![](/screenshots/a1a62c2d-5e93-4080-a19f-de93d4048a23.png)
digibank-sg.com
Open in
urlscan Pro
185.61.152.36
Malicious Activity!
Public Scan
Submission: On August 06 via automatic, source openphish
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 4th 2021. Valid for: a year.
This is the only time digibank-sg.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DBS Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 185.61.152.36 185.61.152.36 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
14 | 104.18.24.233 104.18.24.233 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
26 | 3 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server132-4.web-hosting.com
digibank-sg.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
dbs.com.sg
internet-banking.dbs.com.sg |
117 KB |
7 |
digibank-sg.com
digibank-sg.com |
80 KB |
26 | 2 |
Domain | Requested by | |
---|---|---|
14 | internet-banking.dbs.com.sg |
digibank-sg.com
internet-banking.dbs.com.sg |
7 | digibank-sg.com |
digibank-sg.com
|
26 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
internet-banking.dbs.com.sg |
Subject Issuer | Validity | Valid | |
---|---|---|---|
digibank-sg.com Sectigo RSA Domain Validation Secure Server CA |
2021-08-04 - 2022-08-04 |
a year | crt.sh |
internet-banking.dbs.com.sg Entrust Certification Authority - L1M |
2020-10-16 - 2021-11-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://digibank-sg.com/Login.php?missing
Frame ID: 1FB5E1829AA5FA6554BDC7AAE6C05FB1
Requests: 26 HTTP requests in this frame
Screenshot
![](/screenshots/a1a62c2d-5e93-4080-a19f-de93d4048a23.png)
Detected technologies
Detected patterns
- url /\.php(?:$|\?)/i
Detected patterns
- headers server /^LiteSpeed$/i
![](/vendor/wappa/icons/adobedmt.png)
Detected patterns
- script /\/\/assets.adobedtm.com\//i
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Detected patterns
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: here
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Login.php
digibank-sg.com/ |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
themes_login.css
internet-banking.dbs.com.sg/IB/style/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
language_login.css
internet-banking.dbs.com.sg/IB/style/ |
3 KB 835 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
internet-banking.dbs.com.sg/IB/dbs/stylesheets/css/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.js
internet-banking.dbs.com.sg/IB/scripts/vendor/ |
275 KB 83 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate-3.0.1.js
internet-banking.dbs.com.sg/IB/scripts/vendor/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
internet-banking.dbs.com.sg/IB/scripts/ |
2 KB 804 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EncryptionApplet.js
internet-banking.dbs.com.sg/IB/dsss/js/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-aeb39dae19a7.min.js
internet-banking.dbs.com.sg/IB/https://assets.adobedtm.com/7cb8109970d1/91e60302cf2a/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
digibank-sg.com/files/js/ |
266 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktoplogo.png
internet-banking.dbs.com.sg/IB/dbs/images/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client_javascript.js
internet-banking.dbs.com.sg/IB/js/ |
36 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client_validation.js
internet-banking.dbs.com.sg/IB/js/ |
16 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notification.js
internet-banking.dbs.com.sg/IB/scripts/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DBSLogin.js
internet-banking.dbs.com.sg/IB/dsss/js/ |
4 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beacon.min.js
internet-banking.dbs.com.sg/IB/https://static.cloudflareinsights.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
frutigernextlt-light-webfont.woff
internet-banking.dbs.com.sg/IB/fonts/frutiger-lt/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerNextPro-Medium.woff2
internet-banking.dbs.com.sg/IB/fonts/frutiger-lt/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
frutigernextlt-light-webfont.ttf
internet-banking.dbs.com.sg/IB/fonts/frutiger-lt/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerNextPro-Medium.woff
internet-banking.dbs.com.sg/IB/fonts/frutiger-lt/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerNextPro-Medium.ttf
internet-banking.dbs.com.sg/IB/fonts/frutiger-lt/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activity.php
digibank-sg.com/files/ |
18 B 343 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activity.php
digibank-sg.com/files/ |
18 B 283 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activity.php
digibank-sg.com/files/ |
18 B 343 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activity.php
digibank-sg.com/files/ |
18 B 343 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activity.php
digibank-sg.com/files/ |
18 B 283 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- internet-banking.dbs.com.sg
- URL
- https://internet-banking.dbs.com.sg/IB/fonts/frutiger-lt/frutigernextlt-light-webfont.woff
- Domain
- internet-banking.dbs.com.sg
- URL
- https://internet-banking.dbs.com.sg/IB/fonts/frutiger-lt/FrutigerNextPro-Medium.woff2
- Domain
- internet-banking.dbs.com.sg
- URL
- https://internet-banking.dbs.com.sg/IB/fonts/frutiger-lt/frutigernextlt-light-webfont.ttf
- Domain
- internet-banking.dbs.com.sg
- URL
- https://internet-banking.dbs.com.sg/IB/fonts/frutiger-lt/FrutigerNextPro-Medium.woff
- Domain
- internet-banking.dbs.com.sg
- URL
- https://internet-banking.dbs.com.sg/IB/fonts/frutiger-lt/FrutigerNextPro-Medium.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DBS Bank (Banking)129 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| init function| checkBrowserVersion function| get_browser function| get_browser_version function| Entry function| EncryptionApplet number| interval function| heartbeat function| setStartTimeInLocalStorage boolean| ONCE boolean| timestamp boolean| printopt number| DA function| handle_error number| bV boolean| NS4 boolean| IE4 boolean| ver4 function| doingprint function| GetTip function| openUrl function| openUrl2 function| openUrl3 function| CloseWin function| DoCancel function| showVerisignCert function| bCheckOnce function| SetOnce function| ParseUniqueURL function| SetRandom function| OpenPrintWindow2 function| OpenPrintDfpWindow function| createDfpPreviewContent function| OpenPrintWindow function| createPreviewContent function| unhideElementByClassName function| isPaginationTable function| isPaginationTable1 function| replaceAll function| openPrintPreview function| dummyPrint function| cancelPrintPreview function| getFirstChild function| removeAttributeByElementTagName function| removeElementByTagName function| selectHTMLElements function| removeElementByTagNameAndAttribute function| replaceElementByTagNameAndAttribute function| toggleClassNameByTagNameAndAttribute function| addPaddingToElementByTagNameAndAttribute function| replaceElementByTagName function| boldSignValue function| OpenPrintWindowInstasure function| createPreviewContentInstaSure function| openPrintPreviewInstasure function| confirmDisableEnable function| onlyNumericsAndFocus function| onlyNumerics function| bCheckDigit function| bIsDigitOnly function| bCheckBlank function| iParseLongDate function| bDateIsValid function| bCheckTel function| fEmailCheck function| fDBSCurrencyToFloat function| szFloatToDBSCurrency function| szFloatToDBSCurrencyLatest function| szLTrim function| szRTrim function| szTrim function| checkInputDate function| isANumMoreThanTwice function| isSeqNumber function| isANumConsecutive function| isMetaCharacter function| isANumRepetitive function| checkContactNum function| isWithinLengthRange function| isAlphaNumeric function| isAlphaNumericWithSpace function| isAlphaNumericWithSpace1 function| isAlphaNumericWithSpacesforPersonalizemyname function| isNumeric function| isPinValid number| shiftPress function| keyUp function| checkAllowedSpecialCharacter function| freeStringValidation function| freeStringValidationForTTService function| checkAllowedSpecialCharacterForTTService function| parser function| checkForSpecialCharacters function| onlyNumericsV2 function| showNotification function| hideNotification function| hideNotification1 function| closeNotification function| aaLostFocusFieldGMC function| aaLinkClickThroughHeader function| aaLinkClickThroughHeaderSail function| aaCompletionBannerImpression function| aaCompletionBannerClick function| callNIFunnelReport function| callNIFieldAbandonmentTracking function| callNIBannerImpression function| nestedBannerImpression function| callNIBannerClick function| callNIBannerConversion function| callNIClick function| rejectCountBanner function| clickCountBanner function| viewCountBanner function| getCurrentDateTime function| DBSLogin string| route_name0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
digibank-sg.com
internet-banking.dbs.com.sg
internet-banking.dbs.com.sg
104.18.24.233
185.61.152.36
0193214fa8e6b4967207ae6e2e1658b604ac155f62b8e7bcee48ca01b58493ab
01b382128b875cc8eccca340017fcc01b2fdf5144b520a3897813b051499220a
1ee9a1644536e603c3e39cb40890ddd199ec31c285a7c480b5c6b206c7cd5016
670fa4ed164584483d1066b5304061089d05e467c12aa6ed18919f6fcf0d53fd
67cd03ebd2dc8d65b36e3968422a7b86c3b0178f8afc5d0d789fef6d0e884013
6cca86c2abcb72266e06a7adb60a3a75d73a092b69bb9732b6c0d1b169e0a35e
7616152d6438731a68975f8e217041fa4df3e163a644f1d74189d83df93da25a
84086bb634fc6fd223918894c6b74641811e06e84007937c5809942b7a02ddff
85072496700e821fb8567e4591598e7818a7345d4d659f7a7bc4617fc286d3d8
8fde3b7e7614c23b342d70797d7c1597b6955639d3422040d800051101c842fb
94f9149f1315d2a1b9f44a7fd18360f4ef65b7255fbde2d926619c00b37fcbe9
9e93a2a40b22900dfb76bf7898c95dec13e34fe47bb143bbc40210258a6d813a
bc8028a27be05f884d8be8027ad78e3130f6b0ec4a803a613b80c3edd3e27b9c
bced9bf8523a4bc97b0a263dbab8943ff2651ed0a89356ac007623e3dd0d809c
d715b2622a62ee581868e9dc9ad1799012bcd0c88c29827c7604967bed30018a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855