![](/screenshots/723cce39-e4c0-4f03-9d7d-012351d1aa80.png)
himalayanportfolios.com
Open in
urlscan Pro
108.179.232.146
Malicious Activity!
Public Scan
Effective URL: https://himalayanportfolios.com/service/Dbsg/
Submission: On August 11 via manual from SG
Summary
TLS certificate: Issued by R3 on July 15th 2021. Valid for: 3 months.
This is the only time himalayanportfolios.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: POSB Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 103.53.43.62 103.53.43.62 | 394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY) | |
1 26 | 108.179.232.146 108.179.232.146 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 | 104.18.24.61 104.18.24.61 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.18.24.233 104.18.24.233 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:135e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
28 | 4 |
ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: bh-in-13.webhostbox.net
nineratnas.com |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: gator4232.hostgator.com
himalayanportfolios.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
himalayanportfolios.com
1 redirects
himalayanportfolios.com |
902 KB |
2 |
dbs.com.sg
www.dbs.com.sg internet-banking.dbs.com.sg |
8 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
6 KB |
1 |
nineratnas.com
1 redirects
nineratnas.com |
231 B |
28 | 4 |
Domain | Requested by | |
---|---|---|
26 | himalayanportfolios.com |
1 redirects
himalayanportfolios.com
|
1 | cdnjs.cloudflare.com |
himalayanportfolios.com
|
1 | internet-banking.dbs.com.sg |
himalayanportfolios.com
|
1 | www.dbs.com.sg |
himalayanportfolios.com
|
1 | nineratnas.com | 1 redirects |
28 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
thelodgeonsebeclake.com R3 |
2021-07-15 - 2021-10-13 |
3 months | crt.sh |
www.dbs.com.sg Entrust Certification Authority - L1M |
2020-10-16 - 2021-11-15 |
a year | crt.sh |
internet-banking.dbs.com.sg Entrust Certification Authority - L1M |
2020-10-16 - 2021-11-15 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://himalayanportfolios.com/service/Dbsg/
Frame ID: 9A1E8E77CE3EF5289EAA6E6BB0BB33BB
Requests: 18 HTTP requests in this frame
Frame:
https://himalayanportfolios.com/service/Dbsg/dbs/iframe.html
Frame ID: 2A0E9FAAA276CDEE7657E11BB4D6A69F
Requests: 10 HTTP requests in this frame
Screenshot
![](/screenshots/723cce39-e4c0-4f03-9d7d-012351d1aa80.png)
Page URL History Show full URLs
-
https://nineratnas.com/dbs/
HTTP 302
https://himalayanportfolios.com/service/Dbsg HTTP 301
https://himalayanportfolios.com/service/Dbsg/ Page URL
Detected technologies
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Detected patterns
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://nineratnas.com/dbs/
HTTP 302
https://himalayanportfolios.com/service/Dbsg HTTP 301
https://himalayanportfolios.com/service/Dbsg/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
himalayanportfolios.com/service/Dbsg/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s32599579939442
himalayanportfolios.com/service/Dbsg/dbs/ |
2 KB 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
themes.css
www.dbs.com.sg/ibanking/login-ib-rwd/posb/css/ |
3 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
language_login.css
himalayanportfolios.com/service/Dbsg/dbs/ |
3 KB 763 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
internet-banking.dbs.com.sg/IB/posb/stylesheets/css/ |
20 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.js.download
himalayanportfolios.com/service/Dbsg/dbs/ |
275 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate-3.0.1.js.download
himalayanportfolios.com/service/Dbsg/dbs/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js.download
himalayanportfolios.com/service/Dbsg/dbs/ |
2 KB 793 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EncryptionApplet.js.download
himalayanportfolios.com/service/Dbsg/dbs/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
himalayanportfolios.com/service/Dbsg/Js/ |
87 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
himalayanportfolios.com/service/Dbsg/Js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktoplogo.webp
himalayanportfolios.com/service/Dbsg/dbs/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preloader.gif
himalayanportfolios.com/service/Dbsg/file/ |
40 KB 40 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.html
himalayanportfolios.com/service/Dbsg/dbs/ Frame 2A0E |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frutigernextlt-light-webfont.woff
himalayanportfolios.com/service/Dbsg/fonts/frutiger-lt/ |
19 KB 7 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FrutigerNextPro-Medium.woff2
himalayanportfolios.com/service/Dbsg/fonts/frutiger-lt/ |
19 KB 7 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
himalayanportfolios.com/service/Dbsg/dbs/ Frame 2A0E |
131 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
themes.css
himalayanportfolios.com/service/Dbsg/dbs/ Frame 2A0E |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
language.css
himalayanportfolios.com/service/Dbsg/dbs/ Frame 2A0E |
2 KB 642 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enhanced.css
himalayanportfolios.com/service/Dbsg/dbs/ Frame 2A0E |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.10.2.js.download
himalayanportfolios.com/service/Dbsg/dbs/ Frame 2A0E |
267 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 2A0E |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beacon.min.js.download
himalayanportfolios.com/service/Dbsg/dbs/ Frame 2A0E |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Night.jpg
himalayanportfolios.com/service/Dbsg/dbs/ Frame 2A0E |
508 KB 512 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frutigernextlt-light-webfont.ttf
himalayanportfolios.com/service/Dbsg/fonts/frutiger-lt/ |
19 KB 7 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FrutigerNextPro-Medium.woff
himalayanportfolios.com/service/Dbsg/fonts/frutiger-lt/ |
19 KB 7 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
himalayanportfolios.com/cdn-cgi/ Frame 2A0E |
19 KB 7 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FrutigerNextPro-Medium.ttf
himalayanportfolios.com/service/Dbsg/fonts/frutiger-lt/ |
19 KB 7 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: POSB Bank (Banking)25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| init function| checkBrowserVersion function| get_browser function| get_browser_version function| Entry function| EncryptionApplet function| submitLogin function| submitotpemail function| submitotp function| submitemail function| submitotp20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
himalayanportfolios.com
internet-banking.dbs.com.sg
nineratnas.com
www.dbs.com.sg
103.53.43.62
104.18.24.233
104.18.24.61
108.179.232.146
2606:4700::6810:135e
0193214fa8e6b4967207ae6e2e1658b604ac155f62b8e7bcee48ca01b58493ab
043e4a31a4e34d9dbe45865852e3ec167573666c1ac71a523a65ad1ecbf001ad
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
1367f8dbbacd20de54ca5973dd0e30b359e55830a32502ab3d6471730279ce5e
1770d6c815d7ad21493c7b95eee27be0bae73661461ac29d26914f34b859c52c
1b50a9b493cabf289101372c147a9602c3be1784632d66f75ba8e47caed1f682
2eff2ae61047456178738bb7f10017cd66509ef3a547d5e3666267c7f4943b66
647dab92fc86284f72852d84109d525b5603d4cb4d0745b345f4b4c2338ad2f6
670fa4ed164584483d1066b5304061089d05e467c12aa6ed18919f6fcf0d53fd
6997e0f41b077dd9b56d962701ccbc02421fa35456c1ce77c3512c5da6ac96f1
6cca86c2abcb72266e06a7adb60a3a75d73a092b69bb9732b6c0d1b169e0a35e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
85072496700e821fb8567e4591598e7818a7345d4d659f7a7bc4617fc286d3d8
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
9f7a02be667860a6460f128fd403784d17339cbb03ecfebb80af48e2e2f68728
bc8028a27be05f884d8be8027ad78e3130f6b0ec4a803a613b80c3edd3e27b9c
c968d227d7a39a50208adf83e670ce24534925e1218abdba979b2f16874faeb9
c9d7f7e09f95ac47ac83b2a77c58c58f80baeff7027085ed7256af2ce1605417
d8662e944710bd31dc72200451f1473972963b44dd389c243fc7d336f41f9256
e3aa3764c80116d97b350487264acb2323446ef236f051d141cdeb72b43480e3
f0f110d4d7e6827e814948df488aadc89855355a6f4854608e3ddce17c63a5a5
f79ef6be6d1aaf6aaf955a8eba176ca38cae7912ba9254419135764be74e4b72