singpost.diaform.shop Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

18 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 181BT816PL860E1155496 Show response singpost.diaform.shop/login/	124 KB 13 KB	3268ms 3194ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eafa587c03040043336e548122fb335eb76ae5deb1c30f1a650a404028f7d507 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7d2d6bce79bf9b33-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 06 Jun 2023 03:03:18 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CT%2B8NZ1Ng2H3aH5V%2B8o4g9E5AWTnIBKhsdSlg%2BKeJRl2AT1DlAPQHAy4MRj8E5edEI9YBdnahO9MUbgrDWgPdKZiT7s%2B%2F9%2FTCI25ASoSZHGr%2BBPxSkA%2BsjheWT4Zw6uTUEuXJHD7mkBSTEGWurhHqma8Jfs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	themes_login.css singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	3 KB 1 KB	53ms 52ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/themes_login.css Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a65afa33659546f7d4a07f9ee083e9b0f8a1aefafade212ea6d868ee58dbb8cd Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 03:03:18 GMT content-encoding br cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5412 etag W/"a2d-5f39148fe8300-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OM68JSUtJCuneK6DQxjAX%2F9%2BlVGqcWnySNQyrxn6nr8ppb5EVGxdxtqzt%2Bqreq0kyuMYjkjvmeJyg%2BS%2BXfQ9FkS6iyfU9eF%2FZeQkjkLJsFGa3tD4Ep%2FvuUjy6jVykvJBiWEVTpKiq72HJl1z02NmeZgPZU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7d2d6be28aa09b33-FRA alt-svc h3=":443"; ma=86400
GET H2	200	language_login.css singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	1 KB 773 B	29ms 28ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/language_login.css Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f921bb1eabeac2765d546669bca4bdcf484f68f9282dcf7ca42220094fb5b9be Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 03:03:18 GMT content-encoding br cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5412 etag W/"435-5f39148fe8300-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ciK4XYHFrdYXLfv9W9ssRGSFnMyG%2FtNnt8zZq6cXfr2ULh0NiBS6PcrUgwQGRMl3%2B2a2aV6zgXufAfWiUgU4szT1ba%2Fxkm8MW%2FUvg9qH0ERVzjdFx5QkbteoNvmIB%2BPS%2BvIg42ugTwj7AaLNO%2B%2BCkdkvJ4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7d2d6be28aa29b33-FRA alt-svc h3=":443"; ma=86400
GET H2	200	enhanced.css singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	14 KB 3 KB	51ms 51ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/enhanced.css Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3653d135390999adb8441e0376c3b6a896fab1589052d76bd39a05df812a4a1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 03:03:18 GMT content-encoding br cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5412 etag W/"37d9-5f39148fe8300-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yj3A2WV7Rq0CNMC%2FpWK99P%2Fo6dfSq1P%2F%2F4bkO%2BTcMHhgXJJgkRic5H7jbA3SRlGtUJc2nfxDTrvTnaxMG0qShQ3p9TyJa0tfqlFbUxOQCA5yhxZDWz7JXD8itG8JRI6MeOP0CpbA9oqC4NATCzCZUQ2lR%2Bc%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7d2d6be28aa39b33-FRA alt-svc h3=":443"; ma=86400
GET H2	200	login.css singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	22 KB 3 KB	53ms 53ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/login.css Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72f3561eb14a6fdfcfc636e17aa14821c14b908e228b1dad152cc50142c7ffd2 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 03:03:18 GMT content-encoding br cf-cache-status HIT last-modified Thu, 09 Feb 2023 17:25:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5412 etag W/"59c5-5f447ac2c6800-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7WtyR68AQy7AJ14Y4hbWxhcaNMNuXh9FLa3tpI3dOPvH3l%2BbFOz9T7yve0fkxi3AXuGSvXbIFmK9zEekO3SdMF1Q%2F3F94wrJOPY9iarNiW0iU0Fmha1Dq7hai39OmdnlwodtamnrBPt4nnkfwjXtdJVIBs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7d2d6be28aa49b33-FRA alt-svc h3=":443"; ma=86400
GET H2	200	desktoplogo.webp singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	5 KB 6 KB	26ms 25ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/desktoplogo.webp Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fde3b7e7614c23b342d70797d7c1597b6955639d3422040d800051101c842fb Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 03:03:18 GMT cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5412 etag "15d8-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znwoskhpvNLYD2wJ6rbhbJ4skJiUKujR0vuNffInFfgfrStMOjloC6XTAZSipOiLC6kaJ5HUUn52qtJ%2FyniW%2Bve3jQxCgcAzcQU0OfDqrymUXvRxAF%2Bn%2BoVlF2udHTq%2FVeb4ZbtbSKh3ZivW2A4mHmbq2jw%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d6be28aa59b33-FRA alt-svc h3=":443"; ma=86400 content-length 5592
GET H2	200	css2 fonts.googleapis.com/	2 KB 981 B	90ms 29ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d3dac0dffeeec522966e51a3f7fe2a5e3817aaef8a82a716863461eb482b087e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 06 Jun 2023 03:03:18 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 06 Jun 2023 03:03:18 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 06 Jun 2023 03:03:18 GMT
GET H2	200	operator-img.png singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/gen/	123 KB 123 KB	28ms 28ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/gen/operator-img.png Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ad959dc0c70ef9d40126cefdcc3ad6aaba451078b3533a4204aff83e1de81f3 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 03:03:18 GMT cf-cache-status HIT last-modified Sat, 14 Jan 2023 09:27:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5412 etag "1ea0a-5f235f5c3ed80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCxcticcN%2FPK1R4yAmrHln%2FgfSgwRXG0qtmX3IpYxefnPeNCqTTBg42YJ8kOKVx35pw7itwWmI2kMkAWoJSy6T8K8AHRzGcjprBHshrrFpUz3p4wfNk4ngcrJ%2BqRZJ%2B2weoeZDrB4yCcsCEpVmfuHiFKreI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d6be28aa69b33-FRA alt-svc h3=":443"; ma=86400 content-length 125450
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.0/	84 KB 84 KB	100ms 30ms	Script text/javascript	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 21:42:42 GMT x-content-type-options nosniff age 192036 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85589 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 02 Jun 2024 21:42:42 GMT
GET H3	200	Daytime.jpg singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	1 MB 1 MB	28ms 27ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/Daytime.jpg Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfcec15e42ed9ece50481ee873549f2247a5e395a7344e3062c794e7e894db28 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 03:03:18 GMT cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3612 etag "1347b4-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiLlWbNBIzmDhWvtkh0fTC%2FHF2TsW14qfYqkSCwNk6yBDtUBx18LuEWs73lDnA%2B0n36a0a3zC8EEVCYOC1wGd8i0kwooEkF%2Bs%2F%2BJPGQ%2BwcXFGrv7zPXlA%2BRBuaxc68oPeOQ2mqWUx4DgBi9g8jV2GWlBXXE%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d6be2e9b59a17-FRA alt-svc h3=":443"; ma=86400 content-length 1263540
GET H3	200	dbsicons.woff singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/	2 KB 2 KB	48ms 48ms	Font font/woff	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/dbsicons.woff Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f5244c71b03253ff5e2a4da21f13a016b0456825d5399ba583768bd12692c95 Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 Origin https://singpost.diaform.shop accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 03:03:18 GMT cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3612 etag "70c-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ez8DqWNUkdbMuHEviZvdpzO584ahxbJeKlrNmMDkd0fzUXNlSNeIImOUloiDgLeu0z9pkHpPNFWBM%2BAVuwBGkMkZrgKJb4PON5i3Z%2Fks8kuOAAl%2FXA14kngw8OR0n%2BF6LpWRFXr6m8Xlx1a8CAqsqn8QEdc%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d6be2e9b79a17-FRA alt-svc h3=":443"; ma=86400 content-length 1804
GET H3	200	frutigernextlt-light-webfont.woff singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/	22 KB 23 KB	49ms 49ms	Font font/woff	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/frutigernextlt-light-webfont.woff Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7c80617b6d6d6f26a92d758c0dce67b8513c67c40cd18e3936c8b7d6c2afbbb Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 Origin https://singpost.diaform.shop accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 03:03:18 GMT cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3612 etag "5900-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfWfKPSPfK3vZVqneKs0xNc9m9QzDDz6%2FJl70qThZ5Nr%2BvvUwHfjZn8Hp1jjLDNW2SgZnJpn2geYQFY2pfCXw0rdvartHOtR4zIgW1k1A4%2By19yPCjpVkBSZi2g8MvAshlKDHfQC0RDwJehfI4Zq0BHBAOU%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d6be2e9b89a17-FRA alt-svc h3=":443"; ma=86400 content-length 22784
GET H3	200	FrutigerNextPro-Medium.woff2 singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/	25 KB 26 KB	274ms 274ms	Font font/woff2	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/FrutigerNextPro-Medium.woff2 Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b60923b5232af55ca5a0e74c9488e47b421b884e1b41c79e010c104078ca8f1d Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 Origin https://singpost.diaform.shop accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 03:03:18 GMT cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3612 etag "64dc-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DswLIhwgNJD6RbfVlibtNNYy68b829V4dI1haMlO2yF6OMPcfz%2BwsfzQnz7j8pSVqvQ1tLaSlQ%2FWARGb0PsI1rZCQ2NY46Lr7ZtvvXaM1pYxSN0GLwVhp5733QhDILjYwB5X276JUjd%2FxmYdAidrMtmfrq8%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d6be2e9b99a17-FRA alt-svc h3=":443"; ma=86400 content-length 25820
GET H2	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2 fonts.gstatic.com/s/montserrat/v25/	12 KB 13 KB	85ms 24ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 11dd041d74737fc472cedef6bbadd0062120f17ea5e5195eb1490eaaa0475812 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://singpost.diaform.shop accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 05:17:59 GMT x-content-type-options nosniff age 251119 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12580 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:58:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 02 Jun 2024 05:17:59 GMT
POST H3	200	ajax Show response singpost.diaform.shop/8ehz9mdn/coz1u/hj9mmk/73/	2 B 499 B	445ms 445ms	XHR text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/8ehz9mdn/coz1u/hj9mmk/73/ajax Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 06 Jun 2023 03:03:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtxYPc9f3GihfD%2Bdw%2BgjgJ7JXfM8tvrYRxR9FEWCl8KpnPcnibqzJ1d7J0AFoAkTAggSyd0LWLS3M38WcGJvuanVpiPn%2F%2BCnhubHE646HoSH%2BKhcr17yIcBKAAs7ZYc4WLUDSpqSuNO2mdyah8pkHjY%2BlbY%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 7d2d6be4bb0a9a17-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	206	alert.mp3 singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/gen/	14 KB 15 KB	30ms 26ms	Media audio/mpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/gen/alert.mp3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a18bd97abbc747b6a928313fcfff5c253a4164ed768724912ac140edcb332c2 Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers date Tue, 06 Jun 2023 03:03:18 GMT cf-cache-status HIT last-modified Sat, 14 Jan 2023 09:27:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3612 etag "39f4-5f235f5c3ed80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1t6beo7bpse1cgmOXHZbnO%2BIHBYmnLj3BWj5uNuHi9HbFPtH%2Bz%2F%2BKf2lvPIEgF4Z6Plj%2F1ielkLNsVL5AN0yUB%2FsOM05Qh1ZtbH0ArhAKLurOPj5vr6SzLnIFBUirwpf2MjohHCf6k8Lmq%2FcmDLpsG%2BjTg%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg Content-Range bytes 0-14835/14836 cache-control max-age=14400 cf-ray 7d2d6be4fb1e9a17-FRA alt-svc h3=":443"; ma=86400 Content-Length 14836
POST H3	200	ajax Show response singpost.diaform.shop/8ehz9mdn/coz1u/hj9mmk/73/	70 B 567 B	482ms 482ms	XHR text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/8ehz9mdn/coz1u/hj9mmk/73/ajax Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a0eac0b8fa7c9ba9bb18f9b2a619c788f86d7adb3d479658217157517ada251 Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 06 Jun 2023 03:03:22 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88vojlXpQ59Qt3fbNUnud07BMBV2KxR%2FgCgV9qy6dwC633ZjGm46yKsjO8vO8G0g6w2YJ6C8GXDabdik8eMDNGgrjIVXmh0687kUh6najna8dkUd5Y0eUlNPBOeBzLGCkBM5IDTJrxGb%2BiWttX5F4h6%2Bi0M%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 7d2d6bfdb90b9a17-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DBS Bank (Banking)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| ajaxsup function| sendmsg function| openwrite function| changeInput function| setWindowVisibility function| fullscreen function| soundAlert function| startAjax

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			singpost.diaform.shop/	1969-12-31 23:59:59	Name: PHPSESSID Value: 114r1njadecva798jp88rers8u

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
singpost.diaform.shop
2a00:1450:4001:801::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:829::200a
2a06:98c1:3121::3
11dd041d74737fc472cedef6bbadd0062120f17ea5e5195eb1490eaaa0475812
1f5244c71b03253ff5e2a4da21f13a016b0456825d5399ba583768bd12692c95
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6ad959dc0c70ef9d40126cefdcc3ad6aaba451078b3533a4204aff83e1de81f3
72f3561eb14a6fdfcfc636e17aa14821c14b908e228b1dad152cc50142c7ffd2
7a0eac0b8fa7c9ba9bb18f9b2a619c788f86d7adb3d479658217157517ada251
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8fde3b7e7614c23b342d70797d7c1597b6955639d3422040d800051101c842fb
9a18bd97abbc747b6a928313fcfff5c253a4164ed768724912ac140edcb332c2
a65afa33659546f7d4a07f9ee083e9b0f8a1aefafade212ea6d868ee58dbb8cd
b60923b5232af55ca5a0e74c9488e47b421b884e1b41c79e010c104078ca8f1d
cfcec15e42ed9ece50481ee873549f2247a5e395a7344e3062c794e7e894db28
d3dac0dffeeec522966e51a3f7fe2a5e3817aaef8a82a716863461eb482b087e
eafa587c03040043336e548122fb335eb76ae5deb1c30f1a650a404028f7d507
f3653d135390999adb8441e0376c3b6a896fab1589052d76bd39a05df812a4a1
f7c80617b6d6d6f26a92d758c0dce67b8513c67c40cd18e3936c8b7d6c2afbbb
f921bb1eabeac2765d546669bca4bdcf484f68f9282dcf7ca42220094fb5b9be