dbs-banlking.com Open in urlscan Pro
185.8.50.84 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dbs-banlking.com/
Effective URL:
http://dbs-banlking.com/login.php?browser=correct&visit=ODI2MjgyMjk1Ng==
Submission: On August 10 via automatic, source phishtank (August 10th 2017, 7:42:53 am UTC)

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 185.8.50.84, located in Paris, France and belongs to ARUBAFR-AS, FR. The main domain is dbs-banlking.com.

This is the only time dbs-banlking.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DBS Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2	185.8.50.84 185.8.50.84	199653 (ARUBAFR-AS) (ARUBAFR-AS)
12	104.109.106.206 104.109.106.206	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	3

2 185.8.50.84 (Paris, France)

ASN199653 (ARUBAFR-AS, FR)
PTR: host84-50-8-185.static.arubacloud.fr

dbs-banlking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.109.106.206 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-106-206.deploy.static.akamaitechnologies.com

internet-banking.dbs.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	dbs.com.sg internet-banking.dbs.com.sg Failed	123 KB
2	dbs-banlking.com dbs-banlking.com	197 B
15	2

	Domain	Requested by
12	internet-banking.dbs.com.sg	dbs-banlking.com internet-banking.dbs.com.sg
2	dbs-banlking.com
15	2

This site contains no links.

Subject Issuer	Validity	Valid
internet-banking.dbs.com.sg Symantec Class 3 Extended Validation SHA256 SSL CA	`2016-12-01` - `2018-01-11`	a year	crt.sh

This page contains 2 frames:

Frame: https://internet-banking.dbs.com.sg/IB/Welcome
Frame ID: 6997.1
Requests: 3 HTTP requests in this frame

Frame: https://internet-banking.dbs.com.sg/IB/Welcome
Frame ID: 7022.1
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://dbs-banlking.com/ Page URL
http://dbs-banlking.com/login.php?browser=correct&visit=ODI2MjgyMjk1Ng== Page URL

Page Statistics

15
Requests

80 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

124 kB
Transfer

389 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dbs-banlking.com/ Page URL
http://dbs-banlking.com/login.php?browser=correct&visit=ODI2MjgyMjk1Ng== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
dbs-banlking.com/ 96 B
102 B 100ms
36ms Document
text/html 185.8.50.84
ARUBAFR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dbs-banlking.com/
Protocol: HTTP/1.1
Server: 185.8.50.84 Paris, France, ASN199653 (ARUBAFR-AS, FR),
Reverse DNS: host84-50-8-185.static.arubacloud.fr
Software: Apache /
Resource Hash: a452481369f83e936ea2bb1781ae307ceb74af8e78a2d26e152eafc209dccc3b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 10 Aug 2017 07:42:42 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Primary Request login.php Show response
dbs-banlking.com/ 89 B
95 B 34ms
34ms Document
text/html 185.8.50.84
ARUBAFR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dbs-banlking.com/login.php?browser=correct&visit=ODI2MjgyMjk1Ng==
Protocol: HTTP/1.1
Server: 185.8.50.84 Paris, France, ASN199653 (ARUBAFR-AS, FR),
Reverse DNS: host84-50-8-185.static.arubacloud.fr
Software: Apache /
Resource Hash: c9aa15a611be520d7b891b3346d65b48704d0cbd477bec9752648125cb49c2fd

Request headers

Upgrade-Insecure-Requests: 1
Referer: http://dbs-banlking.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 10 Aug 2017 07:42:42 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET Welcome
internet-banking.dbs.com.sg/IB/ 0
0

GET
H/1.1 200
OK Welcome Show response
internet-banking.dbs.com.sg/IB/ Frame 7022 6 KB
1 KB 2307ms
2254ms Document
text/html 104.109.106.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://internet-banking.dbs.com.sg/IB/Welcome

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.106.206 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-106-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

52eee3770d3bd574dfbbea83f909d34dfff05468dbca8ce847b3d070917d0cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
Referer: http://dbs-banlking.com/login.php?browser=correct&visit=ODI2MjgyMjk1Ng==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Date: Thu, 10 Aug 2017 07:42:45 GMT
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: no-store,no-cache,max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 1415
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK bootstrap-custom.css
internet-banking.dbs.com.sg/IB/dbs/stylesheets/vendor/styles/ Frame 7022 16 KB
4 KB 8ms
8ms Stylesheet
text/css 104.109.106.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://internet-banking.dbs.com.sg/IB/dbs/stylesheets/vendor/styles/bootstrap-custom.css?version=133
Requested by: Host: internet-banking.dbs.com.sg
URL: https://internet-banking.dbs.com.sg/IB/Welcome
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.106.206 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-106-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 13a4b21e9e221c646aa8f380efc4b4789b39e98c255a2bfadaef01c5650f2aea

Request headers

Referer: https://internet-banking.dbs.com.sg/IB/Welcome
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public, public, public
Date: Thu, 10 Aug 2017 07:42:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Jun 2017 12:50:52 GMT
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: max-age=604800,public
Connection: keep-alive
Content-Type: text/css
Content-Length: 3696

GET
H/1.1 200
OK theme.css
internet-banking.dbs.com.sg/IB/dbs/stylesheets/css/ Frame 7022 50 KB
8 KB 17ms
8ms Stylesheet
text/css 104.109.106.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://internet-banking.dbs.com.sg/IB/dbs/stylesheets/css/theme.css?version=133
Requested by: Host: internet-banking.dbs.com.sg
URL: https://internet-banking.dbs.com.sg/IB/Welcome
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.106.206 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-106-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e68a1bc75c3120e6aae141012cea8459e2acdad63b38984c876e07cf30da0893

Request headers

Referer: https://internet-banking.dbs.com.sg/IB/Welcome
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public, public, public
Date: Thu, 10 Aug 2017 07:42:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Jun 2017 12:50:52 GMT
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: max-age=604800,public
Connection: keep-alive
Content-Type: text/css
Content-Length: 8538

GET
H/1.1 200
OK icons.css
internet-banking.dbs.com.sg/IB/dbs/stylesheets/css/ Frame 7022 11 KB
2 KB 24ms
10ms Stylesheet
text/css 104.109.106.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://internet-banking.dbs.com.sg/IB/dbs/stylesheets/css/icons.css?version=133
Requested by: Host: internet-banking.dbs.com.sg
URL: https://internet-banking.dbs.com.sg/IB/Welcome
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.106.206 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-106-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 46cd96b88c67d69fb1e2123818d24fb15382304714a4761e88b45d1bffc88762

Request headers

Referer: https://internet-banking.dbs.com.sg/IB/Welcome
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public, public, public
Date: Thu, 10 Aug 2017 07:42:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Jun 2017 12:50:52 GMT
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: max-age=604800,public
Connection: keep-alive
Content-Type: text/css
Content-Length: 2026

GET
H/1.1 200
OK layouts.css
internet-banking.dbs.com.sg/IB/dbs/stylesheets/css/ Frame 7022 141 KB
27 KB 23ms
9ms Stylesheet
text/css 104.109.106.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://internet-banking.dbs.com.sg/IB/dbs/stylesheets/css/layouts.css?version=133
Requested by: Host: internet-banking.dbs.com.sg
URL: https://internet-banking.dbs.com.sg/IB/Welcome
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.106.206 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-106-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0d1c3381ea93716b44cfa61b3a075c02f3888913d3f906517bf65c6f3dc14930

Request headers

Referer: https://internet-banking.dbs.com.sg/IB/Welcome
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public, public
Date: Thu, 10 Aug 2017 07:42:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Jun 2017 12:50:52 GMT
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: max-age=604800,public
Connection: keep-alive
Content-Type: text/css
Content-Length: 27868

GET
H/1.1 200
OK html5shiv.js Show response
internet-banking.dbs.com.sg/IB/scripts/vendor/ Frame 7022 2 KB
1 KB 24ms
9ms Script
application/x-javascript 104.109.106.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://internet-banking.dbs.com.sg/IB/scripts/vendor/html5shiv.js?version=133
Requested by: Host: internet-banking.dbs.com.sg
URL: https://internet-banking.dbs.com.sg/IB/Welcome
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.106.206 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-106-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d8c569f72ce69b0cbae60a34672416ddc41aabd58df8b889728750f1f69d2bc

Request headers

Referer: https://internet-banking.dbs.com.sg/IB/Welcome
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public, public, public, public
Date: Thu, 10 Aug 2017 07:42:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Jun 2017 12:50:52 GMT
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: max-age=604800,public
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 1224

GET
H/1.1 200
OK notification.css
internet-banking.dbs.com.sg/IB/dbs/stylesheets/css/ Frame 7022 3 KB
1 KB 22ms
8ms Stylesheet
text/css 104.109.106.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://internet-banking.dbs.com.sg/IB/dbs/stylesheets/css/notification.css?version=133
Requested by: Host: internet-banking.dbs.com.sg
URL: https://internet-banking.dbs.com.sg/IB/Welcome
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.106.206 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-106-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 452122c8b32990a36df30031ffe3200d44011170b87218af32ceb3d4ec0289aa

Request headers

Referer: https://internet-banking.dbs.com.sg/IB/Welcome
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public, public, public, public
Date: Thu, 10 Aug 2017 07:42:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Jun 2017 12:50:52 GMT
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: max-age=604800,public
Connection: keep-alive
Content-Type: text/css
Content-Length: 1105

GET
H/1.1 200
OK notification.js Show response
internet-banking.dbs.com.sg/IB/scripts/ Frame 7022 5 KB
1 KB 23ms
9ms Script
application/x-javascript 104.109.106.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://internet-banking.dbs.com.sg/IB/scripts/notification.js?version=133
Requested by: Host: internet-banking.dbs.com.sg
URL: https://internet-banking.dbs.com.sg/IB/Welcome
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.106.206 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-106-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 91f0821a808514370c4f4f42b500e30d6b9dc51910d5547f09438f187b936a61

Request headers

Referer: https://internet-banking.dbs.com.sg/IB/Welcome
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public, public
Date: Thu, 10 Aug 2017 07:42:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Jun 2017 12:50:52 GMT
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: max-age=604800,public
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 1385

GET
H/1.1 200
OK satelliteLib-e1e8c61fc2280cc6fb41b6644be1ca2dfdcf675d.js Show response
internet-banking.dbs.com.sg/IB/js/71d06aac4e562e3a2278bf493855202cacdacaa2/ Frame 7022 102 KB
26 KB 25ms
8ms Script
application/x-javascript 104.109.106.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://internet-banking.dbs.com.sg/IB/js/71d06aac4e562e3a2278bf493855202cacdacaa2/satelliteLib-e1e8c61fc2280cc6fb41b6644be1ca2dfdcf675d.js?version=133
Requested by: Host: internet-banking.dbs.com.sg
URL: https://internet-banking.dbs.com.sg/IB/Welcome
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.106.206 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-106-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9fefe6e019a81cc6e152168763ef92b8568609eecc24181a2f2bb8d1a4d1fdc5

Request headers

Referer: https://internet-banking.dbs.com.sg/IB/Welcome
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public, public, public
Date: Thu, 10 Aug 2017 07:42:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Jun 2017 12:50:52 GMT
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: max-age=604800,public
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 26146

GET
H/1.1 200
OK bg.png
internet-banking.dbs.com.sg/IB/dbs/images/ Frame 7022 8 KB
8 KB 11ms
11ms Image
image/png 104.109.106.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://internet-banking.dbs.com.sg/IB/dbs/images/bg.png
Requested by: Host: internet-banking.dbs.com.sg
URL: https://internet-banking.dbs.com.sg/IB/Welcome
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.106.206 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-106-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c9e4ba1661ea3bf5f91b9d084e92ad53d945306a45abad9439405b79e048434b

Request headers

Referer: https://internet-banking.dbs.com.sg/IB/dbs/stylesheets/css/theme.css?version=133
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public, public, public
Date: Thu, 10 Aug 2017 07:42:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Jun 2017 12:50:52 GMT
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: max-age=604800,public
Connection: keep-alive
Content-Type: text/plain
Content-Length: 8680

GET
H/1.1 200
OK frutigernextlt-regular-webfont.woff
internet-banking.dbs.com.sg/IB/new_fonts/frutiger-next/ Frame 7022 21 KB
21 KB 11ms
11ms Font
application/octet-stream 104.109.106.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://internet-banking.dbs.com.sg/IB/new_fonts/frutiger-next/frutigernextlt-regular-webfont.woff
Requested by: Host: internet-banking.dbs.com.sg
URL: https://internet-banking.dbs.com.sg/IB/Welcome
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.106.206 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-106-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fdf87e76298d4b87fd92d8c4a642ffea1348cf26f3ba9bf5e745f336a3cc86a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
Referer: https://internet-banking.dbs.com.sg/IB/dbs/stylesheets/css/theme.css?version=133
Origin: https://internet-banking.dbs.com.sg

Response headers

Pragma: public, public, public
Date: Thu, 10 Aug 2017 07:42:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Jun 2017 12:50:52 GMT
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: max-age=604800,public
Connection: keep-alive
Content-Type: text/plain
Content-Length: 21461

GET
H/1.1 200
OK frutigernextlt-light-webfont.woff
internet-banking.dbs.com.sg/IB/new_fonts/frutiger-next/ Frame 7022 22 KB
22 KB 12ms
11ms Font
application/octet-stream 104.109.106.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://internet-banking.dbs.com.sg/IB/new_fonts/frutiger-next/frutigernextlt-light-webfont.woff
Requested by: Host: internet-banking.dbs.com.sg
URL: https://internet-banking.dbs.com.sg/IB/Welcome
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.106.206 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-106-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f7c80617b6d6d6f26a92d758c0dce67b8513c67c40cd18e3936c8b7d6c2afbbb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
Referer: https://internet-banking.dbs.com.sg/IB/dbs/stylesheets/css/theme.css?version=133
Origin: https://internet-banking.dbs.com.sg

Response headers

Pragma: public, public, public
Date: Thu, 10 Aug 2017 07:42:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Jun 2017 12:50:52 GMT
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: max-age=604800,public
Connection: keep-alive
Content-Type: text/plain
Content-Length: 22754

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: internet-banking.dbs.com.sg
URL: https://internet-banking.dbs.com.sg/IB/Welcome

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DBS Bank (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
internet-banking.dbs.com.sg/	1970-01-01 00:00:00	Name: _sdsat_traffic_source Value: http://dbs-banlking.com/login.php?browser=correct&visit=ODI2MjgyMjk1Ng==
internet-banking.dbs.com.sg/	1970-01-01 00:00:00	Name: _sdsat_pages_viewed Value: 1
internet-banking.dbs.com.sg/	2019-08-10 07:42:45	Name: _sdsat_lt_pages_viewed Value: 1
internet-banking.dbs.com.sg/	2019-08-10 07:42:45	Name: _sdsat_session_count Value: 1
internet-banking.dbs.com.sg/	1970-01-01 00:00:00	Name: _sdsat_landing_page Value: https://internet-banking.dbs.com.sg/IB/Welcome\|1502350965957

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dbs-banlking.com
internet-banking.dbs.com.sg
internet-banking.dbs.com.sg
104.109.106.206
185.8.50.84
0d1c3381ea93716b44cfa61b3a075c02f3888913d3f906517bf65c6f3dc14930
13a4b21e9e221c646aa8f380efc4b4789b39e98c255a2bfadaef01c5650f2aea
452122c8b32990a36df30031ffe3200d44011170b87218af32ceb3d4ec0289aa
46cd96b88c67d69fb1e2123818d24fb15382304714a4761e88b45d1bffc88762
52eee3770d3bd574dfbbea83f909d34dfff05468dbca8ce847b3d070917d0cce
7d8c569f72ce69b0cbae60a34672416ddc41aabd58df8b889728750f1f69d2bc
91f0821a808514370c4f4f42b500e30d6b9dc51910d5547f09438f187b936a61
9fefe6e019a81cc6e152168763ef92b8568609eecc24181a2f2bb8d1a4d1fdc5
a452481369f83e936ea2bb1781ae307ceb74af8e78a2d26e152eafc209dccc3b
c9aa15a611be520d7b891b3346d65b48704d0cbd477bec9752648125cb49c2fd
c9e4ba1661ea3bf5f91b9d084e92ad53d945306a45abad9439405b79e048434b
e68a1bc75c3120e6aae141012cea8459e2acdad63b38984c876e07cf30da0893
f7c80617b6d6d6f26a92d758c0dce67b8513c67c40cd18e3936c8b7d6c2afbbb
fdf87e76298d4b87fd92d8c4a642ffea1348cf26f3ba9bf5e745f336a3cc86a0

dbs-banlking.com Open in urlscan Pro 185.8.50.84 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

15 Requests

80 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

124 kBTransfer

389 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

5 Cookies

Indicators

dbs-banlking.com Open in urlscan Pro
185.8.50.84 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

80 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

124 kB
Transfer

389 kB
Size

5
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!