internet.banking-dbs.com Open in urlscan Pro
193.163.19.227  Malicious Activity! Public Scan

URL: https://internet.banking-dbs.com/
Submission: On May 15 via api from SG — Scanned from SG

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 193.163.19.227, located in San Jose, United States and belongs to XTOM, US. The main domain is internet.banking-dbs.com.
TLS certificate: Issued by R3 on May 14th 2023. Valid for: 3 months.
This is the only time internet.banking-dbs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DBS Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
8 193.163.19.227 6233 (XTOM)
8 1
Apex Domain
Subdomains
Transfer
7 banking-dbs.com
internet.banking-dbs.com
50 KB
1 bnp-paribas.cc
dbs.bnp-paribas.cc
306 B
8 2
Domain Requested by
7 internet.banking-dbs.com internet.banking-dbs.com
1 dbs.bnp-paribas.cc internet.banking-dbs.com
8 2

This site contains no links.

Subject Issuer Validity Valid
internet.banking-dbs.com
R3
2023-05-14 -
2023-08-12
3 months crt.sh
dbs.bnp-paribas.cc
R3
2023-05-14 -
2023-08-12
3 months crt.sh

This page contains 1 frames:

Primary Page: https://internet.banking-dbs.com/
Frame ID: 6763A5FC4C4EC84AE35F0208822F38BE
Requests: 8 HTTP requests in this frame

Screenshot


Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

50 kB
Transfer

79 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
internet.banking-dbs.com/
78 B
230 B
Document
General
Full URL
https://internet.banking-dbs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.163.19.227 San Jose, United States, ASN6233 (XTOM, US),
Reverse DNS
s18066.vps.hosting
Software
nginx /
Resource Hash
084b2fb7ec9240d7c691d6f7f643aecfc6f73b636d1ad3d2b2afa44f44a8d2ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
content-length
78
content-type
text/html
date
Mon, 15 May 2023 03:20:11 GMT
etag
"64612fb4-4e"
last-modified
Sun, 14 May 2023 19:00:04 GMT
server
nginx
strict-transport-security
max-age=31536000
it.js
internet.banking-dbs.com/static/js/
1 KB
690 B
Script
General
Full URL
https://internet.banking-dbs.com/static/js/it.js
Requested by
Host: internet.banking-dbs.com
URL: https://internet.banking-dbs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.163.19.227 San Jose, United States, ASN6233 (XTOM, US),
Reverse DNS
s18066.vps.hosting
Software
nginx /
Resource Hash
a17bebc64e3ce86112bce898fc1a39c1fcf917516eecc5fcf6a902bb4c8968c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://internet.banking-dbs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 03:20:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 14 May 2023 19:03:41 GMT
server
nginx
etag
W/"6461308d-466"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 15 May 2023 15:20:12 GMT
config.js
internet.banking-dbs.com/static/js/
698 B
911 B
Script
General
Full URL
https://internet.banking-dbs.com/static/js/config.js
Requested by
Host: internet.banking-dbs.com
URL: https://internet.banking-dbs.com/static/js/it.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.163.19.227 San Jose, United States, ASN6233 (XTOM, US),
Reverse DNS
s18066.vps.hosting
Software
nginx /
Resource Hash
e658d86ad708f5cc8fce7e15e3f47e11b5f605cf5372c3a32f498c516177fd11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://internet.banking-dbs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 03:20:12 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 14 May 2023 19:04:22 GMT
server
nginx
etag
"646130b6-2ba"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
698
expires
Mon, 15 May 2023 15:20:12 GMT
axios.js
internet.banking-dbs.com/static/js/
42 KB
13 KB
Script
General
Full URL
https://internet.banking-dbs.com/static/js/axios.js
Requested by
Host: internet.banking-dbs.com
URL: https://internet.banking-dbs.com/static/js/it.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.163.19.227 San Jose, United States, ASN6233 (XTOM, US),
Reverse DNS
s18066.vps.hosting
Software
nginx /
Resource Hash
96b65382c74cd6255d4628044c5394f2ef3f0662d7d72b10f1bceb50b6ee5455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://internet.banking-dbs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 03:20:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 14 May 2023 18:59:16 GMT
server
nginx
etag
W/"64612f84-a6f0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 15 May 2023 15:20:12 GMT
data.js
internet.banking-dbs.com/static/js/
1 KB
823 B
Script
General
Full URL
https://internet.banking-dbs.com/static/js/data.js
Requested by
Host: internet.banking-dbs.com
URL: https://internet.banking-dbs.com/static/js/it.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.163.19.227 San Jose, United States, ASN6233 (XTOM, US),
Reverse DNS
s18066.vps.hosting
Software
nginx /
Resource Hash
f06c55b48fd38bab20c09d1311343ec83098df0ea8c4b4277f00dbd91424fe39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://internet.banking-dbs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 03:20:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 14 May 2023 19:10:01 GMT
server
nginx
etag
W/"64613209-5db"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 15 May 2023 15:20:12 GMT
desktoplogo.png
internet.banking-dbs.com/static/images/
5 KB
6 KB
Image
General
Full URL
https://internet.banking-dbs.com/static/images/desktoplogo.png
Requested by
Host: internet.banking-dbs.com
URL: https://internet.banking-dbs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.163.19.227 San Jose, United States, ASN6233 (XTOM, US),
Reverse DNS
s18066.vps.hosting
Software
nginx /
Resource Hash
8fde3b7e7614c23b342d70797d7c1597b6955639d3422040d800051101c842fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://internet.banking-dbs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 03:20:12 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 14 May 2023 17:35:02 GMT
server
nginx
etag
"64611bc6-15d8"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5592
expires
Wed, 14 Jun 2023 03:20:12 GMT
loading.gif
internet.banking-dbs.com/static/images/
29 KB
29 KB
Image
General
Full URL
https://internet.banking-dbs.com/static/images/loading.gif
Requested by
Host: internet.banking-dbs.com
URL: https://internet.banking-dbs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.163.19.227 San Jose, United States, ASN6233 (XTOM, US),
Reverse DNS
s18066.vps.hosting
Software
nginx /
Resource Hash
245bbc018dac02f9f363670178dd44f3dac21f70db671aca9570a439e076bec5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://internet.banking-dbs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 03:20:12 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 14 May 2023 19:03:19 GMT
server
nginx
etag
"64613077-73ad"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
29613
expires
Wed, 14 Jun 2023 03:20:12 GMT
token
dbs.bnp-paribas.cc/api/
34 B
306 B
XHR
General
Full URL
https://dbs.bnp-paribas.cc/api/token
Requested by
Host: internet.banking-dbs.com
URL: https://internet.banking-dbs.com/static/js/axios.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.163.19.227 San Jose, United States, ASN6233 (XTOM, US),
Reverse DNS
s18066.vps.hosting
Software
nginx /
Resource Hash
2c3bd5a3a97e99cc6442f710731a87674eefac62ab5a9d31614e506c5754bbd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
Referer
https://internet.banking-dbs.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 03:20:13 GMT
strict-transport-security
max-age=31536000
server
nginx
access-control-max-age
3600
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
https://internet.banking-dbs.com
access-control-allow-credentials
true

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DBS Bank (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| axios

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://internet.banking-dbs.com/static/js/data.js(Line 12)
Message:
WebSocket connection to 'wss://dbs.bnp-paribas.cc/websocket/undefined' failed: Error during WebSocket handshake: Unexpected response code: 404

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000