singpost.diaform.shop Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

18 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 181BT816PL860E1155496 Show response singpost.diaform.shop/login/	94 KB 13 KB	2693ms 2643ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85f7952b9c4dd03688388cd68cca5940c9cf1e68e3cec919364b3b0b14e15fee Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7d2d3fe04db79bb3-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 06 Jun 2023 02:33:18 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTpIC7xbDBmPVpgpt8NzFnJmsXRffcXBkQHBJEf%2BRvjnyO6Go8csnpkewKrNQhpRFE1BfKQErRogsDPMuPR0oFP4i2hUJu3D0%2F3545P0FNOAdYHeKN9GeWuiKS8quHMJHwU6ng7qDhX%2FJ31ieqTeKr9p3nw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	themes_login.css singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	3 KB 1 KB	28ms 26ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/themes_login.css Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a65afa33659546f7d4a07f9ee083e9b0f8a1aefafade212ea6d868ee58dbb8cd Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:33:18 GMT content-encoding br cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5217 etag W/"a2d-5f39148fe8300-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0HhFAYNutQJdBupiHv3ggggCnfLGltuSgM2GEDh6ENE7ynpMEO%2BhtLqzI4%2BeWpcCEkKGAzRpxj6D%2FVSy1DQI32FN1ZuM9%2B3wKGvGVBR8P72aKoFU6DvSvV7PvgVNkG8ASaB7%2Bdu1gTNzVdKEdjnTH0KkmI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7d2d3ff0d9bc9bb3-FRA alt-svc h3=":443"; ma=86400
GET H2	200	language_login.css singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	1 KB 767 B	31ms 29ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/language_login.css Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f921bb1eabeac2765d546669bca4bdcf484f68f9282dcf7ca42220094fb5b9be Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:33:18 GMT content-encoding br cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5217 etag W/"435-5f39148fe8300-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xi%2FCeAadkZF9stglj3L7SXR%2FmlnRclb0EytMs8CJnSemh2xaQBBBsvkaaqa%2FdIeiK%2B%2BER8pbc9f7X3niz%2BC9XL6GJpqSSE0sYA3eC7TDx6p9tlIJ%2Bqn65IaYM%2F7s%2B3gDjyf7gWr3BbYPVbmZ3YZ1L%2BNPFeo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7d2d3ff0d9bd9bb3-FRA alt-svc h3=":443"; ma=86400
GET H2	200	enhanced.css singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	14 KB 3 KB	52ms 50ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/enhanced.css Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3653d135390999adb8441e0376c3b6a896fab1589052d76bd39a05df812a4a1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:33:18 GMT content-encoding br cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5217 etag W/"37d9-5f39148fe8300-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YE%2BTOdoe%2F4XnEib9eHpWWU9HJgYtUa3ZarknDIHUFnKK3Vqa6NwNvxjqzYKzWPJOJ0jIvWL2oEtFF%2Fc0M4FaCpmQXh7FrD1N%2BSK0TEb%2BydgIDAnQ26KwH7xcK0rLdt5QXoBuZ%2Bz3zNbfrXs3vmw1l%2BaGyxM%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7d2d3ff0d9be9bb3-FRA alt-svc h3=":443"; ma=86400
GET H2	200	login.css singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	22 KB 3 KB	28ms 27ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/login.css Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72f3561eb14a6fdfcfc636e17aa14821c14b908e228b1dad152cc50142c7ffd2 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:33:18 GMT content-encoding br cf-cache-status HIT last-modified Thu, 09 Feb 2023 17:25:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5217 etag W/"59c5-5f447ac2c6800-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3zRxsKs%2BmNE551MNEF0FEP3ePuaKof%2BIvyj5JeDKmka0uCLXDtjtGkzDIqR84HXCTGYazHwfMJ5vORSTDVqNtlGiN3%2BPCydzl%2FPDalut3KAKXcHaj%2B5Grx7tUFShuX6GUzFJFSq2sCOwnj705ggJK1xUBI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7d2d3ff0d9bf9bb3-FRA alt-svc h3=":443"; ma=86400
GET H2	200	desktoplogo.webp singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	5 KB 6 KB	27ms 27ms	Image image/webp	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/desktoplogo.webp Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fde3b7e7614c23b342d70797d7c1597b6955639d3422040d800051101c842fb Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:33:18 GMT cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5217 etag "15d8-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8lWX0SNconktJ8S0uLr0acjqkfZ06%2BdEdd2jHGXgwlnmrwfdsKoT2yuiTXT30fQuR1I%2FFSEVYcYa78ezQcPuZDCWqcNsQC8Rs71z6dT8CdK6grBe3HKxei3YPagMqTrwVC1WWPIexw4uAf1maTTfr9Pdoc%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d3ff0d9c09bb3-FRA alt-svc h3=":443"; ma=86400 content-length 5592
GET H2	200	css2 fonts.googleapis.com/	2 KB 981 B	84ms 32ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d3dac0dffeeec522966e51a3f7fe2a5e3817aaef8a82a716863461eb482b087e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 06 Jun 2023 02:33:18 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 06 Jun 2023 02:33:18 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 06 Jun 2023 02:33:18 GMT
GET H2	200	operator-img.png singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/gen/	123 KB 123 KB	29ms 28ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/gen/operator-img.png Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ad959dc0c70ef9d40126cefdcc3ad6aaba451078b3533a4204aff83e1de81f3 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:33:18 GMT cf-cache-status HIT last-modified Sat, 14 Jan 2023 09:27:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5217 etag "1ea0a-5f235f5c3ed80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FY%2FGC4i9Y9w2Wmtr9VKWsOJH5ry842i1Dkku7I1AQzoZTsha7HKjJGKLIkhZkoZAs4Nb98wpz3DAgZCrva5yG%2FeK1y1rMQk6TLmNS5RGanFji%2FpRnK4G9xVJ3qfm2dKkbXxxeqBfg1RM5OlOl%2BLtgT9OWs%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d3ff0d9c19bb3-FRA alt-svc h3=":443"; ma=86400 content-length 125450
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.0/	84 KB 30 KB	73ms 21ms	Script text/javascript	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 30 May 2023 06:31:36 GMT content-encoding gzip x-content-type-options nosniff age 590502 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30089 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 29 May 2024 06:31:36 GMT
GET H3	200	Daytime.jpg singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/	1 MB 1 MB	54ms 53ms	Image image/jpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/Daytime.jpg Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfcec15e42ed9ece50481ee873549f2247a5e395a7344e3062c794e7e894db28 Request headers accept-language nl-NL,nl;q=0.9 Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:33:18 GMT cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5323 etag "1347b4-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fc%2FCEDZpTKv2T%2FC3z96dsxUFwX4uj6a6rEoFUQ8FMOYbEBUZsa1unb%2BGO91lmag%2B6rkdwc3pIDutZr0a%2FmM%2BGy3MOyt2zqnemTCaOi9yBnlkbVZkii7WKiXaJ1OxAc4HJcb7aI1WHjM63H5d6f2hw0PbzTw%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d3ff14d953680-FRA alt-svc h3=":443"; ma=86400 content-length 1263540
GET H3	200	dbsicons.woff singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/	2 KB 2 KB	31ms 30ms	Font font/woff	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/dbsicons.woff Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f5244c71b03253ff5e2a4da21f13a016b0456825d5399ba583768bd12692c95 Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 Origin https://singpost.diaform.shop accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:33:18 GMT cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5323 etag "70c-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcFTDL8eV0JyMwzojLOS15TkoqbuIitaBt3gDAk6JkjE%2B2dtCbN7YiJUy1rUifiFEEY6%2B7NeKmmYFC8TZVIPF%2FLzL66Dykt3Fp2ZS0kHFRw59Lt38wEzRtE6yrFGzS%2BLNwLLyHemlsRjqLEGYBav4kvlJhw%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d3ff14d973680-FRA alt-svc h3=":443"; ma=86400 content-length 1804
GET H3	200	frutigernextlt-light-webfont.woff singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/	22 KB 23 KB	32ms 30ms	Font font/woff	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/frutigernextlt-light-webfont.woff Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7c80617b6d6d6f26a92d758c0dce67b8513c67c40cd18e3936c8b7d6c2afbbb Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 Origin https://singpost.diaform.shop accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:33:18 GMT cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5323 etag "5900-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdBkT4SznG0wkSzxg%2BqaZXLYoQSRBvrF2ONYM10ijNxn%2BiLC96Jx%2BQto3cGYrjJ%2FxwCWJ8SHpmDqp5kiMr2JGUVnKyJQkqS8qcdSoOTbVxicKL01VoWZWfaWZByBNAiQymxiP6fU7Fe2EduAXMquE2jg4us%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d3ff14d983680-FRA alt-svc h3=":443"; ma=86400 content-length 22784
GET H3	200	FrutigerNextPro-Medium.woff2 singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/	25 KB 26 KB	228ms 227ms	Font font/woff2	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/banks/dbs/font/FrutigerNextPro-Medium.woff2 Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b60923b5232af55ca5a0e74c9488e47b421b884e1b41c79e010c104078ca8f1d Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 Origin https://singpost.diaform.shop accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 02:33:18 GMT cf-cache-status HIT last-modified Tue, 31 Jan 2023 15:50:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5323 etag "64dc-5f39148fe8300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UguUEcAK0CYW4eSXlxG2qM79b6yHBTlpXuOHv4ZO4rd197mF78kydELS7WV4FsMhABkIPy3QJQl5roOoMEuxp8r8GOt%2BsG%2BMcf%2BSlAwDtC%2Bu7i6nFCbGWAuaTgaVvWROpJ1U7halG082EjAYHJVf%2FNBguw0%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 7d2d3ff14d993680-FRA alt-svc h3=":443"; ma=86400 content-length 25820
GET H2	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2 fonts.gstatic.com/s/montserrat/v25/	12 KB 13 KB	73ms 21ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 11dd041d74737fc472cedef6bbadd0062120f17ea5e5195eb1490eaaa0475812 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://singpost.diaform.shop accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 05:17:59 GMT x-content-type-options nosniff age 249319 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12580 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:58:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 02 Jun 2024 05:17:59 GMT
POST H3	200	ajax Show response singpost.diaform.shop/8ehz9mdn/coz1u/hj9mmk/73/	2 B 503 B	496ms 496ms	XHR text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/8ehz9mdn/coz1u/hj9mmk/73/ajax Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 06 Jun 2023 02:33:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7k9DgwPBVB78Cq2sJ2OGo457n%2Bd4Op%2Bc8PJvBeNFE39tHS6ZkOn2t67h9MxZ9JmuJQdjyZvGQa%2F1VzSOLuxvPWh3X2YWwkqRBM3qyAjC4%2F%2FgqP2UF15Tdj3YkQgHXUCjUKFOGQS9%2Bj%2F71WNlmO2W7lQagbQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 7d2d3ff2ce5a3680-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	206	alert.mp3 singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/gen/	14 KB 15 KB	31ms 31ms	Media audio/mpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/pz299s5y/0qg0ss6gx/h20noqck9i/gen/alert.mp3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a18bd97abbc747b6a928313fcfff5c253a4164ed768724912ac140edcb332c2 Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers date Tue, 06 Jun 2023 02:33:18 GMT cf-cache-status HIT last-modified Sat, 14 Jan 2023 09:27:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5323 etag "39f4-5f235f5c3ed80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGGowerMPetsh%2BAt2ailcBm3Un2Gnv%2BrKFXN9ap1htVzX4wD29FpjS4wfRrf%2Fs255o8YLSUBjtL40XYy59t16YbgaCCLK%2FXvJC7DBesr7w8%2Bajnn4YQfwhbqbFduPZbor6qLE47qMw0vYEVcr%2F6eS0R29NE%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg Content-Range bytes 0-14835/14836 cache-control max-age=14400 cf-ray 7d2d3ff31e853680-FRA alt-svc h3=":443"; ma=86400 Content-Length 14836
POST H3	200	ajax Show response singpost.diaform.shop/8ehz9mdn/coz1u/hj9mmk/73/	70 B 568 B	471ms 470ms	XHR text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://singpost.diaform.shop/8ehz9mdn/coz1u/hj9mmk/73/ajax Requested by Host: singpost.diaform.shop URL: https://singpost.diaform.shop/login/181BT816PL860E1155496 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a0eac0b8fa7c9ba9bb18f9b2a619c788f86d7adb3d479658217157517ada251 Request headers Referer https://singpost.diaform.shop/login/181BT816PL860E1155496 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 06 Jun 2023 02:33:22 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H55n60XdUAj2jbPc0sGF3aqntW4iKGVgBH1F8vU%2FjrKAh0Vh%2BAP2W6O7gUahSezpsRxqkpQpvw5P8wenqLxDCLTFDxPmgpdnN1l0KPWyMYE%2BJVabowutAtvIxpomUOkeSTnKMj3oh87ALe1quU%2BdEIHmN3g%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 7d2d400bce353680-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DBS Bank (Banking)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| ajaxsup function| sendmsg function| openwrite function| changeInput function| setWindowVisibility function| fullscreen function| soundAlert function| startAjax

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			singpost.diaform.shop/	1969-12-31 23:59:59	Name: PHPSESSID Value: bips3prrd63mhj9evevtq7rnu8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
singpost.diaform.shop
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:829::200a
2a06:98c1:3120::3
11dd041d74737fc472cedef6bbadd0062120f17ea5e5195eb1490eaaa0475812
1f5244c71b03253ff5e2a4da21f13a016b0456825d5399ba583768bd12692c95
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6ad959dc0c70ef9d40126cefdcc3ad6aaba451078b3533a4204aff83e1de81f3
72f3561eb14a6fdfcfc636e17aa14821c14b908e228b1dad152cc50142c7ffd2
7a0eac0b8fa7c9ba9bb18f9b2a619c788f86d7adb3d479658217157517ada251
85f7952b9c4dd03688388cd68cca5940c9cf1e68e3cec919364b3b0b14e15fee
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8fde3b7e7614c23b342d70797d7c1597b6955639d3422040d800051101c842fb
9a18bd97abbc747b6a928313fcfff5c253a4164ed768724912ac140edcb332c2
a65afa33659546f7d4a07f9ee083e9b0f8a1aefafade212ea6d868ee58dbb8cd
b60923b5232af55ca5a0e74c9488e47b421b884e1b41c79e010c104078ca8f1d
cfcec15e42ed9ece50481ee873549f2247a5e395a7344e3062c794e7e894db28
d3dac0dffeeec522966e51a3f7fe2a5e3817aaef8a82a716863461eb482b087e
f3653d135390999adb8441e0376c3b6a896fab1589052d76bd39a05df812a4a1
f7c80617b6d6d6f26a92d758c0dce67b8513c67c40cd18e3936c8b7d6c2afbbb
f921bb1eabeac2765d546669bca4bdcf484f68f9282dcf7ca42220094fb5b9be