dictionarromanfrancez.net
Open in
urlscan Pro
47.254.193.125
Malicious Activity!
Public Scan
Effective URL: https://dictionarromanfrancez.net/Login.php
Submission: On May 03 via api from SG — Scanned from ES
Summary
TLS certificate: Issued by R3 on May 3rd 2022. Valid for: 3 months.
This is the only time dictionarromanfrancez.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DBS Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.36.201.119 54.36.201.119 | 16276 (OVH) (OVH) | |
1 16 | 47.254.193.125 47.254.193.125 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
1 | 2606:4700::68... 2606:4700::6810:a010 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 198.145.13.13 198.145.13.13 | 2044 (DF-PTL01) (DF-PTL01) | |
17 | 3 |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
dictionarromanfrancez.net |
ASN2044 (DF-PTL01, US)
PTR: getclicky.com
in.getclicky.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
dictionarromanfrancez.net
1 redirects
dictionarromanfrancez.net |
1 MB |
2 |
getclicky.com
static.getclicky.com — Cisco Umbrella Rank: 13758 in.getclicky.com — Cisco Umbrella Rank: 11000 |
6 KB |
1 |
urla.ws
1 redirects
urla.ws |
563 B |
17 | 3 |
Domain | Requested by | |
---|---|---|
16 | dictionarromanfrancez.net |
1 redirects
dictionarromanfrancez.net
|
1 | in.getclicky.com |
static.getclicky.com
|
1 | static.getclicky.com |
dictionarromanfrancez.net
|
1 | urla.ws | 1 redirects |
17 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dbs.com.sg |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cshgml.com R3 |
2022-05-03 - 2022-08-01 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-05 - 2022-07-04 |
a year | crt.sh |
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA |
2020-08-03 - 2022-08-03 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://dictionarromanfrancez.net/Login.php
Frame ID: 4D236B9B08108C9CD8E1C3AB05B86F27
Requests: 10 HTTP requests in this frame
Frame:
https://dictionarromanfrancez.net/DBS_filez/iframe.htm
Frame ID: 802EE2F387B7C9A815D50C25C9306C42
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
DBS iBankingPage URL History Show full URLs
-
http://urla.ws/OdLhvJ
HTTP 301
https://dictionarromanfrancez.net/?utm_source=inbound&utm_medium=other&utm_campaign=Singapore&i=ODM5NTM= HTTP 302
https://dictionarromanfrancez.net/Login.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Clicky (Analytics) Expand
Detected patterns
- static\.getclicky\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: here
Search URL Search Domain Scan URL
Title: Security & You
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://urla.ws/OdLhvJ
HTTP 301
https://dictionarromanfrancez.net/?utm_source=inbound&utm_medium=other&utm_campaign=Singapore&i=ODM5NTM= HTTP 302
https://dictionarromanfrancez.net/Login.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Login.php
dictionarromanfrancez.net/ Redirect Chain
|
39 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
themes_login.css
dictionarromanfrancez.net/DBS_filez/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
language_login.css
dictionarromanfrancez.net/DBS_filez/css/ |
3 KB 959 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
dictionarromanfrancez.net/DBS_filez/css/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
dictionarromanfrancez.net/DBS_filez/js/ |
87 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktoplogo.jpg
dictionarromanfrancez.net/DBS_filez/img/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
101350339.js
static.getclicky.com/ |
15 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.htm
dictionarromanfrancez.net/DBS_filez/ Frame 802E |
4 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frutigernextlt-light-webfont.woff
dictionarromanfrancez.net/DBS_filez/fonts/ |
22 KB 22 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FrutigerNextPro-Medium.woff2
dictionarromanfrancez.net/DBS_filez/fonts/ |
25 KB 25 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
dictionarromanfrancez.net/DBS_filez/css/ Frame 802E |
131 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
themes.css
dictionarromanfrancez.net/DBS_filez/css/ Frame 802E |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
language.css
dictionarromanfrancez.net/DBS_filez/css/ Frame 802E |
2 KB 862 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enhanced.css
dictionarromanfrancez.net/DBS_filez/css/ Frame 802E |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Night.jpg
dictionarromanfrancez.net/DBS_filez/img/ Frame 802E |
896 KB 898 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dbsicons.woff
dictionarromanfrancez.net/DBS_filez/fonts/ Frame 802E |
2 KB 2 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in.php
in.getclicky.com/ |
133 B 356 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DBS Bank (Banking)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery object| webkitEventStorage function| AbortSignalRenderer object| clicky_obj object| clicky object| clicky_custom undefined| test object| clicky_site_ids object| _cgen object| _cgen_custom3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.urla.ws/OdLhvJ | Name: cid Value: 83953 |
|
dictionarromanfrancez.net/ | Name: PHPSESSID Value: fdeqsgoi8e7i95vs8iv9knhp46 |
|
.dictionarromanfrancez.net/ | Name: _jsuid Value: 2291362220 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dictionarromanfrancez.net
in.getclicky.com
static.getclicky.com
urla.ws
198.145.13.13
2606:4700::6810:a010
47.254.193.125
54.36.201.119
1b50a9b493cabf289101372c147a9602c3be1784632d66f75ba8e47caed1f682
1f5244c71b03253ff5e2a4da21f13a016b0456825d5399ba583768bd12692c95
438f8954ef65fde354aff393a9eef3979b517392b3a7613e43f8151e6c5eca32
50f7668a4b056adc343957ef61050731841f505337c2945526358bc51f166740
51865ffcdb034bfda54cea8ae1752cfaa6476adabaf319e2697d68bb74bb767b
540ee096bbfc81730a4e2208f64f79161a4153af18c16b7c2d45147a360fec91
598b132459fc9c44390842438537cfe99a72fcceb112462033b706d71987b02f
6997e0f41b077dd9b56d962701ccbc02421fa35456c1ce77c3512c5da6ac96f1
6a742ea33fa83374ba023a16ac9512d12b34d4fb4422e010c62fcc871949aef9
8fde3b7e7614c23b342d70797d7c1597b6955639d3422040d800051101c842fb
9e93a2a40b22900dfb76bf7898c95dec13e34fe47bb143bbc40210258a6d813a
acd134fba40d04e91fdd3c0ab53ef59080b2283d60ab63fc557fa41e92d77d3b
b60923b5232af55ca5a0e74c9488e47b421b884e1b41c79e010c104078ca8f1d
b938693d635c28774b136c9b1a648618130789c04258170b56f4eae91053f3ff
f79ef6be6d1aaf6aaf955a8eba176ca38cae7912ba9254419135764be74e4b72
f7c80617b6d6d6f26a92d758c0dce67b8513c67c40cd18e3936c8b7d6c2afbbb
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e