singpost.diaform.shop Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

18 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response singpost.diaform.shop/login/181BT816PL860E1155496/	106 KB 13 KB	2769ms 2693ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b286100e2d39f032dc8a2cf046f2dd55f871afa9580ca59196c6c013efbb16b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7d2d13a3d895361b-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 06 Jun 2023 02:03:06 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIpAhIRfGdWpURH6QlSBy4A63TLNy5%2Bp84IM34LCmlkK9xjAp%2Bpd6ByfW%2BowzmZ1a7hEEKTs%2BGxGB0CxI9JOO%2FtWtKCanUb4GmAfizns49Fkx2cmXQKAOEU4R18gFNpSnx1PdQxA2gK1pnpB3qZMueKDgkU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	themes_login.css singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	3 KB 1 KB	27ms 25ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/themes_login.css Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a65afa33659546f7d4a07f9ee083e9b0f8a1aefafade212ea6d868ee58dbb8cd Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:03:06 GMT content-encoding br cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1365 etag W/"a2d-5f39148fe8300-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2GioDeJxF5mrUHZeFYYVfiVucbO8fK%2FL2VU%2Bbz6aIcXPEGNtV5GKJIbCV0x%2BTk00ibiBKjqKB%2B87AD1UzUWp7yivH3CyJ9QYvcLh3WGBwrwjL6GKkbOJ6gznNiK58Uy6QhM4T1Tt39XG20%2FPeFNA%2FsCxuA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7d2d13b4bb48361b-FRA alt-svc h3=":443"; ma=86400
GET H2	200	language_login.css singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	1 KB 760 B	63ms 61ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/language_login.css Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f921bb1eabeac2765d546669bca4bdcf484f68f9282dcf7ca42220094fb5b9be Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:03:06 GMT content-encoding br cf-cache-status MISS last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"435-5f39148fe8300-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAbQIdi96N%2BGL%2By7dznMcrauCfFAno6Q0%2BsYzAxdc6714TR53n860uoiNNNXwyRwbsNRM9dRf5wQvYg8ruzgXIGf%2Bdf9DWgC13bFyy2JZ53rc56yCSKcO3n9EhQ%2BmM5sB0Y3YSUVz2jI2GF3qRG46AHQfvI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7d2d13b4bb4b361b-FRA alt-svc h3=":443"; ma=86400
GET H2	200	enhanced.css singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	14 KB 3 KB	66ms 64ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/enhanced.css Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3653d135390999adb8441e0376c3b6a896fab1589052d76bd39a05df812a4a1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:03:06 GMT content-encoding br cf-cache-status MISS last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"37d9-5f39148fe8300-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhL4%2FmZaZHk2NQcaYu4e8AmV5BgTbpxsu2qOwL90jM8WG5ZB%2F%2Fexr43ejtfQOt%2FvsY3im09Fse%2Bd1JSOfSORd%2BZAYK6KltVRGrM5MlnKtBEOe0%2FXUk4JhTYv3%2FIz6jHFSM6Pd23cxHRXJKjo4UU%2Bm2sez8U%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7d2d13b4bb4c361b-FRA alt-svc h3=":443"; ma=86400
GET H2	200	login.css singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	22 KB 3 KB	63ms 62ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/login.css Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72f3561eb14a6fdfcfc636e17aa14821c14b908e228b1dad152cc50142c7ffd2 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:03:06 GMT content-encoding br cf-cache-status MISS last-modified Thu, 09 Feb 2023 17:25:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"59c5-5f447ac2c6800-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KQQNDPoxSoCRP72YkODMrOu%2FW005qPTErCCPY6P1AoQvJgOx2wV0XDhDar1bf%2F0FKl6kVLdJDsRGpewPFqLNGM3SxUBjSpR6%2FzLw%2FJaZlh3jbag2gXgOfgoOLkzKW2qXAC2QnK1PvES4MEpHF7elUHN5I4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7d2d13b4bb4d361b-FRA alt-svc h3=":443"; ma=86400
GET H2	200	desktoplogo.webp singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	5 KB 6 KB	62ms 61ms	Image image/webp	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/desktoplogo.webp Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fde3b7e7614c23b342d70797d7c1597b6955639d3422040d800051101c842fb Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:03:06 GMT cf-cache-status MISS last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "15d8-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkGIYAusjHHt7ktB4YCKaTN4bK2u4qzSLSqc6DD%2BYN3xEMPPa1DePtQva%2FnwkNvHNzYvmggVdMCG%2FdpYgzEC8zn42RIJ%2Fe9AywZxHOTK4OrMRaRWMP07vJm34mQYKFKzzZyPPT5bkJofpSsRvBqqorveSf0%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d13b4bb4e361b-FRA alt-svc h3=":443"; ma=86400 content-length 5592
GET H2	200	css2 fonts.googleapis.com/	2 KB 981 B	84ms 32ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d3dac0dffeeec522966e51a3f7fe2a5e3817aaef8a82a716863461eb482b087e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 06 Jun 2023 02:03:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 06 Jun 2023 02:03:06 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 06 Jun 2023 02:03:06 GMT
GET H2	200	operator-img.png singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/gen/	123 KB 123 KB	31ms 30ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/gen/operator-img.png Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ad959dc0c70ef9d40126cefdcc3ad6aaba451078b3533a4204aff83e1de81f3 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:03:06 GMT cf-cache-status HIT last-modified Sat, 14 Jan 2023 09:27:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1795 etag "1ea0a-5f235f5c3ed80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bI2fYnZOD1noOvsi7Y49NEcw81bGAAwGFSVdQQrkkzCw0j%2BE1bkhbXEOxh9jb7evZgV8pmy7YbTmo0KD1WaxalBTst9ozSU0i%2F3SY9%2Fb7Qa%2BO%2Fv9QEqYs5jIdEQc5jdPyz1DB9Ij17CGyTKVDUb6HcoR%2F6s%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d13b4bb4f361b-FRA alt-svc h3=":443"; ma=86400 content-length 125450
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.0/	84 KB 84 KB	121ms 45ms	Script text/javascript	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 21:42:42 GMT x-content-type-options nosniff age 188424 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85589 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 02 Jun 2024 21:42:42 GMT
GET H3	200	Daytime.jpg singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	1 MB 1 MB	64ms 64ms	Image image/jpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/Daytime.jpg Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfcec15e42ed9ece50481ee873549f2247a5e395a7344e3062c794e7e894db28 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:03:06 GMT cf-cache-status MISS last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1347b4-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUmyuKpK%2FhtdF%2BCKCEON2SDWADC5xsq%2BgGaBEyocLqQFCzjkpAc5mcuA%2FIyaluHZgiHw%2Fan7UJ1Y4ctLucOyHFAetkfx1o2c5u%2FooNYjtEx4mjT%2FTNoEZn4JYuluBQ%2FEFex4Ef7HPMkdxbI9CDEsArm%2FYWI%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d13b54aa49a0c-FRA alt-svc h3=":443"; ma=86400 content-length 1263540
GET H3	200	dbsicons.woff singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/	2 KB 2 KB	78ms 75ms	Font font/woff	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/dbsicons.woff Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f5244c71b03253ff5e2a4da21f13a016b0456825d5399ba583768bd12692c95 Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496/ Origin https://singpost.diaform.shop accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:03:06 GMT cf-cache-status MISS last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "70c-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFzgIiQhfsnVa2%2B4JyFSh%2FTvdfR7v2vWqDCGIYj7oHTw8QzbCtRTaB7Z8qSFyADMk4xX30XkAtmXuI0t82N%2FeS62HnSl7qQl7GaYFNUTMjhiJNBa64804vH8lX8uyj225uEiFfzPvws2JGJTTOIiTSgWc6U%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d13b55ab89a0c-FRA alt-svc h3=":443"; ma=86400 content-length 1804
GET H3	200	frutigernextlt-light-webfont.woff singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/	22 KB 23 KB	79ms 76ms	Font font/woff	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/frutigernextlt-light-webfont.woff Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7c80617b6d6d6f26a92d758c0dce67b8513c67c40cd18e3936c8b7d6c2afbbb Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496/ Origin https://singpost.diaform.shop accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:03:06 GMT cf-cache-status MISS last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5900-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKaMxha9QsEYax7%2B%2FIrBAbw9Np4nWE6zyqj5GgPN7%2Fr5Ji8opY6WfweLN4KZCKfDXHqMBCGZmX9MZf0yWhRFgpsqcDrkdOQjorapbj8DUHfs2krUpA2xgDaDNIx8VbKCxCxVJiF3Q4LzoAzhqhp7gTxnvj0%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d13b55ab99a0c-FRA alt-svc h3=":443"; ma=86400 content-length 22784
GET H3	200	FrutigerNextPro-Medium.woff2 singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/	25 KB 26 KB	77ms 74ms	Font font/woff2	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/FrutigerNextPro-Medium.woff2 Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b60923b5232af55ca5a0e74c9488e47b421b884e1b41c79e010c104078ca8f1d Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496/ Origin https://singpost.diaform.shop accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:03:06 GMT cf-cache-status MISS last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64dc-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRqA30MFwju1SrakV46pCmvRyMTH4gr8OnxOnwj20ybcfWlvaw35WQ96kQifu%2Ff7r2E4GUuk2Dhid3PVPybxFp3caCrFimuXXXpU%2BFm7MMGtyBrJhtZu1bNw0EYUjoKbiy7VYbFFT1l50o53FxKEPs7oFLg%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d13b55aba9a0c-FRA alt-svc h3=":443"; ma=86400 content-length 25820
GET H2	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2 fonts.gstatic.com/s/montserrat/v25/	12 KB 13 KB	100ms 19ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 11dd041d74737fc472cedef6bbadd0062120f17ea5e5195eb1490eaaa0475812 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://singpost.diaform.shop accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 22:20:05 GMT x-content-type-options nosniff age 186181 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12580 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:58:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 02 Jun 2024 22:20:05 GMT
POST H3	200	ajax Show response singpost.diaform.shop/8ehz9mdn/coz1u/hj9mmk/73/	2 B 494 B	450ms 449ms	XHR text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/8ehz9mdn/coz1u/hj9mmk/73/ajax Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 06 Jun 2023 02:03:07 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4z6DH7xe1QeLw9amR3MkzpiaZVKeIiEqZMPih8WhsNkrPSbIDjk6lE2w2X%2Fpc6nEfccB25%2BT2pyVgT6by8HlCl2fuzKtbiRvHwrh2itwZy48zVxoATIaRIH9YBhjUK2Gr6EKraW0AveL3n1WBWIegc%2FlTJM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 7d2d13b6bbb89a0c-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	206	alert.mp3 singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/gen/	14 KB 15 KB	52ms 51ms	Media audio/mpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/gen/alert.mp3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a18bd97abbc747b6a928313fcfff5c253a4164ed768724912ac140edcb332c2 Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers date Tue, 06 Jun 2023 02:03:06 GMT cf-cache-status MISS last-modified Sat, 14 Jan 2023 09:27:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "39f4-5f235f5c3ed80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIgFQ%2BXnRnjOrtIh8v0hIklecfPqinPcCXahL9OgzuyutVoZx7wPvi9dALrNPxOWG%2BTcDH3AYKaYff0jz9TcfSRsisZXDrsSAK99N6yFPaoN%2Bj4Hmy7zIRCK82RPyISEAEf02L6ZhYFOBsDcokLBYbOv0us%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg Content-Range bytes 0-14835/14836 cache-control max-age=14400 cf-ray 7d2d13b6cbbd9a0c-FRA alt-svc h3=":443"; ma=86400 Content-Length 14836
POST H3	200	ajax Show response singpost.diaform.shop/8ehz9mdn/coz1u/hj9mmk/73/	70 B 572 B	427ms 426ms	XHR text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/8ehz9mdn/coz1u/hj9mmk/73/ajax Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a0eac0b8fa7c9ba9bb18f9b2a619c788f86d7adb3d479658217157517ada251 Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 06 Jun 2023 02:03:11 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AO6phSQKeo3bBDtTCbl0r5Did%2Fj9sUwakcGs%2F8GhttgCiXzFuPXZ%2FjjZZHNChh1EGwIttcR%2BAk%2B5qCZKr6ogIHwmh8Bx8CiyEoib6ki895xABBy8OtQ%2Fry5Lum9LrZtfeZaoeAtvGKmO%2BTmVe8eKdwUiiEk%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 7d2d13cfccb29a0c-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DBS Bank (Banking)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| ajaxsup function| sendmsg function| openwrite function| changeInput function| setWindowVisibility function| fullscreen function| soundAlert function| startAjax

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			singpost.diaform.shop/	1969-12-31 23:59:59	Name: PHPSESSID Value: m22b97rvok7egolamlkacdivqm

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
singpost.diaform.shop
2a00:1450:4001:809::200a
2a00:1450:4001:810::200a
2a00:1450:4001:827::2003
2a06:98c1:3120::3
11dd041d74737fc472cedef6bbadd0062120f17ea5e5195eb1490eaaa0475812
1f5244c71b03253ff5e2a4da21f13a016b0456825d5399ba583768bd12692c95
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6ad959dc0c70ef9d40126cefdcc3ad6aaba451078b3533a4204aff83e1de81f3
6b286100e2d39f032dc8a2cf046f2dd55f871afa9580ca59196c6c013efbb16b
72f3561eb14a6fdfcfc636e17aa14821c14b908e228b1dad152cc50142c7ffd2
7a0eac0b8fa7c9ba9bb18f9b2a619c788f86d7adb3d479658217157517ada251
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8fde3b7e7614c23b342d70797d7c1597b6955639d3422040d800051101c842fb
9a18bd97abbc747b6a928313fcfff5c253a4164ed768724912ac140edcb332c2
a65afa33659546f7d4a07f9ee083e9b0f8a1aefafade212ea6d868ee58dbb8cd
b60923b5232af55ca5a0e74c9488e47b421b884e1b41c79e010c104078ca8f1d
cfcec15e42ed9ece50481ee873549f2247a5e395a7344e3062c794e7e894db28
d3dac0dffeeec522966e51a3f7fe2a5e3817aaef8a82a716863461eb482b087e
f3653d135390999adb8441e0376c3b6a896fab1589052d76bd39a05df812a4a1
f7c80617b6d6d6f26a92d758c0dce67b8513c67c40cd18e3936c8b7d6c2afbbb
f921bb1eabeac2765d546669bca4bdcf484f68f9282dcf7ca42220094fb5b9be