urlscan.io logo urlscan.io
SecurityTrails logo

saml.iossin.xyz Open in urlscan Pro
149.129.234.111  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/3C6E2F5
Effective URL: https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26respon...
Submission: On August 15 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 6 domains to perform 30 HTTP transactions. The main IP is 149.129.234.111, located in Jakarta, Indonesia and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is saml.iossin.xyz.
TLS certificate: Issued by R3 on August 15th 2022. Valid for: 3 months.
This is the only time saml.iossin.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Singpass (Government)

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-CL...)
1 1 43.154.133.96 132203 (TENCENT-N...)
1 24 149.129.234.111 45102 (ALIBABA-C...)
1 2600:9000:249... 16509 (AMAZON-02)
30 3
Apex Domain
Subdomains		 Transfer
24 iossin.xyz
www.iossin.xyz
saml.iossin.xyz
871 KB
1 singpass.gov.sg
bio-resources.singpass.gov.sg — Cisco Umbrella Rank: 207947
ww.singpass.gov.sg Failed
138 KB
1 goo.gs
goo.gs
987 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4554
334 B
0 google-analytics.com Failed
1.google-analytics.com Failed
0 wogaa.sg Failed
1.wogaa.sg Failed
30 6
Domain Requested by
23 saml.iossin.xyz saml.iossin.xyz
1 bio-resources.singpass.gov.sg saml.iossin.xyz
1 www.iossin.xyz 1 redirects
1 goo.gs 1 redirects
1 bit.ly 1 redirects
0 1.google-analytics.com Failed saml.iossin.xyz
0 ww.singpass.gov.sg Failed saml.iossin.xyz
0 1.wogaa.sg Failed saml.iossin.xyz
30 8

This site contains links to these domains. Also see Links.

Domain
www.gov.sg
app.singpass.gov.sg
www.singpass.gov.sg
go.gov.sg
www.tech.gov.sg
Subject Issuer Validity Valid
id.iossin.xyz
R3		 2022-08-15 -
2022-11-13		 3 months crt.sh
bio-resources.singpass.gov.sg
DigiCert SHA2 Extended Validation Server CA		 2021-09-15 -
2022-09-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
Frame ID: 9A4FC32D20000AF8E3D0F9FECF65D2DE
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Singpass login

Page URL History Show full URLs

  1. http://bit.ly/3C6E2F5 HTTP 301
    https://goo.gs/ftvlg HTTP 301
    https://www.iossin.xyz/ceshi HTTP 302
    https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fsco... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

80 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

3
IPs

3
Countries

1007 kB
Transfer

2642 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/3C6E2F5 HTTP 301
    https://goo.gs/ftvlg HTTP 301
    https://www.iossin.xyz/ceshi HTTP 302
    https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
saml.iossin.xyz/spservice/
Redirect Chain
  • http://bit.ly/3C6E2F5
  • https://goo.gs/ftvlg
  • https://www.iossin.xyz/ceshi
  • https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fser...
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
08d9fb81d17bfe11ed2f17910f25ffd4da362fbcc4d1f5699c79b7e9e036898f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 15 Aug 2022 16:31:38 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Mon, 15 Aug 2022 16:31:37 GMT
location
https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
server
nginx
strict-transport-security
max-age=31536000
jquery-3.5.1.min.js
saml.iossin.xyz/spservice/assets/ 		162 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/spservice/assets/jquery-3.5.1.min.js
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
8033099f632447edd84bd8e2c3d8972154fb4616716c708adb46eb5a5c7ea2a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:31:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, private
strict-transport-security
max-age=31536000
localsecurity.js
saml.iossin.xyz/spservice/assets/ 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/spservice/assets/localsecurity.js
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
50c32148e6ed72fa795840a6148bf9bdd3db27b6143395734dee85cc198b5f08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:31:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, private
strict-transport-security
max-age=31536000
deeplink-to-native-app.min.js
saml.iossin.xyz/spservice/assets/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/spservice/assets/deeplink-to-native-app.min.js
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
c8413e1b91e4e23288efc62c5c06686e3241252676b69c802329ca801b5e55fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:31:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, private
strict-transport-security
max-age=31536000
wogaa.js
1.wogaa.sg/scripts/ 		0
0
font.css
saml.iossin.xyz/spservice/assets/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/spservice/assets/font.css
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
8f4e072e82bb96411b4610c45c3b6311e3590d640c53e049e3bfee5430f19d71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:31:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
strict-transport-security
max-age=31536000
2.cbe4ed89.chunk.css
saml.iossin.xyz/spservice/static/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/spservice/static/css/2.cbe4ed89.chunk.css
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
0eff3b2c44de643b10f16757c48f8445d16d93d527981e9625027aa33c28db67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:31:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
strict-transport-security
max-age=31536000
spface-v3.3.2.js
bio-resources.singpass.gov.sg/html5sdk/ 		337 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bio-resources.singpass.gov.sg/html5sdk/spface-v3.3.2.js
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:8200:1d:2183:56c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0a604f65660307c02736c746956cffa1d8b082ba363c013e43881a9cee61b76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

x-amz-version-id
arL7ZXxydkUp3ww0mO05NT_VmtZGr3Uh
content-encoding
gzip
etag
W/"7b3ff5792715d4c22ca74fde10b7f4d2"
last-modified
Fri, 10 Sep 2021 07:46:16 GMT
server
AmazonS3
age
38870
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
date
Mon, 15 Aug 2022 05:43:49 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
U8URnbb51lrlfk3ZkaXoeAj0n0L6PGhbpi61EJ2zFlULjwTmcQ5lKQ==
2.da773bdc.chunk.js
saml.iossin.xyz/spservice/static/js/ 		2 MB
535 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/spservice/static/js/2.da773bdc.chunk.js
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
d3e2799b83329ecc140140fcf5f2796a1f5a07770753227d96d5ef32ec3ab2b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:31:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, private
strict-transport-security
max-age=31536000
main.06a0cb57.chunk.js
saml.iossin.xyz/spservice/static/js/ 		321 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/spservice/static/js/main.06a0cb57.chunk.js
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ce7cc7dfdb33c4fec1537e373861467003a3a4e00a690f0b6fa97c3a9e710043
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:31:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, private
strict-transport-security
max-age=31536000
translation.json
saml.iossin.xyz/spservice/locales/en/ 		27 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/spservice/locales/en/translation.json
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/static/js/2.da773bdc.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cc4fbcf17c683ac83e717ec88468aac710b1504ec17f6ec4934b5abf869a3b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:31:42 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
strict-transport-security
max-age=31536000
details
saml.iossin.xyz/cmn/device/ 		20 B
1006 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/cmn/device/details
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/static/js/2.da773bdc.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
4a8573eb2407f8a92879c13943afd267534a2e5664708818938d079e8398482a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json
Referer
https://saml.iossin.xyz/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26client_id%3DNDI-AUTHCOM%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26esrvcID%3DNDI-AUTHCOM
X-XSRF-TOKEN
eyJpdiI6IlhiSDA3UWZ2MHc5d0tUYSt6ZVpDbHc9PSIsInZhbHVlIjoiMERuRG9mTTBwUk5IUWQ0MXFSa2F1c3h0U3lrenVuVnZmTVNBVnpnS1pvWGpXRTZDZythSkZqenFubTdHSWNWRkVrYmplVGIxWnZSK20wZi85VUZFZWNwV04ybEhTLzRhdi9US1RUdDVQSG02LzUwMENWZnlTNmZ1Y2tNUEdzb3AiLCJtYWMiOiJkY2NhOWZiN2QxNzI5MjI3ZWEwZTdlYTlmOTdlZWY5ZTJkMmQwMWVlODE0MDY4MTgzODUyZTJlNDM3NGY0ZjM0IiwidGFnIjoiIn0=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:31:43 GMT
server
nginx
vary
Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
strict-transport-security
max-age=31536000
content-type
application/json
init-login
saml.iossin.xyz/cmn/eservice/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/cmn/eservice/init-login
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/static/js/2.da773bdc.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
5e41693d5b00fdc4720d3444c0249762660220db041983426c1b88c6fdb12ea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json
Referer
https://saml.iossin.xyz/spservice/welcome
X-XSRF-TOKEN
eyJpdiI6ImlJYWE2aGFaZ3FLR3RPKzRScTJWVkE9PSIsInZhbHVlIjoibUV5VHkrQktqRThYVmFWaHBUVklUdUdNSG9zQlBtT3VrS3BEekU2Z2pqUGNkUTRuU1BUR2s0US84dVFTYitkWHk5d2U0elhBc0V4eWZXY3drS2hEcnJQTlMySHFvcUo3UWcwbWtMT2dVT3Z6bGVQR0s3L0ljMGIwaXBYbnJNZmUiLCJtYWMiOiIyYjE2NDhhZmVjMWNlMTY5OTlmMTZhN2QxZDVkYjhjMTFiODg4ZDEwNWZiYWMwNjAxYTFhY2IzZTg2NTY0YTk1IiwidGFnIjoiIn0=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:31:44 GMT
server
nginx
vary
Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
strict-transport-security
max-age=31536000
content-type
application/json
/
ww.singpass.gov.sg/2.2/w/w-675305/sync/js/ 		0
0
authorize
saml.iossin.xyz/mga/sps/oauth/oauth20/ 		368 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/mga/sps/oauth/oauth20/authorize?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fapi.myinfo.gov.sg%2Fserviceauth%2Fmyinfo-com%2Fv1%2Fauthenticate&client_id=NDI-AUTHCOM&state=pSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3&nonce=1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP&esrvcID=NDI-AUTHCOM
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/static/js/2.da773bdc.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
721f6a908d500e77a75f3730be2759bedcb060cecb1167f958c3745cfa1b4773
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json
Referer
https://saml.iossin.xyz/spservice/welcome
X-XSRF-TOKEN
eyJpdiI6IjlHdU1lNStqVjlqRjF4OXFSU1Nya1E9PSIsInZhbHVlIjoiM0NlTjVlc3cySFB1T2JFZzBLaHZkMVNXV09ic0NTcVgxWW84bDZCQkdhUUdyd0RyMXZnSG41cnRDRmxKL3pIWnhqUnZsbXBjaTBuUkgyVk1zVU44SE1Id3hDcjA0S2pBQmhjekhFejRaQXpXbzdyWDNsUWxnOVlvbkJqZ2RKOCsiLCJtYWMiOiIyNzVhZWRmNjNiMTlmZWU1ZjBjNTRkZGFkZTI1OTA3MWQ4ZTJkOGVjY2RlNDI4Mzc2ZjUzYmY0ZGE2MzkyMDY5IiwidGFnIjoiIn0=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:31:44 GMT
server
nginx
location
/spservice/?TAM_OP=login&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fclient_id%3DNDI-AUTHCOM%26esrvcID%3DNDI-AUTHCOM%26nonce%3D1RIcuUtW1X7Ts1etT_JjHwkAcDDe14YYhcP2_DkP%26redirect_uri%3Dhttps%253A%252F%252Fapi.myinfo.gov.sg%252Fserviceauth%252Fmyinfo-com%252Fv1%252Fauthenticate%26response_type%3Dcode%26scope%3Dopenid%26state%3DpSLF13UXG_gk32tHq0fn-4D3uTm2vRhg1SEtX3A3
strict-transport-security
max-age=31536000
p3p
CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin
*
access-control-expose-headers
location
cache-control
no-store, private
am-eai-server-task
terminate session Yvp07wAAAAIAAAA073T6YrhwWTzBfwAAa203YXRaZnJwNGhJQmRhTFRrZmNPRmgvTy83TGt0Z2NoSjFlQjVBNFVJUzRjaVRWeWZvPQ==:default
content-type
application/json
analytics.js
1.google-analytics.com/ 		0
0
landing-bg-img.82ae0b28.jpg
saml.iossin.xyz/spservice/static/media/ 		97 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.iossin.xyz/spservice/static/media/landing-bg-img.82ae0b28.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
9354ea1538caf8418d807d0184e417948f2eb6faf7e2c62d07475b332a252b90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/welcome
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:31:45 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
strict-transport-security
max-age=31536000
poppins-latin-400-normal.5b8f3ba8.woff2
saml.iossin.xyz/spservice/static/media/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/spservice/static/media/poppins-latin-400-normal.5b8f3ba8.woff2
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/static/css/2.cbe4ed89.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://saml.iossin.xyz/spservice/static/css/2.cbe4ed89.chunk.css
Origin
https://saml.iossin.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Aug 2022 16:31:46 GMT
cache-control
no-cache, private
server
nginx
strict-transport-security
max-age=31536000
content-type
binary/octet-stream
poppins-v15-latin-600.woff2
saml.iossin.xyz/spservice/assets/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/spservice/assets/poppins-v15-latin-600.woff2
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/assets/font.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://saml.iossin.xyz/spservice/assets/font.css
Origin
https://saml.iossin.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Aug 2022 16:31:46 GMT
cache-control
no-cache, private
server
nginx
strict-transport-security
max-age=31536000
content-type
binary/octet-stream
poppins-v15-latin-500.woff2
saml.iossin.xyz/spservice/assets/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/spservice/assets/poppins-v15-latin-500.woff2
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/assets/font.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://saml.iossin.xyz/spservice/assets/font.css
Origin
https://saml.iossin.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Aug 2022 16:31:46 GMT
cache-control
no-cache, private
server
nginx
strict-transport-security
max-age=31536000
content-type
binary/octet-stream
poppins-v15-latin-300.woff2
saml.iossin.xyz/spservice/assets/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://saml.iossin.xyz/spservice/assets/poppins-v15-latin-300.woff2
Requested by
Host: saml.iossin.xyz
URL: https://saml.iossin.xyz/spservice/assets/font.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://saml.iossin.xyz/spservice/assets/font.css
Origin
https://saml.iossin.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Aug 2022 16:31:46 GMT
cache-control
no-cache, private
server
nginx
strict-transport-security
max-age=31536000
content-type
binary/octet-stream
request
saml.iossin.xyz/st/qr/ 		0
0
truncated
/ 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27ca3c00c616112fad5bc83bbdc7cc77a0ff31b6781fbd091257a5f346a9ebea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
image/png
singpass-logo.bdceeae1.svg
saml.iossin.xyz/spservice/static/media/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.iossin.xyz/spservice/static/media/singpass-logo.bdceeae1.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/welcome
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Aug 2022 16:31:46 GMT
cache-control
no-cache, private
server
nginx
strict-transport-security
max-age=31536000
content-type
image/svg+xml
text-increase.145081dd.svg
saml.iossin.xyz/spservice/static/media/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.iossin.xyz/spservice/static/media/text-increase.145081dd.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
faa1d888b907a668a5ba0a1195ff75751a925614d6eb09fb668f147ce5396789
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/welcome
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Aug 2022 16:31:45 GMT
cache-control
no-cache, private
server
nginx
strict-transport-security
max-age=31536000
content-type
image/svg+xml
truncated
/ 		139 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cd0d7b8b6c66ea3ee946c659c3c2405078bec0f0f352d694c3ea86043ca2cd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
image/png
text-original.6c7f0710.svg
saml.iossin.xyz/spservice/static/media/ 		0
0
text-decrease.6ce30b7f.svg
saml.iossin.xyz/spservice/static/media/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.iossin.xyz/spservice/static/media/text-decrease.6ce30b7f.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
b9e9d46850c7a22d8ff273468e7635bc984e259965c98cbc03e9d1f4961b163d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/welcome
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Aug 2022 16:31:46 GMT
cache-control
no-cache, private
server
nginx
strict-transport-security
max-age=31536000
content-type
image/svg+xml
print-icon.448368d9.svg
saml.iossin.xyz/spservice/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.iossin.xyz/spservice/static/media/print-icon.448368d9.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
2bdeb38a318665e680c5a0e247310862a54d533496c22bc1fac5e23d3baf8a2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/welcome
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Aug 2022 16:31:46 GMT
cache-control
no-cache, private
server
nginx
strict-transport-security
max-age=31536000
content-type
image/svg+xml
search-icon.7144d50d.svg
saml.iossin.xyz/spservice/static/media/ 		0
0
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0ba0dbb5319276b718f3da1de064df4687d8c7705b813592d2bb2bd74de2d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
image/png
icon-sp-mascot.56e6db83.svg
saml.iossin.xyz/spservice/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.iossin.xyz/spservice/static/media/icon-sp-mascot.56e6db83.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
bf010ca2669f1c352a93b11b499a622b6431d6d6ba1227d04744ada8986167c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/welcome
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Aug 2022 16:31:46 GMT
cache-control
no-cache, private
server
nginx
strict-transport-security
max-age=31536000
content-type
image/svg+xml
singpass-logo-white.b764b183.svg
saml.iossin.xyz/spservice/static/media/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saml.iossin.xyz/spservice/static/media/singpass-logo-white.b764b183.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.129.234.111 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
70c70d5702072f5c797ec57ff38d94e6fbb6b5793336788f06bba4b6a0d111ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saml.iossin.xyz/spservice/welcome
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Aug 2022 16:31:46 GMT
cache-control
no-cache, private
server
nginx
strict-transport-security
max-age=31536000
content-type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
1.wogaa.sg
URL
https://1.wogaa.sg/scripts/wogaa.js
Domain
ww.singpass.gov.sg
URL
https://ww.singpass.gov.sg/2.2/w/w-675305/sync/js/
Domain
1.google-analytics.com
URL
https://1.google-analytics.com/analytics.js
Domain
saml.iossin.xyz
URL
https://saml.iossin.xyz/st/qr/request
Domain
saml.iossin.xyz
URL
https://saml.iossin.xyz/spservice/static/media/text-original.6c7f0710.svg
Domain
saml.iossin.xyz
URL
https://saml.iossin.xyz/spservice/static/media/search-icon.7144d50d.svg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Singpass (Government)

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| des function| des_createKeys boolean| Is2048 function| stringToHex function| encryptSetPwdNoVerifyRSABlockMD5 function| encryptSetPwdRSABlock256 function| encryptSetPwdNoVerifyRSABlock256 function| encryptSetPwdNoVerifyNoUserRSABlock256 function| encryptSetPwdNoVerifyNoUserRSABlock256U function| encryptSetPwdNoVerifyNoUserRSABlock512 function| encryptVerifyStaticRSABlockMD5 function| encryptVerifyStaticRSABlock256 function| encryptVerifyStaticNoUserRSABlock256 function| encryptVerifyStaticNoUserRSABlock256U function| encryptVerifyNoUserRSABlock256 function| encryptVerifyNoUserRSABlock256U function| encryptVerifyRSABlock256 function| encryptVerifyStaticNoUserRSABlock512 function| encryptVerifyNoUserRSABlock512 function| encryptChangePwdNoVerifyRSABlockMD5 function| encryptChangePwdNoVerifyRSABlock256 function| encryptChangePwdNoVerifyNoUserRSABlock256 function| encryptChangePwdNoVerifyNoUserRSABlock256U function| encryptChangePwdRSABlock256 function| encryptChangePwdNoVerifyNoUserRSABlock512 function| encryptMigratePwdNoVerifyNoUser256RSABlock512 function| encryptVerifyOtipNoUserRSABlock function| doSHA256Hash function| rsaDES3EncryptDataPKCS5Padding_CBC function| des3EncryptPKCS5Padding_CBC function| des3KeyGen function| getByteArray number| dbits boolean| j_lm function| BigInteger function| nbi function| am1 function| MD5 function| dW function| tH function| lf function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnpBitwiseTo function| op_xor function| bnXor function| lbit function| parseBigInt function| pkcs1pad2B function| randomBytes function| pkcs1pad2 function| pkcs1pad2S function| RSAKey function| sha256Hash function| ROTR function| Sigma0 function| Sigma1 function| sigma0 function| sigma1 function| Ch function| Maj function| Util function| SHA512 object| NativeAppLauncher object| webpackChunk_name_ function| setImmediate function| clearImmediate object| regeneratorRuntime object| WebComponents function| IProov object| webpackJsonpeservice-login number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ boolean| browserSupport object| ndsapi string| GoogleAnalyticsObject function| ga string| qrCodeState string| ndiEventCallbackState

7 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m7fgvu-05c72f81b17db4c85a-00c
goo.gs/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik1aS01KcUNjVlIzTVp0RENpVDJLVlE9PSIsInZhbHVlIjoiWkprQVJ4cm9FSFVWTVI4Q01wZG1STEFodjF1NnNkV0piTG45UGFQZlpFanVVUkh6bmlFeklWSVV1RnE2UlR6ZXNrZDJVS2hYNERnXC9OYjdWbmVLbmlxdUZzNld2Qm9rOFVlSzRtMmwzSTlGU0tzejFhWmpnRWdLbE13NEIzNDA2IiwibWFjIjoiMjliZmYxNTgyMTUzNjc1MTI4ZGQ1MzVhOGJkY2U1NzY0Njk4N2U0YWUxOTYwZDQ0MDQyYTU3YjIyNzJkYjY2YiJ9
goo.gs/ Name: phpshort_session
Value: eyJpdiI6ImFRRkRYanlpOFVPRHlUUktCSzZQTkE9PSIsInZhbHVlIjoiUmdnME9rU1NVeWxOQ05LMWNTakZXaklOeHl0ZmVLR3dTOXFSbUQrQjAxXC84YlFyZUZBWnNtbUJ0cGJYcEl6WTE5bWpGYXVnSWhWR3VYZVRlV0ViREtGS3ZKSDdpN1BOVmRpZFpQVFBEMnBNMkJnYm9wV2FLRERCaHdLRnJiYjJ5IiwibWFjIjoiNzU0NDgyZDZlNWVmYjYxZTMxMWE5MGU1OGIwYmM5NGJiODFlNzZjMjExOTQ5MTgyYmU1ZTMxZGI5MzA3ODkyMSJ9
goo.gs/ Name: dark_mode
Value: 0
goo.gs/ Name: cookie_law
Value: 0
.iossin.xyz/ Name: XSRF-TOKEN
Value: eyJpdiI6Ilpkb3V5SXJiN0ZMQ2hJeGx6K1N6UUE9PSIsInZhbHVlIjoiZ1gzbEN0amdzOXl1aWl6a0NVQWF3ZkRZenNJNDJ3ejFMQzYwckN5STBMM2cxY1FOSjZJUkFub1RWQzl1NnhGSXRjK1BGbW5zY0htbnUwa1RzWmxTUDJmc0NlaHpEVWJRYkJrTGIyT2NhZUIvejFIS1RXRVFDRU4wMzZvM1hQUnYiLCJtYWMiOiI0Mjg1YWZiMTMyZTg0NzEyMzJjZGFkMDQyYjE3NDQxOGJkYTZkNDIxZjdjODJjZWI4MzAyN2NlYmNiNWQ3NzJjIiwidGFnIjoiIn0%3D
.iossin.xyz/ Name: laravel_session
Value: eyJpdiI6ImlqTm9YUnk0bUVhbnJlbmpYWldoV2c9PSIsInZhbHVlIjoiMnc0WExlbHJqdS9PZ2EwR0xuRGJEYTJBVlp0TlZRMWFhYVMyYVlNYTdHKy9iMkJKK0I3UFhoQ21ldVBPVStDTDVrVXJnVk9WMlBBTlQ3THBVcy95U3oySFpGOFlXTXEvZzlvOFp6Q0pqMTRzNTF4RzVwTlBFVmdqVzdFVnZMR1UiLCJtYWMiOiI2MGJmMDk1MWE1Mjk5YWRkMzI5YTI0ZDgyOTI0OWMyMzZjNDQxMzdlOWFkOWMzM2IzYzE0YTFiZTczMmE1NmYzIiwidGFnIjoiIn0%3D

3 Console Messages

Source Level URL
Text
network error URL: https://1.wogaa.sg/scripts/wogaa.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ww.singpass.gov.sg/2.2/w/w-675305/sync/js/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://1.google-analytics.com/analytics.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.google-analytics.com
1.wogaa.sg
bio-resources.singpass.gov.sg
bit.ly
goo.gs
saml.iossin.xyz
ww.singpass.gov.sg
www.iossin.xyz
1.google-analytics.com
1.wogaa.sg
saml.iossin.xyz
ww.singpass.gov.sg
149.129.234.111
2600:9000:2490:8200:1d:2183:56c0:93a1
43.154.133.96
67.199.248.10
08d9fb81d17bfe11ed2f17910f25ffd4da362fbcc4d1f5699c79b7e9e036898f
0eff3b2c44de643b10f16757c48f8445d16d93d527981e9625027aa33c28db67
27ca3c00c616112fad5bc83bbdc7cc77a0ff31b6781fbd091257a5f346a9ebea
2bdeb38a318665e680c5a0e247310862a54d533496c22bc1fac5e23d3baf8a2b
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
3cd0d7b8b6c66ea3ee946c659c3c2405078bec0f0f352d694c3ea86043ca2cd5
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4a8573eb2407f8a92879c13943afd267534a2e5664708818938d079e8398482a
50c32148e6ed72fa795840a6148bf9bdd3db27b6143395734dee85cc198b5f08
5e41693d5b00fdc4720d3444c0249762660220db041983426c1b88c6fdb12ea4
70c70d5702072f5c797ec57ff38d94e6fbb6b5793336788f06bba4b6a0d111ab
721f6a908d500e77a75f3730be2759bedcb060cecb1167f958c3745cfa1b4773
8033099f632447edd84bd8e2c3d8972154fb4616716c708adb46eb5a5c7ea2a8
8f4e072e82bb96411b4610c45c3b6311e3590d640c53e049e3bfee5430f19d71
9354ea1538caf8418d807d0184e417948f2eb6faf7e2c62d07475b332a252b90
b0ba0dbb5319276b718f3da1de064df4687d8c7705b813592d2bb2bd74de2d93
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
b9e9d46850c7a22d8ff273468e7635bc984e259965c98cbc03e9d1f4961b163d
bf010ca2669f1c352a93b11b499a622b6431d6d6ba1227d04744ada8986167c3
c8413e1b91e4e23288efc62c5c06686e3241252676b69c802329ca801b5e55fe
cc4fbcf17c683ac83e717ec88468aac710b1504ec17f6ec4934b5abf869a3b42
ce7cc7dfdb33c4fec1537e373861467003a3a4e00a690f0b6fa97c3a9e710043
d3e2799b83329ecc140140fcf5f2796a1f5a07770753227d96d5ef32ec3ab2b2
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
f0a604f65660307c02736c746956cffa1d8b082ba363c013e43881a9cee61b76
faa1d888b907a668a5ba0a1195ff75751a925614d6eb09fb668f147ce5396789