carousell-sg.nweb.cloud Open in urlscan Pro
2606:4700:3033::ac43:b101 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012
Submission: On June 14 via api (June 14th 2023, 4:03:23 pm UTC) from JP — Scanned from SG

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 8 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3033::ac43:b101, located in United States and belongs to CLOUDFLARENET, US. The main domain is carousell-sg.nweb.cloud.
TLS certificate: Issued by GTS CA 1P5 on June 14th 2023. Valid for: 3 months.

This is the only time carousell-sg.nweb.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DBS Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3033::ac43:b101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.7.118 104.18.7.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c01::77	15169 (GOOGLE) (GOOGLE)
1	2404:6800:401... 2404:6800:4017:802::200a	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1 2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	8

13 2606:4700:3033::ac43:b101 (United States)

ASN13335 (CLOUDFLARENET, US)

carousell-sg.nweb.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.7.118 (None, )

ASN13335 (CLOUDFLARENET, US)

internet-banking.dbs.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c01::77 (Singapore)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4017:802::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	nweb.cloud carousell-sg.nweb.cloud	64 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	73 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1035	12 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 771	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	7 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 422	30 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 123	41 KB
1	dbs.com.sg internet-banking.dbs.com.sg — Cisco Umbrella Rank: 302485	6 KB
23	8

	Domain	Requested by
13	carousell-sg.nweb.cloud	carousell-sg.nweb.cloud code.jquery.com
4	cdn.jsdelivr.net	carousell-sg.nweb.cloud
2	unpkg.com	1 redirects carousell-sg.nweb.cloud
1	code.jquery.com	carousell-sg.nweb.cloud
1	cdnjs.cloudflare.com	carousell-sg.nweb.cloud
1	ajax.googleapis.com	carousell-sg.nweb.cloud
1	i.ytimg.com	carousell-sg.nweb.cloud
1	internet-banking.dbs.com.sg	carousell-sg.nweb.cloud
23	8

This site contains no links.

Subject Issuer	Validity	Valid
nweb.cloud GTS CA 1P5	`2023-06-14` - `2023-09-12`	3 months	crt.sh
internet-banking.dbs.com.sg Entrust Certification Authority - L1M	`2023-06-08` - `2024-06-08`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012
Frame ID: 83302288147AFF045C75691F8C789192
Requests: 17 HTTP requests in this frame

Frame: https://carousell-sg.nweb.cloud/supportChatFrame/213802224
Frame ID: DE5BB8542CEE258FE07A60E87B78E165
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DBS iBanking

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

23
Requests

96 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

5
Countries

263 kB
Transfer

706 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1686750946699.012 Show response
carousell-sg.nweb.cloud/bank/dbs/ 78 KB
26 KB 493ms
425ms Document
text/html 2606:4700:3033::ac43:b101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cb1069a5f5bc31c187c9fde1f13df8591db9e76fd1d2ae4f86d968b96147cbce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d73cd615a593de1-SIN
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 14 Jun 2023 16:03:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBQfWvVY1w8liNVrmR3msHTKb5myOLBrsHyEV5eIHuZX3ApSZ1BUPmW%2BFaWXYNiSWtU4YGaT8RZeCo3p4KsOYutzbLq9USbG%2BrjMdDaGKpE1wi9rIIpCUglh5cqLywUZmAVTuSA2aPQ2Yjv4MUkhd4XDFuqXXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

GET
H2 200 desktoplogo.png
internet-banking.dbs.com.sg/IB/dbs/images/ 5 KB
6 KB 75ms
41ms Image
image/webp 104.18.7.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://internet-banking.dbs.com.sg/IB/dbs/images/desktoplogo.png

Requested by

Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.18.7.118 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fde3b7e7614c23b342d70797d7c1597b6955639d3422040d800051101c842fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:03:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 151046
cf-polished: origFmt=png, origSize=11903
content-disposition: inline; filename="desktoplogo.webp"
content-length: 5592
x-xss-protection: 1; mode=block
pragma: public
last-modified: Fri, 26 May 2023 02:53:44 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: W/"11903-1685069624000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: https://internet-banking.dbs.com.sg/
cache-control: max-age=604800,public
accept-ranges: bytes
cf-ray: 7d73cd643a0f4d6f-SIN

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/eXpmqDqq7w8/ 40 KB
41 KB 22ms
7ms Image
image/jpeg 2404:6800:4003:c01::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/eXpmqDqq7w8/maxresdefault.jpg

Requested by

Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::77 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7581e53b8687a964efe90adc47fb674228135769e07b174814cc9468da5c4ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:03:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41153
x-xss-protection: 0
server: sffe
etag: "1599563680"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Jun 2023 18:03:15 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
30 KB 126ms
32ms Script
text/javascript 2404:6800:4017:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:802::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 01:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Jun 2024 01:03:56 GMT

GET
H2 200 vue-swal.min.js Show response
cdn.jsdelivr.net/npm/vue-swal@1.0.0/dist/ 45 KB
13 KB 1138ms
774ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue-swal@1.0.0/dist/vue-swal.min.js

Requested by

Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

24ac91354b1008448f70e4f329ea1675d3dfe80a795e88a1bf9a4b87749c6f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 16:03:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3156655
x-jsd-version: 1.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12918
x-served-by: cache-fra-eddf8230062-FRA, cache-bom4725-BOM
x-jsd-version-type: version
etag: W/"b57f-rKU+nHPyf/Wl1f5V4AXSsZoGTmw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.27.2/ 20 KB
7 KB 23ms
11ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.27.2/axios.min.js

Requested by

Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e373b70a5167485c73a265421bcfcd1fdddbae49c9c51605e6d2918a3de4ae0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:03:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1728228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6498
last-modified: Wed, 27 Apr 2022 10:03:29 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "626914f1-1962"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlM4RhJe9ewkNvPhNGsi6EW%2Bkb1vHYUtWOQ%2BC2hE7KDsBEOXQreJa1QoMfVbGRryWk6HQSv9A1f%2Fj5mMEgQtRGem32dgG1tJu%2FBsTHPoT6dGAFS6LJOO29zWsecBnn4iJkPIg2OignZKzKkjTwoiA9eh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d73cd655bfe3f8e-SIN
expires: Mon, 03 Jun 2024 16:03:15 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 524ms
175ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:03:15 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-15d9d"
vary: Accept-Encoding
x-hw: 1686758595.dop212.la3.t,1686758595.cds257.la3.hn,1686758595.cds267.la3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 76 KB
24 KB 547ms
183ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 16:03:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7873410
x-jsd-version: 5.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24376
x-served-by: cache-fra-eddf8230075-FRA, cache-bom4725-BOM
x-jsd-version-type: version
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/ 18 KB
19 KB 1137ms
774ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js

Requested by

Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 16:03:15 GMT
x-content-type-options: nosniff
age: 7873411
x-jsd-version: 2.10.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18795
x-served-by: cache-fra-eddf8230065-FRA, cache-bom4725-BOM
x-jsd-version-type: version
etag: W/"496b-DsfKR3i6PMtNGxaICUcgg0++ntM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 58 KB
17 KB 737ms
373ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.min.js

Requested by

Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 16:03:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7873411
x-jsd-version: 5.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17624
x-served-by: cache-fra-eddf8230103-FRA, cache-bom4725-BOM
x-jsd-version-type: version
etag: W/"e753-GQgMO4F5hTNqq14c5pJcmYA/Lv0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

sweetalert.min.js Show response
unpkg.com/sweetalert@2.1.2/dist/
Redirect Chain

https://unpkg.com/sweetalert/dist/sweetalert.min.js
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

40 KB
12 KB

16ms
16ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Requested by

Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:03:15 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8974408
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GTHVP0T8SE3WB4TE9400GQK8-sin
server: cloudflare
etag: W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d73cd658e77407a-SIN

Redirect headers

date: Wed, 14 Jun 2023 16:03:15 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H2X9TP5PV87MRR4BPD4HQ90M-sin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 541
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /sweetalert@2.1.2/dist/sweetalert.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7d73cd656e4a407a-SIN

GET
H2 200 lkk.js Show response
carousell-sg.nweb.cloud/js/ 10 KB
3 KB 415ms
413ms Script
application/javascript 2606:4700:3033::ac43:b101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell-sg.nweb.cloud/js/lkk.js
Requested by: Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 22af45df5fad3cfdeb145fa98e8e4644171005b43bac75bacf44df453d0f3d84

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:03:16 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 26 May 2023 07:57:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"28a8-18857100640"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPlPaAMXT6TEL09PtDWXiSzNec0HhNhksvkDftI1TIZDJOgWfESGCCKj98Kf7XcAJo%2BtWeUTlRhSJIEEN4e3UILWdX%2BTWbtkd1ejxEcJ45jMMQyRSvioY%2BH35J%2Bhh6rqBMNv%2BdnX3wHBPq%2Fq4EDpRjKm6%2Bakxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7d73cd667a1b3de1-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 support_parent.css
carousell-sg.nweb.cloud/css/ 4 KB
1 KB 415ms
414ms Stylesheet
text/css 2606:4700:3033::ac43:b101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell-sg.nweb.cloud/css/support_parent.css
Requested by: Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9afd537e6723bb869397626212305906f739306bc96bfff09e9e6f45c206f715

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:03:16 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 27 Jul 2021 04:36:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"e06-17ae6406610"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GqhRWl%2BySg5T%2FuLGw%2BqRbNPN4TdBlpZ9HZyMcONqWQ%2Bf%2Fa4k5qJhTvm%2BGb49nbkq0ihU9ZLoW5b%2FP2v%2F6z3TPNVsTSxD2byA6daW6dQDKj7q6xcWPElzTxYbf28WXBpzPkL6%2FTr6a%2BgSrUQjXwF981MyJteXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7d73cd667a1d3de1-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 213802224 Show response
carousell-sg.nweb.cloud/supportChatFrame/ Frame DE5B 23 KB
8 KB 418ms
418ms Document
text/html 2606:4700:3033::ac43:b101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell-sg.nweb.cloud/supportChatFrame/213802224
Requested by: Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f66711cf875ce6fa1f849c77a97a0f7ac6ba6e3a6de65a5a0cff037a7c44d73b

Request headers

Referer: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d73cd76bb739e2c-SIN
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 14 Jun 2023 16:03:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z28KKijCKufPR0BJ9g4zT2XKNFbOKRR9Dhwp3Rf%2FutENAQ9aRzz9TptcRiRrlumcyszaz1iiLh8B9iNJt%2ByCiIx5KCjMNjW71xaHVliJ8wrkfj61uLlI7woUwqKz%2BjfPnoc8ezEyojrXXFdAS2HxZVoYCCpXbw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

GET
H3 200 supportIcon.svg
carousell-sg.nweb.cloud/img/ 1 KB
1 KB 405ms
404ms Image
image/svg+xml 2606:4700:3033::ac43:b101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://carousell-sg.nweb.cloud/img/supportIcon.svg
Requested by: Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/css/support_parent.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d35e73edc030e667b728e2e626c782ec2b4d3b0a3044730c02b9a25dbf46be59

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/css/support_parent.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:03:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 27 Jul 2021 00:21:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"4d3-17ae5566ba0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y33gYsMFFsu7VNcPuKuMTmguOLkc7MzFjl64LJW7YBAycBNdpgh5gEv%2B5El3jXHGD1P8m5Y9sYYmv%2BHrpqfVixxMrHByAMbelnqpeNvUWQLhUZ35%2BGHPWy8aCCiK6M4nq3BiX6FyQ7feLln9QkH7MaTw%2FzAZww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7d73cd76bb6d9e2c-SIN
alt-svc: h3=":443"; ma=86400

POST
H3 200 checkStatus Show response
carousell-sg.nweb.cloud/api/ 17 B
500 B 611ms
611ms XHR
application/json 2606:4700:3033::ac43:b101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell-sg.nweb.cloud/api/checkStatus
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dbc5dda8f6871a25d01ed300be4ac2080e6b13a2fbf919153e547fae398edd81

Request headers

Accept: */*
Referer: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 14 Jun 2023 16:03:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"11-NVhNe8Xq1T4kptI89+5vcikqnqU"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgJzU9btoEIXBnuANJCTVKKCcWYIu7i%2BRM67O%2B2osRFfG6LrcuT%2B5WmJZg%2BhQEi2q4iwzGORvwrClNnPKSR01joAzX5ZKGO4fxBBu8V4bbWqA8LQpLbp1%2BBbYyk2hC2Lhe1Wg7qjZkQzTcxhwho13VRLNxD%2Ftg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 7d73cd76bb809e2c-SIN
alt-svc: h3=":443"; ma=86400
content-length: 17

GET
H3 200 support_chat.css
carousell-sg.nweb.cloud/css/ Frame DE5B 97 KB
16 KB 1006ms
1006ms Stylesheet
text/css 2606:4700:3033::ac43:b101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell-sg.nweb.cloud/css/support_chat.css
Requested by: Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/supportChatFrame/213802224
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 456f757a823282bfad1b1d0370bda13fbf6e4213df4c27be43b98a3b339e662d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/supportChatFrame/213802224
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:03:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 23 Aug 2022 20:48:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"18476-182cc772e78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxWAkr37lUleL3cTjjvSX2XrS9FB0dFrU9PSpgtPKL3z2sb%2Bs2jiEXD5%2Fi5i6fP6V%2F0y2TaKkfANL8CHR90uMndv3TssL8nOhpnl51YKRpJylLuvqIld0%2F0ANyLLPP8qQYJKdMUYqNIwGqTybAw3HX6uuUZ%2B6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7d73cd795fe19e2c-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 axios.min.js Show response
carousell-sg.nweb.cloud/js/ Frame DE5B 14 KB
5 KB 645ms
645ms Script
application/javascript 2606:4700:3033::ac43:b101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell-sg.nweb.cloud/js/axios.min.js
Requested by: Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/supportChatFrame/213802224
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ea52c2604519304144d7267cf90f912ee6b092b2c5505576948568fe653dcac0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/supportChatFrame/213802224
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:03:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 27 Jul 2021 00:21:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3815-17ae5566ba0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTZKB%2FIkVDvLaoUoRhbB1W8oASwX92larFcWbOxoQziDHD0k3n446cYuTzz%2B10RGvaETM4YKUp1YYd6epKAmYK5rAsM2CceWkRDJSpy0MPlYrdiod98Pw494GWbSP5Wu5wPcOo6S5ipXRXVWZlEVaLS7PcrbhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7d73cd7a99bf9e2c-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 support.js Show response
carousell-sg.nweb.cloud/js/ Frame DE5B 4 KB
2 KB 414ms
414ms Script
application/javascript 2606:4700:3033::ac43:b101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell-sg.nweb.cloud/js/support.js
Requested by: Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/supportChatFrame/213802224
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 160b074853031241d58a9e2d1b65fca1d12590c31488a36177a6b20d8673eedd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://carousell-sg.nweb.cloud/supportChatFrame/213802224
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:03:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 14 Jun 2023 11:43:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"f8a-188b9b7c300"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHTUuGsqdCnEgmHsJIm8ujjW%2BMXkxGdDZAVMQTdRk9UERzvJLgJq08mOr8lcmYd4HU8i33ZyrDay6XLnCyyp4QuZdbZ3q4b%2B9O82I3Brn%2FKCyRMMpCkUI0oIiTJShyhdjR1a9A342K3o4FauLPYnK4ABVB57Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7d73cd7a99c29e2c-SIN
alt-svc: h3=":443"; ma=86400

POST
H3 200 getMessages Show response
carousell-sg.nweb.cloud/api/support/ Frame DE5B 15 B
492 B 424ms
424ms XHR
application/json 2606:4700:3033::ac43:b101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell-sg.nweb.cloud/api/support/getMessages
Requested by: Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/js/axios.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a

Request headers

Accept: application/json, text/plain, */*
Referer: https://carousell-sg.nweb.cloud/supportChatFrame/213802224
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 14 Jun 2023 16:03:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuUuKqttUDHHrAV6o02e%2F07qttJ8vzhk6xp1Q9ihQpfg93GGiKlCpBD9nS%2Fxb5jemeddGomNotqlTM0ocod3SO6g0VAY64WoeIGwjzNWxOi3ltrzZP1yK1lbvoNbvZiVAyuqO9DJyNmOAG1UgiWWHuE6E%2F8R%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 7d73cd7fca6c9e2c-SIN
alt-svc: h3=":443"; ma=86400
content-length: 15

POST
H3 200 checkStatus Show response
carousell-sg.nweb.cloud/api/ 17 B
502 B 414ms
414ms XHR
application/json 2606:4700:3033::ac43:b101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell-sg.nweb.cloud/api/checkStatus
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dbc5dda8f6871a25d01ed300be4ac2080e6b13a2fbf919153e547fae398edd81

Request headers

Accept: */*
Referer: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 14 Jun 2023 16:03:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"11-NVhNe8Xq1T4kptI89+5vcikqnqU"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhhTv%2Fj%2FwPZNtasvblAq55oi3zz9TOzxsbeoLJncGImobrott%2BunbKGz%2BVftgvEYPPPQwkpcgwP6SvbphzmncZl8SLtOz9c3vOclrKN%2Fj18d1S%2FTKQlGkHHCniQUiLmlOUl%2F31MJCg6OrDNE3M%2FQ6JEV236uKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 7d73cd83f8c29e2c-SIN
alt-svc: h3=":443"; ma=86400
content-length: 17

POST
H3 200 getMessages Show response
carousell-sg.nweb.cloud/api/support/ Frame DE5B 15 B
501 B 423ms
422ms XHR
application/json 2606:4700:3033::ac43:b101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell-sg.nweb.cloud/api/support/getMessages
Requested by: Host: carousell-sg.nweb.cloud
URL: https://carousell-sg.nweb.cloud/js/axios.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a

Request headers

Accept: application/json, text/plain, */*
Referer: https://carousell-sg.nweb.cloud/supportChatFrame/213802224
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 14 Jun 2023 16:03:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESZt9%2B87Drv%2FDWxYgJfqqKOrBMNoqW%2BUxoB%2FxEn%2FhT8nPEaCUO22kzHoLh7D6ujYxB%2BhmOAJAzkl9zGX7cLZp%2FXDfH1SUwTTNxYXyxm0TkTdBp4NQtaQRaqMO2EqvTIzLemZb%2BHvc0Fpfx0oy6mbE2HsY535Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 7d73cd8bdd639e2c-SIN
alt-svc: h3=":443"; ma=86400
content-length: 15

POST
H3 200 checkStatus Show response
carousell-sg.nweb.cloud/api/ 17 B
499 B 420ms
419ms XHR
application/json 2606:4700:3033::ac43:b101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell-sg.nweb.cloud/api/checkStatus
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dbc5dda8f6871a25d01ed300be4ac2080e6b13a2fbf919153e547fae398edd81

Request headers

Accept: */*
Referer: https://carousell-sg.nweb.cloud/bank/dbs/1686750946699.012
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 14 Jun 2023 16:03:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"11-NVhNe8Xq1T4kptI89+5vcikqnqU"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvXIeEeKpi4MWSvMW%2F%2B3HCfSMf0aeLVmogBFHhVTLDXvZoWHglm1ApnnVNbS8K%2FtBlgv47dzUChRqr8ciF87wq6KEUredqYRLJz8suzPcBmGB3rC%2BB8qlrbBB359zAcoDejkD%2FZKbV5cjEsG5Ob7pAaM6kgTCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 7d73cd8fedc19e2c-SIN
alt-svc: h3=":443"; ma=86400
content-length: 17

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DBS Bank (Banking)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			carousell-sg.nweb.cloud/	1970-01-20 12:34:05	Name: connect.sid Value: s%3AgJPtIO52lEcrg6jUSvVsQtxVUtxy4ymd.6AJrWVkKPIBaEFGDg39Yfc3igWQ0dC%2F7TrrJXwLXfhY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
carousell-sg.nweb.cloud
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
i.ytimg.com
internet-banking.dbs.com.sg
unpkg.com
104.18.7.118
2001:4de0:ac18::1:a:3b
2404:6800:4003:c01::77
2404:6800:4017:802::200a
2606:4700:3033::ac43:b101
2606:4700::6810:7eaf
2606:4700::6811:180e
2a04:4e42:200::485
160b074853031241d58a9e2d1b65fca1d12590c31488a36177a6b20d8673eedd
22af45df5fad3cfdeb145fa98e8e4644171005b43bac75bacf44df453d0f3d84
24ac91354b1008448f70e4f329ea1675d3dfe80a795e88a1bf9a4b87749c6f21
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
456f757a823282bfad1b1d0370bda13fbf6e4213df4c27be43b98a3b339e662d
5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
7581e53b8687a964efe90adc47fb674228135769e07b174814cc9468da5c4ed3
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8fde3b7e7614c23b342d70797d7c1597b6955639d3422040d800051101c842fb
9afd537e6723bb869397626212305906f739306bc96bfff09e9e6f45c206f715
cb1069a5f5bc31c187c9fde1f13df8591db9e76fd1d2ae4f86d968b96147cbce
d35e73edc030e667b728e2e626c782ec2b4d3b0a3044730c02b9a25dbf46be59
dbc5dda8f6871a25d01ed300be4ac2080e6b13a2fbf919153e547fae398edd81
e373b70a5167485c73a265421bcfcd1fdddbae49c9c51605e6d2918a3de4ae0d
ea52c2604519304144d7267cf90f912ee6b092b2c5505576948568fe653dcac0
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f66711cf875ce6fa1f849c77a97a0f7ac6ba6e3a6de65a5a0cff037a7c44d73b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

carousell-sg.nweb.cloud Open in urlscan Pro 2606:4700:3033::ac43:b101 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

88 %IPv6

8 Domains

8 Subdomains

8 IPs

5 Countries

263 kBTransfer

706 kBSize

1 Cookies

0 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

1 Cookies

Indicators

carousell-sg.nweb.cloud Open in urlscan Pro
2606:4700:3033::ac43:b101 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

5
Countries

263 kB
Transfer

706 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!