urlscan.io logo urlscan.io
SecurityTrails logo

my-post.site Open in urlscan Pro
2606:4700:3037::6815:4b3a  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://my-post.site/s
Effective URL: https://my-post.site/Singpass/login
Submission: On October 13 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3037::6815:4b3a, located in United States and belongs to CLOUDFLARENET, US. The main domain is my-post.site.
TLS certificate: Issued by E1 on October 7th 2022. Valid for: 3 months.
This is the only time my-post.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Singpass (Government)

Domain & IP information

IP Address AS Autonomous System
3 15 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 198.145.13.12 2044 (DF-PTL01)
2 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
40 7
15    2606:4700:3037::6815:4b3a (United States)

ASN13335 (CLOUDFLARENET, US)
my-post.site
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6810:dd1d (United States)

ASN13335 (CLOUDFLARENET, US)
static.getclicky.com
2    198.145.13.12 (Tualatin, United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com
in.getclicky.com
2    2a02:26f0:7100:592::236c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
saml.singpass.gov.sg
1    2a02:26f0:7100:587::236c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.singpass.gov.sg
Apex Domain
Subdomains		 Transfer
15 my-post.site
my-post.site
74 KB
4 getclicky.com
static.getclicky.com — Cisco Umbrella Rank: 12058
in.getclicky.com — Cisco Umbrella Rank: 9719
12 KB
3 singpass.gov.sg
saml.singpass.gov.sg — Cisco Umbrella Rank: 176365
www.singpass.gov.sg
7 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
56 KB
0 ip.sb Failed
api.ip.sb Failed
40 5
Domain Requested by
15 my-post.site 3 redirects cdnjs.cloudflare.com
my-post.site
2 saml.singpass.gov.sg my-post.site
saml.singpass.gov.sg
2 in.getclicky.com static.getclicky.com
2 static.getclicky.com my-post.site
2 cdnjs.cloudflare.com my-post.site
1 www.singpass.gov.sg my-post.site
0 api.ip.sb Failed cdnjs.cloudflare.com
40 7

This site contains links to these domains. Also see Links.

Domain
www.gov.sg
www.singpass.gov.sg
go.gov.sg
www.tech.gov.sg
Subject Issuer Validity Valid
*.my-post.site
E1		 2022-10-07 -
2023-01-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.getclicky.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-01 -
2023-09-01		 a year crt.sh
singpass.gov.sg
DigiCert SHA2 Extended Validation Server CA		 2022-07-01 -
2023-07-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://my-post.site/Singpass/login
Frame ID: 08BA9860121165FCD2C651AB22EBF5E2
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Singpass login

Page URL History Show full URLs

  1. http://my-post.site/s HTTP 301
    https://my-post.site/s HTTP 302
    https://my-post.site/token?page=singpass Page URL
  2. https://my-post.site/token HTTP 302
    https://my-post.site/Singpass/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • static\.getclicky\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

53 %
HTTPS

83 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

146 kB
Transfer

393 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my-post.site/s HTTP 301
    https://my-post.site/s HTTP 302
    https://my-post.site/token?page=singpass Page URL
  2. https://my-post.site/token HTTP 302
    https://my-post.site/Singpass/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://my-post.site/s HTTP 301
  • https://my-post.site/s HTTP 302
  • https://my-post.site/token?page=singpass

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
token
my-post.site/
Redirect Chain
  • http://my-post.site/s
  • https://my-post.site/s
  • https://my-post.site/token?page=singpass
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my-post.site/token?page=singpass
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00c1d31b9366166dda4d45f1b3747cba11f585de596c0e077830b509c039fa0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
759842c22d4a91d1-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 13:00:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5ZEmcTyZdg%2FrqWC6aVP4uxuBI4K18ud8S7w4c%2Fe3u53%2BEg8bQMRD178VZarfU52HfskAwqpubdqdMUvuWfS3PyRm6PtGKeihUrhn3pXG%2BHYR%2FRX3qZFygWAhHDti7spt9BP75Hj3X%2Bm4dM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
759842bd4c5e91d1-FRA
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 13:00:53 GMT
location
https://my-post.site/token?page=singpass
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80E2AfJQTAxLpc2xhcaHHZJpfs%2F%2Fy47NWl1xFhrDmRD7HnJtfvd4AigfsTHAXMq15vvfhkVhYHSRVK5MlNrmOMkhNNGhX0FzmNvbvQBZFt5Iw%2F0gmPBauWFw4IoYlz%2FEveXrzliSoKgQMHg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: my-post.site
URL: https://my-post.site/token?page=singpass
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:00:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3006292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cqSsWSHu5%2F31h8o%2Fry2HH5qZfp2lUlVgOSgijepVH2bvmhr%2BbRwyGfHaOMOhl3SY3AgO3y80zT5iSUekJRcCvYK0PTJK9WBN1Jgjmiddtu7UG2HyT8Bll2UnDDsJnqB5xS2pw1aeXL76VYWtwqPghsV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759842c55c00906c-FRA
expires
Tue, 03 Oct 2023 13:00:53 GMT
101374574.js
static.getclicky.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getclicky.com/101374574.js
Requested by
Host: my-post.site
URL: https://my-post.site/token?page=singpass
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4498529864a6f667b5fb2324496b180eaf01e1744e61ed01a370a9edaab31c78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Wed, 19 Oct 2022 08:48:49 GMT
date
Thu, 13 Oct 2022 13:00:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 08:48:49 GMT
server
cloudflare
age
101525
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
759842c54d409028-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-proxy-cache
MISS
token
my-post.site/ 		12 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my-post.site/token
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Referer
https://my-post.site/token?page=singpass
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
token
BlrjAUUYtne5XtGYzkpAgIipk0ugCF4uRC1fJj3g

Response headers

date
Thu, 13 Oct 2022 13:00:54 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1ee1Rr%2Fx%2BNGgpaArbVYdFliUg3OZv5Ta3EhfrK5DjfiGlQAWIbrGVMjL1N520QFtc5g5jbkTWlgQo3bua1i0atkpSi4E38e%2BSPq7rXedHDbMpdGGFDBAnOIo2LNHwLNq1A%2Fi971Jc4hG7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
759842c5a8e29b6a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
in.php
in.getclicky.com/ 		133 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.getclicky.com/in.php?site_id=101374574&type=pageview&href=%2Ftoken%3Fpage%3Dsingpass&title=loading&res=1600x1200&lang=en-US&tz=Etc%2FUnknown&tc=&ck=1&mime=js&x=0.09548869348590161
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/101374574.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.145.13.12 Tualatin, United States, ASN2044 (DF-PTL01, US),
Reverse DNS
getclicky.com
Software
nginx /
Resource Hash
b868889c448fefd94d622cf3b6854ea3823dc77091d468fc17dbb71f9a5a6d7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:00:54 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
Primary Request login
my-post.site/Singpass/
Redirect Chain
  • https://my-post.site/token
  • https://my-post.site/Singpass/login
91 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my-post.site/Singpass/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7b1cdb1a28a795534763c895dbcecb97cae6a66f9320a89cc9e80112e9cd747
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://my-post.site
Referer
https://my-post.site/token?page=singpass
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
759842cdbc199b6a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 13:00:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJLLTnIcFLZaC%2F%2FJTacYItZelSBp557vk9qvboj7rY8sHjhe6Qj%2BPnHcZVkNCxzQUrDlqMC8nB4SxRg5OORP5YAn3bJUtl9BSRIxG%2B4eMMQvVsCASovHb%2BhvcNPPR8tEdwcgYKQEKtrw%2FlU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
759842cb2d7a9b6a-FRA
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 13:00:55 GMT
location
https://my-post.site/Singpass/login
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QeEdHS0IrNIpm8jENiTtkGITf8J%2B1tDUT9I3H%2FaLxxMaPBZk%2FAIwa5a4s4ImkNcGP1SsPJYEyKL0RZEfwdX8MG6VSh693zWnWqmk0obaESHSGRKpke%2B74UgiaoTYn84RI6lzBm7v5TB6xE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
font.css
saml.singpass.gov.sg/spservice/assets/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saml.singpass.gov.sg/spservice/assets/font.css
Requested by
Host: my-post.site
URL: https://my-post.site/Singpass/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:592::236c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8f4e072e82bb96411b4610c45c3b6311e3590d640c53e049e3bfee5430f19d71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
psIL7vW2CT6f.BhAk8FGVWaI33A0jfDk
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Thu, 13 Oct 2022 13:00:56 GMT
Content-Encoding
gzip
x-amz-request-id
BPBTCKC4953W0V3D
x-amz-server-side-encryption
AES256
Connection
keep-alive
Server-Timing
cdn-cache; desc=HIT, edge; dur=1
Content-Length
902
x-amz-id-2
tD+Ha6LFt6ijKaOIiKpSIhBAjxnbMGl9GuilwkcTJ1VlebPZGC5fsWejvX5BQpzZyY6SmPcVOtI=
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 29 Sep 2022 15:46:21 GMT
Server
nginx
ETag
W/"d69d3165bab7ae26a598a95b6447b01e"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
2.cbe4ed89.chunk.css
saml.singpass.gov.sg/spservice/static/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saml.singpass.gov.sg/spservice/static/css/2.cbe4ed89.chunk.css
Requested by
Host: my-post.site
URL: https://my-post.site/Singpass/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:592::236c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0eff3b2c44de643b10f16757c48f8445d16d93d527981e9625027aa33c28db67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
GClSWzPPzUfy8YWMIaJwjixEbqa6MPbE
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Thu, 13 Oct 2022 13:00:56 GMT
Content-Encoding
gzip
x-amz-request-id
7J9NQVJCB8GHHWRZ
x-amz-server-side-encryption
AES256
Connection
keep-alive
Server-Timing
cdn-cache; desc=HIT, edge; dur=3
Content-Length
414
x-amz-id-2
DpsOpi1rcTKDTxsi6zMvVfB2tuUWV7G8aFvcgSl1kMRcvSwImwWLNF3mMdxd8oEFB8qKr+9tiDo=
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 29 Sep 2022 15:46:24 GMT
Server
nginx
ETag
"2c965e6ec19945d22be2c2717c521d90"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: my-post.site
URL: https://my-post.site/Singpass/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:00:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2051449
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCFtEfrm18p6QY0WEyU54PHBffU4C3TTuUjPzOxfSkjU9CMd6bg6n0X8cHtdTO4sNVZ4BrdYVtxZd3g1FhXl%2B7Yk07y6sBR9wNUJrzZCQPfzJuH4kdFy1R7yncqLjFvLBOTNGcoADF7D391gQh8bdB8N"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759842d19c3a9bf4-FRA
expires
Tue, 03 Oct 2023 13:00:55 GMT
layer.js
my-post.site/layer/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my-post.site/layer/layer.js
Requested by
Host: my-post.site
URL: https://my-post.site/Singpass/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97e4941ceb1a7df7bcf5e9631b8d9e8f7b47d7ccb59b5ed3968380465e0e824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/Singpass/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:00:56 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 07 Oct 2022 08:34:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633fe485-58d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSWyVtF0MYY6U%2Fyq%2Fml4KPz88c5xCmiRkQBZXUVqjjj11mZpivdNqBxJ0UBCRbuIDf4B0gi03En%2FHsmSPxgHJqu1HTkYtIR8KNxEKCP6EyePgQ4tWwR11JUlIdOxbFBK0N2b6W6PELdAitw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
759842d2a87f9b6a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 14 Oct 2022 01:00:56 GMT
singpass-logo.bdceeae1.svg
my-post.site/Singpass/Singpass%20login_files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my-post.site/Singpass/Singpass%20login_files/singpass-logo.bdceeae1.svg
Requested by
Host: my-post.site
URL: https://my-post.site/Singpass/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/Singpass/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:00:57 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9itZ9FJENnFSqvl%2FOX4vxvL7MWAeOVD0nnrxAiBcooEU5fO0oK1TVDEtqWHJL8HJ1aEdfKwaA0sGd7Qe2rZ6DAaNtVCF27SSQX1nEUbYQn2yc5R2BNmSzHhreTi%2BTbFSPQuaX1km5OPRiMg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
759842d2a8829b6a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
text-increase.145081dd.svg
my-post.site/Singpass/Singpass%20login_files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my-post.site/Singpass/Singpass%20login_files/text-increase.145081dd.svg
Requested by
Host: my-post.site
URL: https://my-post.site/Singpass/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/Singpass/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:00:57 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLOjQ073H98Hi0t3a39mV1iH1mOwps81cJN5g7h8ZmoVUc5A6ooVQyB4HrRCNTvHOMGQTRWWrkmYYrOyiJLxGg%2Fkq%2BicOXawUQPKi4j0xExLsIogEor20npOkws7diHxMrKZutLCfzBXkjE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
759842d2a88d9b6a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
text-original.6c7f0710.svg
my-post.site/Singpass/Singpass%20login_files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my-post.site/Singpass/Singpass%20login_files/text-original.6c7f0710.svg
Requested by
Host: my-post.site
URL: https://my-post.site/Singpass/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/Singpass/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:00:57 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbz9xwKPEDMoyNnV4LKeG%2B2EShKLQiJ1PkKfSzXby0ticrttGait%2BJ%2FeJGV6FLnEmP7Hc4cylgJXuGA1z2Fb8cjw0hDa98jyn38wT0Dva8Fs4cN0PagmG2ar5vm3uenoEX5mfXoKJ0DMYbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
759842d2a8929b6a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
text-decrease.6ce30b7f.svg
my-post.site/Singpass/Singpass%20login_files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my-post.site/Singpass/Singpass%20login_files/text-decrease.6ce30b7f.svg
Requested by
Host: my-post.site
URL: https://my-post.site/Singpass/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/Singpass/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:00:56 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYjIsR9nVx7paD77rU6g2ZCaTStsNYVCzv4ijBQgPeFg%2B0MJHE7cwLr%2BcweQE6MkmaRiCybv7RIaLES3JzO2XTBk4QIbIOwLuaws06mNi%2BCJ0v8bFoD4uJTQPzlLaMtvP3FwykjuUnUwzGk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
759842d2a8959b6a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
print-icon.448368d9.svg
my-post.site/Singpass/Singpass%20login_files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my-post.site/Singpass/Singpass%20login_files/print-icon.448368d9.svg
Requested by
Host: my-post.site
URL: https://my-post.site/Singpass/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/Singpass/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:00:56 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xygbD%2Bu1odvgeJJClBKwewUSyr82q5MD0HUI7RJUnSOpCILRtrZe6051Y7PJ7Bgbyl4h5kPJlfUT47hqGZLQi4C2LqcI28jbi28%2FEr%2BQDj2%2FETaaFvWVXKnmzr2tS2h0cRKrK0rfpd85BbI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
759842d2a8969b6a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
search-icon.7144d50d.svg
my-post.site/Singpass/Singpass%20login_files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my-post.site/Singpass/Singpass%20login_files/search-icon.7144d50d.svg
Requested by
Host: my-post.site
URL: https://my-post.site/Singpass/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/Singpass/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:00:57 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BEGX269Ngvmu9yTRiRZstJFmXQ9GcMc1yzhhV08YhqHnqOGbgv2Q50smq8si%2F5mAlUP6SyXT3IdVcy5CTkNtLkJM3UD805cqqyOP9DHyCLSWE7qsgScT7q3aYjx%2Bamc4a%2BsjEMiQSPTWU4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
759842d2a8999b6a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
singpass-logo-white.b764b1833f822061230ff766e9f4198f.svg
www.singpass.gov.sg/home/ui/static/media/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.singpass.gov.sg/home/ui/static/media/singpass-logo-white.b764b1833f822061230ff766e9f4198f.svg
Requested by
Host: my-post.site
URL: https://my-post.site/Singpass/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:587::236c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
70c70d5702072f5c797ec57ff38d94e6fbb6b5793336788f06bba4b6a0d111ab
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://www.recaptcha.net/ https://www.gstatic.com/ https://www.googletagmanager.com https://www.google.com/ https://tagmanager.google.com https://*.demdex.net https://cm.everesttech.net https://wogadobeanalytics.sc.omtrdc.net https://cdn.iproov.app https://*.vica.gov.sg https://id.singpass.gov.sg https://bio-resources.singpass.gov.sg https://*.wogaa.sg blob:; img-src 'self' https://www.recaptcha.net/ https://www.gstatic.com/ https://wogadobeanalytics.sc.omtrdc.net https://www.google-analytics.com https://cm.everesttech.net https://dpm.demdex.net https://maps-b.onemap.sg https://maps-c.onemap.sg https://maps-a.onemap.sg https://docs.onemap.sg https://www.onemap.gov.sg/ https://cdn.iproov.app https://*.vica.gov.sg https://va.ecitizen.gov.sg/ https://id.singpass.gov.sg https://bio-resources.singpass.gov.sg data:; script-src 'self' https://www.recaptcha.net/ https://www.gstatic.com/ https://assets.adobedtm.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://cdn.iproov.app https://ajax.googleapis.com/ajax/libs/jquery/ https://*.vica.gov.sg https://www.google.com/recaptcha/ https://id.singpass.gov.sg https://bio-resources.singpass.gov.sg https://fa.singpass.gov.sg https://*.wogaa.sg 'unsafe-inline' 'unsafe-eval' data: blob:; font-src 'self' https://www.recaptcha.net https://www.gstatic.com https://fonts.gstatic.com https://cdn.iproov.app https://s3-us-west-2.amazonaws.com https://bio-resources.singpass.gov.sg https://assets.wogaa.sg/fonts/; style-src 'self' https://www.recaptcha.net/ https://www.gstatic.com/ https://dpm.demdex.net https://tagmanager.google.com https://cdn.iproov.app https://unpkg.com https://fonts.googleapis.com https://*.vica.gov.sg https://id.singpass.gov.sg https://assets.wogaa.sg/ 'unsafe-inline'; connect-src 'self' https://www.recaptcha.net/ https://www.gstatic.com/ https://dpm.demdex.net https://tagmanager.google.com https://wogadobeanalytics.sc.omtrdc.net https://www.google-analytics.com https://developers.onemap.sg https://cdn.iproov.app https://*.vica.gov.sg https://id.singpass.gov.sg https://bio-resources.singpass.gov.sg https://bio-stream.singpass.gov.sg https://*.wogaa.sg wss:; object-src 'none'; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' https://www.recaptcha.net/ https://www.gstatic.com/ https://www.googletagmanager.com https://www.google.com/ https://tagmanager.google.com https://*.demdex.net https://cm.everesttech.net https://wogadobeanalytics.sc.omtrdc.net https://cdn.iproov.app https://*.vica.gov.sg https://id.singpass.gov.sg https://bio-resources.singpass.gov.sg https://*.wogaa.sg blob:; img-src 'self' https://www.recaptcha.net/ https://www.gstatic.com/ https://wogadobeanalytics.sc.omtrdc.net https://www.google-analytics.com https://cm.everesttech.net https://dpm.demdex.net https://maps-b.onemap.sg https://maps-c.onemap.sg https://maps-a.onemap.sg https://docs.onemap.sg https://www.onemap.gov.sg/ https://cdn.iproov.app https://*.vica.gov.sg https://va.ecitizen.gov.sg/ https://id.singpass.gov.sg https://bio-resources.singpass.gov.sg data:; script-src 'self' https://www.recaptcha.net/ https://www.gstatic.com/ https://assets.adobedtm.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://cdn.iproov.app https://ajax.googleapis.com/ajax/libs/jquery/ https://*.vica.gov.sg https://www.google.com/recaptcha/ https://id.singpass.gov.sg https://bio-resources.singpass.gov.sg https://fa.singpass.gov.sg https://*.wogaa.sg 'unsafe-inline' 'unsafe-eval' data: blob:; font-src 'self' https://www.recaptcha.net https://www.gstatic.com https://fonts.gstatic.com https://cdn.iproov.app https://s3-us-west-2.amazonaws.com https://bio-resources.singpass.gov.sg https://assets.wogaa.sg/fonts/; style-src 'self' https://www.recaptcha.net/ https://www.gstatic.com/ https://dpm.demdex.net https://tagmanager.google.com https://cdn.iproov.app https://unpkg.com https://fonts.googleapis.com https://*.vica.gov.sg https://id.singpass.gov.sg https://assets.wogaa.sg/ 'unsafe-inline'; connect-src 'self' https://www.recaptcha.net/ https://www.gstatic.com/ https://dpm.demdex.net https://tagmanager.google.com https://wogadobeanalytics.sc.omtrdc.net https://www.google-analytics.com https://developers.onemap.sg https://cdn.iproov.app https://*.vica.gov.sg https://id.singpass.gov.sg https://bio-resources.singpass.gov.sg https://bio-stream.singpass.gov.sg https://*.wogaa.sg wss:; object-src 'none'; frame-ancestors 'none';
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Thu, 13 Oct 2022 13:00:56 GMT
Content-Encoding
gzip
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
1797
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 27 Sep 2022 05:27:20 GMT
Server
nginx
ETag
"633289b8-1176"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
image/svg+xml
Accept-Ranges
bytes
101374574.js
static.getclicky.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getclicky.com/101374574.js
Requested by
Host: my-post.site
URL: https://my-post.site/Singpass/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4498529864a6f667b5fb2324496b180eaf01e1744e61ed01a370a9edaab31c78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 20 Oct 2022 02:59:57 GMT
date
Thu, 13 Oct 2022 13:00:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 13 Oct 2022 02:59:57 GMT
server
cloudflare
age
36059
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
759842d2df169a1e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-proxy-cache
HIT
truncated
/ 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27ca3c00c616112fad5bc83bbdc7cc77a0ff31b6781fbd091257a5f346a9ebea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		139 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cd0d7b8b6c66ea3ee946c659c3c2405078bec0f0f352d694c3ea86043ca2cd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0ba0dbb5319276b718f3da1de064df4687d8c7705b813592d2bb2bd74de2d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
landing-bg-img.82ae0b28.jpg
my-post.site/Singpass/static/media/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my-post.site/Singpass/static/media/landing-bg-img.82ae0b28.jpg
Requested by
Host: my-post.site
URL: https://my-post.site/Singpass/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/Singpass/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:00:56 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfsxAT9dc2b3sAggx%2FZ93lauWbWh9iBuHjy%2B2%2BXSvbTbh0svUOLmoan6Xrpovgur5NJtnQctJ9qZ2sClRu6OkXp3efyRC4Yf0m%2F5a%2F0Mx02qoGzL4N%2Fazq%2Bs78sphSpivf6iMTUQ1Ep6Tc0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
759842d2a89c9b6a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
poppins-latin-400-normal.5b8f3ba8.woff2
saml.singpass.gov.sg/spservice/static/media/ 		0
0
poppins-v15-latin-500.woff2
saml.singpass.gov.sg/spservice/assets/ 		0
0
poppins-v15-latin-300.woff2
saml.singpass.gov.sg/spservice/assets/ 		0
0
poppins-v15-latin-600.woff2
saml.singpass.gov.sg/spservice/assets/ 		0
0
poppins-v15-latin-700.woff2
saml.singpass.gov.sg/spservice/assets/ 		0
0
poppins-all-400-normal.d9177076.woff
saml.singpass.gov.sg/spservice/static/media/ 		0
0
poppins-v15-latin-500.woff
saml.singpass.gov.sg/spservice/assets/ 		0
0
poppins-v15-latin-600.woff
saml.singpass.gov.sg/spservice/assets/ 		0
0
poppins-v15-latin-300.woff
saml.singpass.gov.sg/spservice/assets/ 		0
0
poppins-v15-latin-700.woff
saml.singpass.gov.sg/spservice/assets/ 		0
0
poppins-v15-latin-500.ttf
saml.singpass.gov.sg/spservice/assets/ 		0
0
poppins-v15-latin-600.ttf
saml.singpass.gov.sg/spservice/assets/ 		0
0
poppins-v15-latin-300.ttf
saml.singpass.gov.sg/spservice/assets/ 		0
0
poppins-v15-latin-regular.woff2
saml.singpass.gov.sg/spservice/assets/ 		0
0
poppins-v15-latin-700.ttf
saml.singpass.gov.sg/spservice/assets/ 		0
0
poppins-v15-latin-regular.woff
saml.singpass.gov.sg/spservice/assets/ 		0
0
poppins-v15-latin-regular.ttf
saml.singpass.gov.sg/spservice/assets/ 		0
0
in.php
in.getclicky.com/ 		133 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.getclicky.com/in.php?site_id=101374574&type=pageview&href=%2FSingpass%2Flogin&title=Singpass%20login&res=1600x1200&lang=en-US&tz=Etc%2FUnknown&tc=&ck=1&jsuid=2453094311&mime=js&x=0.31578047615578075
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/101374574.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.145.13.12 Tualatin, United States, ASN2044 (DF-PTL01, US),
Reverse DNS
getclicky.com
Software
nginx /
Resource Hash
8bad1be46835277792f66753503cd45666687b6f5f7efa2ef386788e5e4e0047

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:00:56 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
layer.css
my-post.site/layer/theme/default/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my-post.site/layer/theme/default/layer.css?v=3.5.1
Requested by
Host: my-post.site
URL: https://my-post.site/layer/layer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-post.site/Singpass/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:00:57 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 07 Oct 2022 08:34:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633fe488-37bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvxFORvH5DnwuFyBY694UhiJyoZKHNoezBhvaHpR%2B9sZWoHXT05X%2F3XIGzgirhnfySmlF59JmAeQi5HyszEuPCy8BYphPdEt2DQ8kqqMxxhqP1gXvxJKdzuxuZB9Kr23MMlJfUjZyW26zPI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
759842d6290c9b6a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 14 Oct 2022 01:00:57 GMT
geoip
api.ip.sb/ 		0
0
command
my-post.site/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/static/media/poppins-latin-400-normal.5b8f3ba8.woff2
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-500.woff2
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-300.woff2
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-600.woff2
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-700.woff2
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/static/media/poppins-all-400-normal.d9177076.woff
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-500.woff
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-600.woff
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-300.woff
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-700.woff
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-500.ttf
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-600.ttf
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-300.ttf
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-regular.woff2
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-700.ttf
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-regular.woff
Domain
saml.singpass.gov.sg
URL
https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-regular.ttf
Domain
api.ip.sb
URL
https://api.ip.sb/geoip?callback=jQuery35109582235852457881_1665666056096&_=1665666056097
Domain
my-post.site
URL
https://my-post.site/command?asn=null

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Singpass (Government)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery number| timmer object| clicky_obj object| clicky object| clicky_custom undefined| test object| clicky_site_ids object| _cgen object| _cgen_custom object| layer

3 Cookies

Domain/Path Name / Value
.my-post.site/ Name: _jsuid
Value: 2453094311
my-post.site/ Name: XSRF-TOKEN
Value: eyJpdiI6Imt0UzJiY1ZaaENrRk12cFZjWDFyekE9PSIsInZhbHVlIjoiODdaRCttdTlaSTZhbFNHeGlJdlFRMmIrOFd6WC9WOU1ieXJnV1RFODRHemN6VnNNZGtsWWFuRlRjZ3NZS3Zma1lROXhaSDVxSXdFV1ZzRGtVUE01MENSUE5FVnlRenpxb1ZHdWVQWGovOUpwQWJsYm5oQm4wcGdxR0hMUFRJRkoiLCJtYWMiOiI4NmJkN2RjN2ZiNWY3ODJiZjA5MGE0ZTY2YjNmN2MwMmMwM2EzMzNhZTliMTczNmQ0ZDNkNzk2MjJlMWM0MGUyIiwidGFnIjoiIn0%3D
my-post.site/ Name: laravel_session
Value: eyJpdiI6IkdDWW9LV1ljMkFMZnY1RVFHVEhZUmc9PSIsInZhbHVlIjoib204MVJzcWNqZ1FvS2ovb3d6VXFocCt2WTl0WGRWUG10eEpSbjZvSWpsRE1GWkJXbzV2eGJDVGhHNFpFWm9lZVh2eFNFQmN5NGF2VWVtdUFnVmNuL0hCcGQ3SDZvZUZrV296dVVwandZU1RPZnM2SktOMVlYRFJPdEVUYUo4NGkiLCJtYWMiOiJlZGE4OWQ5ODc3ZWY4MGQxNDc5ZDg4NTMyZTE4Yjg4MTNhMWNmOGIyYjQzOGRiZjJkMDMzMjQ5YmNkNDI2MmM0IiwidGFnIjoiIn0%3D

41 Console Messages

Source Level URL
Text
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/static/media/poppins-latin-400-normal.5b8f3ba8.woff2' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/static/media/poppins-latin-400-normal.5b8f3ba8.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-500.woff2' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-500.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-600.woff2' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-600.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-300.woff2' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-300.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-700.woff2' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-700.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-500.woff' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-500.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-600.woff' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-600.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-300.woff' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-300.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/static/media/poppins-all-400-normal.d9177076.woff' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/static/media/poppins-all-400-normal.d9177076.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-700.woff' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-700.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-600.ttf' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-600.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-500.ttf' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-500.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-300.ttf' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-300.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-regular.woff2' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-700.ttf' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-700.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-regular.woff' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-regular.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my-post.site/Singpass/login
Message:
Access to font at 'https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-regular.ttf' from origin 'https://my-post.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-regular.ttf
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://my-post.site/Singpass/static/media/landing-bg-img.82ae0b28.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://my-post.site/Singpass/Singpass%20login_files/print-icon.448368d9.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://my-post.site/Singpass/Singpass%20login_files/text-decrease.6ce30b7f.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://my-post.site/Singpass/Singpass%20login_files/search-icon.7144d50d.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://my-post.site/Singpass/Singpass%20login_files/singpass-logo.bdceeae1.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://my-post.site/Singpass/Singpass%20login_files/text-original.6c7f0710.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://my-post.site/Singpass/Singpass%20login_files/text-increase.145081dd.svg
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ip.sb
cdnjs.cloudflare.com
in.getclicky.com
my-post.site
saml.singpass.gov.sg
static.getclicky.com
www.singpass.gov.sg
api.ip.sb
my-post.site
saml.singpass.gov.sg
198.145.13.12
2606:4700:3037::6815:4b3a
2606:4700::6810:dd1d
2606:4700::6811:190e
2a02:26f0:7100:587::236c
2a02:26f0:7100:592::236c
00c1d31b9366166dda4d45f1b3747cba11f585de596c0e077830b509c039fa0b
0eff3b2c44de643b10f16757c48f8445d16d93d527981e9625027aa33c28db67
27ca3c00c616112fad5bc83bbdc7cc77a0ff31b6781fbd091257a5f346a9ebea
3cd0d7b8b6c66ea3ee946c659c3c2405078bec0f0f352d694c3ea86043ca2cd5
4498529864a6f667b5fb2324496b180eaf01e1744e61ed01a370a9edaab31c78
5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540
70c70d5702072f5c797ec57ff38d94e6fbb6b5793336788f06bba4b6a0d111ab
8bad1be46835277792f66753503cd45666687b6f5f7efa2ef386788e5e4e0047
8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968
8f4e072e82bb96411b4610c45c3b6311e3590d640c53e049e3bfee5430f19d71
a97e4941ceb1a7df7bcf5e9631b8d9e8f7b47d7ccb59b5ed3968380465e0e824
b0ba0dbb5319276b718f3da1de064df4687d8c7705b813592d2bb2bd74de2d93
b868889c448fefd94d622cf3b6854ea3823dc77091d468fc17dbb71f9a5a6d7f
c7b1cdb1a28a795534763c895dbcecb97cae6a66f9320a89cc9e80112e9cd747
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d