frequencesud.re Open in urlscan Pro
2001:41d0:301::23  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request payment.php Show response frequencesud.re/sg/spread/m/	22 KB 5 KB	169ms 118ms	Document text/html	2001:41d0:301::23 OVH
General Check archive.org Show headers Download Go to Full URL https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:41d0:301::23 , France, ASN16276 (OVH, FR), Reverse DNS Software Apache / PHP/7.4 Resource Hash c4de73d94dfbd3a5d0bd9819709bac3bc71dd06eb8a977e26b3b1e2fe0b26fa7 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 03 Apr 2022 02:48:20 GMT host www.fbi.gov origin https://www.fbi.gov referer https://www.fbi.gov remote_addr 104.16.77.187 server Apache vary Accept-Encoding x-content-type nosniff x-forwarded-host www.fbi.gov x-forwarded-proto https x-powered-by PHP/7.4 x-xss-protection 1; mode=block x_forwarded_for 104.16.77.187
GET H2	200	bootstrap.min.css frequencesud.re/sg/assets/all/	124 KB 20 KB	41ms 40ms	Stylesheet text/css	2001:41d0:301::23 OVH
General Check archive.org Show headers Download Go to Full URL https://frequencesud.re/sg/assets/all/bootstrap.min.css Requested by Host: frequencesud.re URL: https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:41d0:301::23 , France, ASN16276 (OVH, FR), Reverse DNS Software Apache / Resource Hash fdebe333f5f73f4d759428fec21474e9462ea493838710a102667b3ea9e3c298 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 02:48:20 GMT content-encoding gzip origin https://www.fbi.gov x_forwarded_for 104.16.77.187 x-forwarded-proto https content-length 20071 x-xss-protection 1; mode=block server Apache x-content-type nosniff remote_addr 104.16.77.187 last-modified Sun, 03 Apr 2022 01:29:33 GMT x-forwarded-host www.fbi.gov host www.fbi.gov vary Accept-Encoding content-type text/css cache-control max-age=900 referer https://www.fbi.gov accept-ranges bytes expires Sun, 03 Apr 2022 03:03:20 GMT
GET H2	200	style.css frequencesud.re/sg/assets/all/	16 KB 5 KB	25ms 24ms	Stylesheet text/css	2001:41d0:301::23 OVH
General Check archive.org Show headers Download Go to Full URL https://frequencesud.re/sg/assets/all/style.css Requested by Host: frequencesud.re URL: https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:41d0:301::23 , France, ASN16276 (OVH, FR), Reverse DNS Software Apache / Resource Hash 623f9cddacbbeaf3ff9c7cf2f92b40823f97bd8af90ed2cfc35e00ec718eb0ec Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 02:48:20 GMT content-encoding gzip origin https://www.fbi.gov x_forwarded_for 104.16.77.187 x-forwarded-proto https content-length 4610 x-xss-protection 1; mode=block server Apache x-content-type nosniff remote_addr 104.16.77.187 last-modified Sun, 03 Apr 2022 01:29:33 GMT x-forwarded-host www.fbi.gov host www.fbi.gov vary Accept-Encoding content-type text/css cache-control max-age=900 referer https://www.fbi.gov accept-ranges bytes expires Sun, 03 Apr 2022 03:03:20 GMT
GET H2	200	material-icons.css frequencesud.re/sg/assets/all/	970 B 850 B	24ms 23ms	Stylesheet text/css	2001:41d0:301::23 OVH
General Check archive.org Show headers Download Go to Full URL https://frequencesud.re/sg/assets/all/material-icons.css Requested by Host: frequencesud.re URL: https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:41d0:301::23 , France, ASN16276 (OVH, FR), Reverse DNS Software Apache / Resource Hash afb727c828f3957ada8e546f9bce9c9c733bc1d2f09a83eb47f2114302cd9f2b Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 02:48:20 GMT content-encoding gzip origin https://www.fbi.gov x_forwarded_for 104.16.77.187 x-forwarded-proto https content-length 444 x-xss-protection 1; mode=block server Apache x-content-type nosniff remote_addr 104.16.77.187 last-modified Sun, 03 Apr 2022 01:29:33 GMT x-forwarded-host www.fbi.gov host www.fbi.gov vary Accept-Encoding content-type text/css cache-control max-age=900 referer https://www.fbi.gov accept-ranges bytes expires Sun, 03 Apr 2022 03:03:20 GMT
GET H2	200	all.css frequencesud.re/sg/assets/all/	68 KB 13 KB	39ms 38ms	Stylesheet text/css	2001:41d0:301::23 OVH
General Check archive.org Show headers Download Go to Full URL https://frequencesud.re/sg/assets/all/all.css Requested by Host: frequencesud.re URL: https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:41d0:301::23 , France, ASN16276 (OVH, FR), Reverse DNS Software Apache / Resource Hash 8c427d3d4cb3b1e2dbb9cbdada3fd4873907dbac455e8f1f3d92f60bd1528e15 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 02:48:20 GMT content-encoding gzip origin https://www.fbi.gov x_forwarded_for 104.16.77.187 x-forwarded-proto https content-length 12748 x-xss-protection 1; mode=block server Apache x-content-type nosniff remote_addr 104.16.77.187 last-modified Sun, 03 Apr 2022 01:29:33 GMT x-forwarded-host www.fbi.gov host www.fbi.gov vary Accept-Encoding content-type text/css cache-control max-age=900 referer https://www.fbi.gov accept-ranges bytes expires Sun, 03 Apr 2022 03:03:20 GMT
GET H2	200	jquery-3.4.1.min.js Show response frequencesud.re/sg/assets/all/	86 KB 30 KB	53ms 53ms	Script application/javascript	2001:41d0:301::23 OVH
General Check archive.org Show headers Download Go to Full URL https://frequencesud.re/sg/assets/all/jquery-3.4.1.min.js Requested by Host: frequencesud.re URL: https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:41d0:301::23 , France, ASN16276 (OVH, FR), Reverse DNS Software Apache / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 02:48:20 GMT content-encoding gzip origin https://www.fbi.gov x_forwarded_for 104.16.77.187 x-forwarded-proto https content-length 30677 x-xss-protection 1; mode=block server Apache x-content-type nosniff remote_addr 104.16.77.187 last-modified Sun, 03 Apr 2022 01:29:33 GMT x-forwarded-host www.fbi.gov host www.fbi.gov vary Accept-Encoding content-type application/javascript cache-control max-age=900 referer https://www.fbi.gov accept-ranges bytes expires Sun, 03 Apr 2022 03:03:20 GMT
GET H2	200	popper.min.js Show response frequencesud.re/sg/assets/all/	20 KB 7 KB	23ms 23ms	Script application/javascript	2001:41d0:301::23 OVH
General Check archive.org Show headers Download Go to Full URL https://frequencesud.re/sg/assets/all/popper.min.js Requested by Host: frequencesud.re URL: https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:41d0:301::23 , France, ASN16276 (OVH, FR), Reverse DNS Software Apache / Resource Hash f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 02:48:20 GMT content-encoding gzip origin https://www.fbi.gov x_forwarded_for 104.16.77.187 x-forwarded-proto https content-length 7239 x-xss-protection 1; mode=block server Apache x-content-type nosniff remote_addr 104.16.77.187 last-modified Sun, 03 Apr 2022 01:29:33 GMT x-forwarded-host www.fbi.gov host www.fbi.gov vary Accept-Encoding content-type application/javascript cache-control max-age=900 referer https://www.fbi.gov accept-ranges bytes expires Sun, 03 Apr 2022 03:03:20 GMT
GET H2	200	bootstrap.min.js Show response frequencesud.re/sg/assets/all/	50 KB 14 KB	38ms 38ms	Script application/javascript	2001:41d0:301::23 OVH
General Check archive.org Show headers Download Go to Full URL https://frequencesud.re/sg/assets/all/bootstrap.min.js Requested by Host: frequencesud.re URL: https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:41d0:301::23 , France, ASN16276 (OVH, FR), Reverse DNS Software Apache / Resource Hash 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 02:48:20 GMT content-encoding gzip origin https://www.fbi.gov x_forwarded_for 104.16.77.187 x-forwarded-proto https content-length 14085 x-xss-protection 1; mode=block server Apache x-content-type nosniff remote_addr 104.16.77.187 last-modified Sun, 03 Apr 2022 01:29:33 GMT x-forwarded-host www.fbi.gov host www.fbi.gov vary Accept-Encoding content-type application/javascript cache-control max-age=900 referer https://www.fbi.gov accept-ranges bytes expires Sun, 03 Apr 2022 03:03:20 GMT
GET H2	200	common.js Show response frequencesud.re/sg/assets/all/	4 KB 2 KB	37ms 37ms	Script application/javascript	2001:41d0:301::23 OVH
General Check archive.org Show headers Download Go to Full URL https://frequencesud.re/sg/assets/all/common.js Requested by Host: frequencesud.re URL: https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:41d0:301::23 , France, ASN16276 (OVH, FR), Reverse DNS Software Apache / Resource Hash 5a1a9d153a5f7a50b3f80f954561f33990f456f0c658bb32fe114f0967c0621d Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 02:48:20 GMT content-encoding gzip origin https://www.fbi.gov x_forwarded_for 104.16.77.187 x-forwarded-proto https content-length 1251 x-xss-protection 1; mode=block server Apache x-content-type nosniff remote_addr 104.16.77.187 last-modified Sun, 03 Apr 2022 01:29:33 GMT x-forwarded-host www.fbi.gov host www.fbi.gov vary Accept-Encoding content-type application/javascript cache-control max-age=900 referer https://www.fbi.gov accept-ranges bytes expires Sun, 03 Apr 2022 03:03:20 GMT
GET H2	200	jquery.maskedinput.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/	10 KB 3 KB	68ms 27ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.js Requested by Host: frequencesud.re URL: https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://frequencesud.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 02:48:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 887456 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2306 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:47 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec3-284d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVH5euy9DDXz4OvVIuDB208zpkj5EzsdNz3PoXj0DjDq20ii2Wn8BQ%2BiLJJ7yK30Vfcz3h8MsptFdEFwcyHIpA0mj5x1mFIVnff3lE1jAulzNBhl%2FDlrf685e1fVoY81CyWovSr8U%2F4sr3xFWPtvaflX"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6f5e7c190a799992-CDG expires Fri, 24 Mar 2023 02:48:20 GMT
GET H2	200	singpost-logo_0.png www.singpost.com/sites/default/files/	12 KB 12 KB	1151ms 1059ms	Image image/png	2606:4700::6810:2313 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.singpost.com/sites/default/files/singpost-logo_0.png Requested by Host: frequencesud.re URL: https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:2313 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b06b90167daeb43177f96c19d95aa96f42429486fddb57fe040ef06705ea12fa Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://frequencesud.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 02:48:21 GMT x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Thu, 18 Nov 2021 02:49:18 GMT server cloudflare etag "2ea7-5d107346ba780" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/png cache-control public, max-age=1209600 accept-ranges bytes cf-ray 6f5e7c19bc2439ab-CDG vary User-Agent, Accept-Encoding content-length 11943 expires Sun, 17 Apr 2022 02:48:21 GMT
GET H2	200	carton-xl_0.png www.singpost.com/sites/default/files/	38 KB 38 KB	1345ms 1269ms	Image image/png	2606:4700::6810:2313 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.singpost.com/sites/default/files/carton-xl_0.png Requested by Host: frequencesud.re URL: https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:2313 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e155919cbd9e6b7cd3d4f0ea9ebcb6b5a626f85d172b927b8edabcf364521f3e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://frequencesud.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 02:48:22 GMT x-content-type-options nosniff cf-cache-status MISS last-modified Thu, 18 Nov 2021 02:49:50 GMT server cloudflare etag "964b-5d1073653ef80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/png cache-control public, max-age=1209600 accept-ranges bytes cf-ray 6f5e7c19bc2839ab-CDG vary User-Agent, Accept-Encoding content-length 38475 expires Sun, 17 Apr 2022 02:48:22 GMT
GET H2	200	cccc.png frequencesud.re/sg/assets/img/	7 KB 7 KB	20ms 19ms	Image image/png	2001:41d0:301::23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://frequencesud.re/sg/assets/img/cccc.png Requested by Host: frequencesud.re URL: https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:41d0:301::23 , France, ASN16276 (OVH, FR), Reverse DNS Software Apache / Resource Hash 76dc0f524b990f1a1dcb4e8fe32c0deeb5a4cd2402877250e5f29936e643ef0d Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 02:48:20 GMT origin https://www.fbi.gov x_forwarded_for 104.16.77.187 x-forwarded-proto https content-length 6932 x-xss-protection 1; mode=block server Apache x-content-type nosniff remote_addr 104.16.77.187 last-modified Sun, 03 Apr 2022 01:29:33 GMT x-forwarded-host www.fbi.gov host www.fbi.gov content-type image/png cache-control max-age=900 referer https://www.fbi.gov accept-ranges bytes expires Sun, 03 Apr 2022 03:03:20 GMT
GET H2	200	crypt.png frequencesud.re/sg/assets/img/	2 KB 2 KB	20ms 20ms	Image image/png	2001:41d0:301::23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://frequencesud.re/sg/assets/img/crypt.png Requested by Host: frequencesud.re URL: https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:41d0:301::23 , France, ASN16276 (OVH, FR), Reverse DNS Software Apache / Resource Hash c6fc8dcbd9126717ca5e8d792c6dcdf5d7aa4823b2a0445d14db1fad8d0a8f90 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://frequencesud.re/sg/spread/m/payment.php?payhttps://frequencesud.re/sg/spread/m/payment.php?payment User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 02:48:20 GMT origin https://www.fbi.gov x_forwarded_for 104.16.77.187 x-forwarded-proto https content-length 1699 x-xss-protection 1; mode=block server Apache x-content-type nosniff remote_addr 104.16.77.187 last-modified Sun, 03 Apr 2022 01:29:33 GMT x-forwarded-host www.fbi.gov host www.fbi.gov content-type image/png cache-control max-age=900 referer https://www.fbi.gov accept-ranges bytes expires Sun, 03 Apr 2022 03:03:20 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Singapore Post (Transportation)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| Popper object| bootstrap function| backToTop function| scrollFunction function| trackItem function| replaceUrlParam function| changeLanguage function| getCookie function| setModelContent function| loadModelHtmlContent function| loadModelContent function| type_carte function| handleExpInput object| forgotPwUrls

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
frequencesud.re
www.singpost.com
2001:41d0:301::23
2606:4700::6810:2313
2606:4700::6811:180e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5a1a9d153a5f7a50b3f80f954561f33990f456f0c658bb32fe114f0967c0621d
623f9cddacbbeaf3ff9c7cf2f92b40823f97bd8af90ed2cfc35e00ec718eb0ec
76dc0f524b990f1a1dcb4e8fe32c0deeb5a4cd2402877250e5f29936e643ef0d
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
8c427d3d4cb3b1e2dbb9cbdada3fd4873907dbac455e8f1f3d92f60bd1528e15
afb727c828f3957ada8e546f9bce9c9c733bc1d2f09a83eb47f2114302cd9f2b
b06b90167daeb43177f96c19d95aa96f42429486fddb57fe040ef06705ea12fa
c4de73d94dfbd3a5d0bd9819709bac3bc71dd06eb8a977e26b3b1e2fe0b26fa7
c6fc8dcbd9126717ca5e8d792c6dcdf5d7aa4823b2a0445d14db1fad8d0a8f90
e155919cbd9e6b7cd3d4f0ea9ebcb6b5a626f85d172b927b8edabcf364521f3e
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fdebe333f5f73f4d759428fec21474e9462ea493838710a102667b3ea9e3c298