![](/screenshots/7513a426-7bf0-40a4-9e08-36670609b000.png)
ltdbs.hk.morningstar.com
Open in
urlscan Pro
18.163.175.69
Malicious Activity!
Public Scan
Effective URL: https://ltdbs.hk.morningstar.com/DBS/default.aspx
Submission: On August 24 via api from US — Scanned from US
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on February 16th 2023. Valid for: a year.
This is the only time ltdbs.hk.morningstar.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DBS Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 11 | 18.163.175.69 18.163.175.69 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 172.64.152.62 172.64.152.62 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
15 | 2 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-163-175-69.ap-east-1.compute.amazonaws.com
ltdbs.hk.morningstar.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
morningstar.com
1 redirects
ltdbs.hk.morningstar.com |
139 KB |
5 |
dbs.com.hk
www.dbs.com.hk — Cisco Umbrella Rank: 500529 |
7 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
11 | ltdbs.hk.morningstar.com |
1 redirects
ltdbs.hk.morningstar.com
|
5 | www.dbs.com.hk |
ltdbs.hk.morningstar.com
|
15 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dbs.com.hk |
www.dbs.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ltdbs.hk.morningstar.com Amazon RSA 2048 M01 |
2023-02-16 - 2024-03-16 |
a year | crt.sh |
www.dbs.com.hk Entrust Certification Authority - L1M |
2022-08-19 - 2023-09-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ltdbs.hk.morningstar.com/DBS/default.aspx
Frame ID: 9634A2A7CAD636719D9936484BDA7FD8
Requests: 15 HTTP requests in this frame
Screenshot
![](/screenshots/7513a426-7bf0-40a4-9e08-36670609b000.png)
Page Title
DBSPage URL History Show full URLs
-
https://ltdbs.hk.morningstar.com/
HTTP 302
https://ltdbs.hk.morningstar.com/DBS/default.aspx Page URL
Detected technologies
![](/vendor/wappa/icons/Microsoft ASP.NET.png)
Detected patterns
- \.aspx?(?:$|\?)
- <input[^>]+name="__VIEWSTATE
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: DBS Group
Search URL Search Domain Scan URL
Title: dbs.com
Search URL Search Domain Scan URL
Title: Data Policy
Search URL Search Domain Scan URL
Title: Condition of Use
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ltdbs.hk.morningstar.com/
HTTP 302
https://ltdbs.hk.morningstar.com/DBS/default.aspx Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
default.aspx
ltdbs.hk.morningstar.com/DBS/ Redirect Chain
|
15 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Stylesheet.css
ltdbs.hk.morningstar.com/DBS/CSS/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.1.min.js
ltdbs.hk.morningstar.com/DBS/JS/ |
88 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DBS-logo.png
www.dbs.com.hk/iwov-resources/images/ |
4 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.gif
www.dbs.com.hk/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
investwise_e.gif
ltdbs.hk.morningstar.com/DBS/Img/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
help.gif
ltdbs.hk.morningstar.com/DBS/Img/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quicksearch_e.gif
ltdbs.hk.morningstar.com/DBS/Img/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advancesearch_e.gif
ltdbs.hk.morningstar.com/DBS/Img/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fundcomp_e.gif
ltdbs.hk.morningstar.com/DBS/Img/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fundportfolio_e.gif
ltdbs.hk.morningstar.com/DBS/Img/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
msLogo.gif
ltdbs.hk.morningstar.com/DBS/Img/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top_nav_cny.gif
www.dbs.com.hk/img/hk/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ln_logo_clover.gif
www.dbs.com.hk/img/hk/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bullet_arrow_white.gif
www.dbs.com.hk/images/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DBS Bank (Banking)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| theForm function| __doPostBack function| $ function| jQuery3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ltdbs.hk.morningstar.com/ | Name: ASPSESSIONIDACACTDAT Value: PAPBNHLDNODMCEGAKGMKBNIK |
|
ltdbs.hk.morningstar.com/ | Name: AWSALB Value: RQXrfRga6U/MruGLhHPEfZcAfM9PR1Q9fdUWYOZ373nbRBzCBlqux+0CDRYMxMu1argqS3A18Kvbr+Y5RrM2XK5t9H8NboYLEwcSIwCh6YZTXczZrmyMaYEiVtMi |
|
ltdbs.hk.morningstar.com/ | Name: AWSALBCORS Value: RQXrfRga6U/MruGLhHPEfZcAfM9PR1Q9fdUWYOZ373nbRBzCBlqux+0CDRYMxMu1argqS3A18Kvbr+Y5RrM2XK5t9H8NboYLEwcSIwCh6YZTXczZrmyMaYEiVtMi |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ltdbs.hk.morningstar.com
www.dbs.com.hk
172.64.152.62
18.163.175.69
05ab92735d15b5607cc78fc7186110d6c8db296c602bb7582f6c566555b48d9c
123bbff618175ff8a7e935e122b4a86f32fc2fea993db8b96b29f127700710d5
24c7030c50c1045cfefddac2d403f4bb2043b34183f6887f5c88a3e12e0236f9
2d85c100596fbfe36fd7737935f739e75ea783b44608682c51c498440f664e3a
6a289bbb1c64d8a1e37d5b1324bcdc4135aefa7187f29e4d06a4f7b83d07a2ec
6ae935b442dc49618c4e39bbec5c7ae9516c29911c33d713c938ed683a69cce0
bdf63917fb961f5ee83b71e7e522aa99631860aeb534cc325481e3fcd18c7899
c0877f8c7aeb0d73a2be4a5c76ca0ee437826d27cb8a76a88261b679a4445a37
c55fb865d498d0c747097b4a0d2242e1af2182fe6087c81b0996f8e9e1cf3d84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f043a1774a596f1d791a75e53501a8fd8a19fc07cc4ca5e646176c4bae2f89ca
f5279097f4f8e9f8616ba5930d8ee6e7420ddafb1904f44c5dfc658a039e9ef4