	enhanced.css carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/ Frame 93E6	9 KB 3 KB	147ms 146ms	Stylesheet text/css	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/enhanced.css Requested by Host: carousell-hk.kebahd.shop URL: https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe.htm Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c2c0bbc597dd002e818ab205cb5da283f93695a1642b3b19c78efd5b0d4381b4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe.htm Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"66b33c7d-23a9" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M4meec1Ubw3TwDTjevtcf%2FiiIXjK8xO%2FiC8R%2B5kJT%2Fu77kOs%2Fqw1fWxnn12RCL76mSfZ8HEXHsCOgYmRLE%2BFQ5Q4sFrrN0V%2F6H0D3Fg9IIb5HD1PFJgZWzgYssE43caFkVGAJBk%2FISKrgFA%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ed14a518e9eb4f3-OSL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46788&min_rtt=46132&rtt_var=1053&sent=39&recv=28&lost=0&retrans=0&sent_bytes=25136&recv_bytes=8016&delivery_rate=81725&cwnd=12000&unsent_bytes=0&cid=aa0909734292fcb7&ts=435&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 05 Dec 2024 04:28:35 GMT content-type text/css last-modified Wed, 07 Aug 2024 09:21:01 GMT vary Accept-Encoding priority u=0,i=?0
GET H3	200	important.png carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/ Frame 93E6	976 B 2 KB	123ms 122ms	Image image/png	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/important.png Requested by Host: carousell-hk.kebahd.shop URL: https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe.htm Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `eca5a9fba2cd6411dc5fb70ffeda17cfca5090c2c1f4608a657ffeb8b7998293` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe.htm Response headers cf-cache-status MISS etag "66b33c7d-3d0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GCePAdYEU%2Bqh%2FFBpDoQBq%2BfNsre4bizmBgkm8RK7er8aHKGcUMjilig%2BPty9IkxmkrB7x0c8SJTCtbB5UfUv2iqUlYRiwA3iyXprjSbIxDPmI9Vpb88g%2FiAEp3WZWYmGfixXdziXIQJ%2Bx84%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46788&min_rtt=46132&rtt_var=1053&sent=37&recv=28&lost=0&retrans=0&sent_bytes=23431&recv_bytes=8016&delivery_rate=81725&cwnd=12000&unsent_bytes=0&cid=aa0909734292fcb7&ts=411&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 05 Dec 2024 04:28:35 GMT content-type image/png last-modified Wed, 07 Aug 2024 09:21:01 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8ed14a518ea0b4f3-OSL accept-ranges bytes content-length 976 server cloudflare
GET H3	200	jquery-1.10.2.js Show response carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/ Frame 93E6	276 KB 82 KB	193ms 193ms	Script application/javascript	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/jquery-1.10.2.js Requested by Host: carousell-hk.kebahd.shop URL: https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe.htm Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `53b256938007038f734eb986b836c4c0427c5b91cd44e36d1ea40cff0a1e633e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe.htm Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"66b33c7e-4516a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bvfx3N%2B4aIqoclZTcQiJ8BF7c07TRmPm%2B7oMYXHbOUpK2ZTJ0Vq%2B3FLyGENYu36mZUf2L9sPOXjAzv%2BQEupgR84N%2FljycV0bd2nSnFDFTKPcJhbIOmqiahNd7ZcxKSxtkUMrbDiIoqgI%2FiI%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ed14a518ea2b4f3-OSL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=50033&min_rtt=46132&rtt_var=7280&sent=50&recv=29&lost=0&retrans=0&sent_bytes=37136&recv_bytes=8059&delivery_rate=23436&cwnd=12000&unsent_bytes=0&cid=aa0909734292fcb7&ts=477&x=1", cfExtPri, cfHdrFlush;dur=4 date Thu, 05 Dec 2024 04:28:35 GMT content-type application/javascript last-modified Wed, 07 Aug 2024 09:21:02 GMT vary Accept-Encoding priority u=2,i=?0
GET H3	200	frutigernextlt-medium-webfont.woff carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/fonts/	23 KB 24 KB	138ms 138ms	Font application/font-woff	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/fonts/frutigernextlt-medium-webfont.woff Requested by Host: carousell-hk.kebahd.shop URL: https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/login.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `26314b3a759eb751b54ad0d227e38d54d9dac9bf6c5759d1bbd35201ce933e24` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://carousell-hk.kebahd.shop Referer https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/login.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"66b33c7d-5b64" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Fy%2Bq6ChzZSdvQGoEprFtOnfHBZQedjvP%2F5kz7GS2PLExpfk9xfkADoPzFVhBATKRShXfqhBM%2Bl3wAirzQSMYzXrChe8qwRgkt2rrjn4aKi6TdXfYpTRRoSyPgMIhQ%2FjTKUtNmU%2B0ayuqLI%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ed14a51def5b4f3-OSL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=50033&min_rtt=46132&rtt_var=7280&sent=42&recv=29&lost=0&retrans=0&sent_bytes=28106&recv_bytes=8059&delivery_rate=23436&cwnd=12000&unsent_bytes=0&cid=aa0909734292fcb7&ts=474&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 05 Dec 2024 04:28:35 GMT content-type application/font-woff last-modified Wed, 07 Aug 2024 09:21:01 GMT vary Accept-Encoding priority u=0,i=?0
GET H3	200	Sunset.jpg carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/ Frame 93E6	318 KB 318 KB	186ms 186ms	Image image/jpeg	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/Sunset.jpg Requested by Host: carousell-hk.kebahd.shop URL: https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/enhanced.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6445f2dc0a00064c04a3dcdc90f7553ef70613951bd2e8fd5ad903c5e599b47e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/enhanced.css Response headers cf-cache-status MISS etag "66b33c7e-4f6ed" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KyUqXJXjCx4oa%2Bfu2WHWGR9qfNBOAdvmq4WNxr2lqp9b60MydDKxYGzXdAxtHyzHwEKLKmWx6PcYMSUFRXXy1ae6NHaTqiSpUjqNPOklZ54jjqzXIdug44qGPC9DayvFSv%2FO76QqGI2A%2FKg%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=53357&min_rtt=46115&rtt_var=4805&sent=135&recv=57&lost=0&retrans=0&sent_bytes=128929&recv_bytes=11751&delivery_rate=279238&cwnd=57600&unsent_bytes=0&cid=aa0909734292fcb7&ts=609&x=1", cfExtPri, cfHdrFlush;dur=4 date Thu, 05 Dec 2024 04:28:35 GMT content-type image/jpeg last-modified Wed, 07 Aug 2024 09:21:02 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8ed14a527f7db4f3-OSL accept-ranges bytes content-length 325357 server cloudflare
GET H3	200	desktoplogo.webp carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/ Frame 93E6	3 KB 4 KB	183ms 183ms	Image image/webp	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/desktoplogo.webp Requested by Host: carousell-hk.kebahd.shop URL: https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/enhanced.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `59eacd5f7c4db9537206c6887b70981f77d30c934438bfc51f0813bcde7e3a36` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/enhanced.css Response headers cf-cache-status MISS etag "66b33c7d-ca4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kXyiyY25OaN%2Bu%2F8Gqkq9WtXfjhkiMWGfgCDQU56Y4d2Wk%2FY%2FZd6nlRwL4BYJrMn2TGDcmXhbWHlSosGuu51qQFNxj5GmCj2a2MuaUbFOFfuIVYT8DZM6zObtluAJjbl0YF6E5A6q%2BbNGEPs%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=58914&min_rtt=46132&rtt_var=16576&sent=84&recv=43&lost=0&retrans=0&sent_bytes=71329&recv_bytes=11135&delivery_rate=148641&cwnd=28800&unsent_bytes=0&cid=aa0909734292fcb7&ts=549&x=1", cfExtPri, cfHdrFlush;dur=18 date Thu, 05 Dec 2024 04:28:35 GMT content-type image/webp last-modified Wed, 07 Aug 2024 09:21:01 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8ed14a527f7fb4f3-OSL accept-ranges bytes content-length 3236 server cloudflare
GET H3	200	footer_bg.webp carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/ Frame 93E6	34 B 721 B	185ms 185ms	Image image/webp	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/footer_bg.webp Requested by Host: carousell-hk.kebahd.shop URL: https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/enhanced.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f40c0294f81b2c91904a76b9b0f67683c1a889f91e615bde43f2a41cbc41eab8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/enhanced.css Response headers cf-cache-status MISS etag "66b33c7d-22" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8UzvVcghK4GFQtrOZsDY1zhLtkVNnyuLrKO9K4gazir78%2F9CgKGVArEiW%2B97Ii%2FxbRPSv1sr21wA22UOz5B2zSD4n9cexEBvGgaq2P622s8L%2FQoWtp9AE6P2KiqUEnPHc3tqfK15V3JfpHE%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=58914&min_rtt=46132&rtt_var=16576&sent=84&recv=43&lost=0&retrans=0&sent_bytes=71329&recv_bytes=11135&delivery_rate=148641&cwnd=28800&unsent_bytes=0&cid=aa0909734292fcb7&ts=552&x=1", cfExtPri, cfHdrFlush;dur=15 date Thu, 05 Dec 2024 04:28:35 GMT content-type image/webp last-modified Wed, 07 Aug 2024 09:21:01 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8ed14a527f80b4f3-OSL accept-ranges bytes content-length 34 server cloudflare
GET H3	200	OpenSans-Regular.ttf carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/fonts/ Frame 93E6	212 KB 213 KB	178ms 177ms	Font application/octet-stream	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/fonts/OpenSans-Regular.ttf Requested by Host: carousell-hk.kebahd.shop URL: https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/enhanced.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://carousell-hk.kebahd.shop Referer https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/enhanced.css Response headers cf-cache-status MISS etag "66b33c7e-350bc" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2BoKiNwq9v7wzqC8JEaA3peVKRN%2Bz%2Bo51K%2Bdo%2BP%2F%2FOriXf0mXnYyQgiTbWDC9K4dn8bqPnqp79rs6xUfkTZrGbxFK6Mr81IccvkJPD6cc8Bbg06davNPJWmXE6WSgLPFiZuqi%2FrU1gVSoaE%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=48076&min_rtt=46115&rtt_var=2684&sent=170&recv=68&lost=0&retrans=0&sent_bytes=167329&recv_bytes=12236&delivery_rate=791165&cwnd=69600&unsent_bytes=0&cid=aa0909734292fcb7&ts=616&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 05 Dec 2024 04:28:35 GMT content-type application/octet-stream last-modified Wed, 07 Aug 2024 09:21:02 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8ed14a528f84b4f3-OSL accept-ranges bytes content-length 217276 server cloudflare
GET H3	200	OpenSans-Bold.ttf carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/fonts/ Frame 93E6	219 KB 220 KB	171ms 171ms	Font application/octet-stream	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/fonts/OpenSans-Bold.ttf Requested by Host: carousell-hk.kebahd.shop URL: https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/enhanced.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1b43de2449d39b65ff6f63315d4afda585f72fbbec2e3d9a56f59de6c75149d3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://carousell-hk.kebahd.shop Referer https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/enhanced.css Response headers cf-cache-status MISS etag "66b33c7e-36cc4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ixAWUIW18weKKcFOogiD4XkrX1HYuhKiymc%2B3Bn5NJfXYtVF2JM60CdmToqJNW0zNIrb5NkeEbF%2BKJ9uKTw2kVZ2kio%2BqJquRmf8iMWmK521jXLVnfYMAUr4P%2BIbbjCYLfki%2FcaBxKKxWk0%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=53357&min_rtt=46115&rtt_var=4805&sent=135&recv=57&lost=0&retrans=0&sent_bytes=128929&recv_bytes=11751&delivery_rate=279238&cwnd=57600&unsent_bytes=0&cid=aa0909734292fcb7&ts=607&x=1", cfExtPri, cfHdrFlush;dur=6 date Thu, 05 Dec 2024 04:28:35 GMT content-type application/octet-stream last-modified Wed, 07 Aug 2024 09:21:02 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8ed14a528f85b4f3-OSL accept-ranges bytes content-length 224452 server cloudflare
GET H3	200	dbs-ib-login.woff carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/fonts/ Frame 93E6	2 KB 3 KB	171ms 170ms	Font application/font-woff	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/fonts/dbs-ib-login.woff Requested by Host: carousell-hk.kebahd.shop URL: https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/enhanced.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f2c15b390fcd2bfd7f492aec276c1cc5f75b3f43cfe8595966f57f7a1d20a2fd` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://carousell-hk.kebahd.shop Referer https://carousell-hk.kebahd.shop/6y5vscqf/kg51x/343fdldg/banks/dbsnew/iframe_data/enhanced.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"66b33c7d-800" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxwRETS5wl2cDbe4D72yC7s3K19o4fAsY49sge%2FAGUuwe%2Fei%2Bvk8JWoB5NYg4YhAETKgz9lG0peraQTF9DlIt10IGIuo2i1v9EYberVTIqpfiG1BbRNqgRcLdbevtfwcQkZkBcQIu2QlKx8%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ed14a528f86b4f3-OSL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=52649&min_rtt=46115&rtt_var=4518&sent=134&recv=56&lost=0&retrans=0&sent_bytes=128572&recv_bytes=11706&delivery_rate=279238&cwnd=57600&unsent_bytes=0&cid=aa0909734292fcb7&ts=588&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 05 Dec 2024 04:28:35 GMT content-type application/font-woff last-modified Wed, 07 Aug 2024 09:21:01 GMT vary Accept-Encoding priority u=0,i=?0
GET H3	404	favicon.ico carousell-hk.kebahd.shop/	3 KB 2 KB	121ms 121ms	Other text/html	172.67.135.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell-hk.kebahd.shop/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `578c4a5807d3afb30d6c380df68faf502a20a847b765c2a7511c517759e1739d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://carousell-hk.kebahd.shop/login/114BV617MU333V7261156/ Response headers cache-control no-store, no-cache, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status BYPASS pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eheL8brv5RRbtouvMdkUYg8dA0NmK%2FsFEAb3ayaKoNYhUpZmQsMciu9W2hsGl3ut95TKwd1CmmDiXiScM7hlns4Dx2kz92dQj2i7InywQVyB5TZKrwpmOH9vQLNCo5FmdYIPR%2FOQVe6HBfo%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ed14a5498dbb4f3-OSL expires Thu, 19 Nov 1981 08:52:00 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=48420&min_rtt=46043&rtt_var=2683&sent=820&recv=143&lost=0&retrans=0&sent_bytes=933541&recv_bytes=16001&delivery_rate=4998967&cwnd=433800&unsent_bytes=0&cid=aa0909734292fcb7&ts=896&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 05 Dec 2024 04:28:36 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare priority u=1,i

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DBS Bank (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| unameInputElement object| pwdInputElement function| toggleNotEmptyClass

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			carousell-hk.kebahd.shop/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9d80cb2a9f1d82c90eb7aec6804d406b

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://carousell-hk.kebahd.shop/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

carousell-hk.kebahd.shop
172.67.135.35
11b3eb34179c48954ba90b86e041241912d28e3a0fafaf1e94d2ca5f51947029
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8
1b43de2449d39b65ff6f63315d4afda585f72fbbec2e3d9a56f59de6c75149d3
26314b3a759eb751b54ad0d227e38d54d9dac9bf6c5759d1bbd35201ce933e24
53b256938007038f734eb986b836c4c0427c5b91cd44e36d1ea40cff0a1e633e
578c4a5807d3afb30d6c380df68faf502a20a847b765c2a7511c517759e1739d
59eacd5f7c4db9537206c6887b70981f77d30c934438bfc51f0813bcde7e3a36
6445f2dc0a00064c04a3dcdc90f7553ef70613951bd2e8fd5ad903c5e599b47e
70c931a6f1730e094af30a79b1c2cbdcd24f5d4e5857b0077b14bd59eba0921a
c2c0bbc597dd002e818ab205cb5da283f93695a1642b3b19c78efd5b0d4381b4
c3b2e4132ac0ac0cb56538dc2de9c826f05ebf68b5245553d6c1294cc491d7ac
eca5a9fba2cd6411dc5fb70ffeda17cfca5090c2c1f4608a657ffeb8b7998293
f2c15b390fcd2bfd7f492aec276c1cc5f75b3f43cfe8595966f57f7a1d20a2fd
f3e22cee96a52e656431bee88a340bfce552393d17b1db1545a6799ce03e4dc0
f40c0294f81b2c91904a76b9b0f67683c1a889f91e615bde43f2a41cbc41eab8

carousell-hk.kebahd.shop Open in urlscan Pro 172.67.135.35 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

889 kBTransfer

1157 kBSize

1 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

carousell-hk.kebahd.shop Open in urlscan Pro
172.67.135.35 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

889 kB
Transfer

1157 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!