faschooler.id Open in urlscan Pro
103.24.13.91 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://faschooler.id/zpp/1/login.htm
Submission: On February 22 via automatic, source phishtank (February 22nd 2017, 2:36:02 pm UTC)

Summary HTTP 30 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 30 HTTP transactions. The main IP is 103.24.13.91, located in Indonesia and belongs to IDNIC-CBNCLOUD-AS-ID PT. Cyberindo Mega Persada, ID. The main domain is faschooler.id.

This is the only time faschooler.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: United Overseas Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3	103.24.13.91 103.24.13.91	132644 (IDNIC-CBN...) (IDNIC-CBNCLOUD-AS-ID PT. Cyberindo Mega Persada)
17	61.8.33.41 61.8.33.41	() ()
1	203.116.108.165 203.116.108.165	4657 (STARHUBIN...) (STARHUBINTERNET-AS StarHub Internet Exchange)
30	4

3 103.24.13.91 (Indonesia)

ASN132644 (IDNIC-CBNCLOUD-AS-ID PT. Cyberindo Mega Persada, ID)
PTR: server3.e-cbncloud.co.id

faschooler.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 61.8.33.41 (Australia)

ASN- ()
PTR: ip-61-8-33-41.asianetcom.net

pib.uob.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.116.108.165 (Singapore, Singapore)

ASN4657 (STARHUBINTERNET-AS StarHub Internet Exchange, SG)

uniservices1.uobgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	uob.com.sg pib.uob.com.sg	1 MB
3	faschooler.id faschooler.id	22 KB
1	uobgroup.com uniservices1.uobgroup.com	44 KB
30	3

	Domain	Requested by
17	pib.uob.com.sg	faschooler.id
3	faschooler.id	pib.uob.com.sg
1	uniservices1.uobgroup.com	faschooler.id
30	3

This site contains links to these domains. Also see Links.

Domain
www.uob.com.sg
uniservices1.uobgroup.com

Subject Issuer	Validity	Valid
pib.uob.com.sg Symantec Class 3 Secure Server CA - G4	`2016-09-07` - `2017-10-07`	a year	crt.sh
uniservices1.uobgroup.com Symantec Class 3 Secure Server CA - G4	`2016-10-18` - `2017-11-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://faschooler.id/zpp/1/login.htm
Frame ID: 10746.1
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

30
Requests

60 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1483 kB
Transfer

2127 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.uob.com.sg/personal/index.html
Title:

Search URL Search Domain Scan URL

URL: https://uniservices1.uobgroup.com/secure/forms/url_redirection.jsp?CC=SG&URL=http://www.cnbc.com/lasting-legacy

Search URL Search Domain Scan URL

URL: https://uniservices1.uobgroup.com/uobforms/POR/index.page?type=reset-password
Title: here

Search URL Search Domain Scan URL

URL: https://uniservices1.uobgroup.com/uobforms/POR/index.page?type=registration
Title: Register now!

Search URL Search Domain Scan URL

URL: http://www.uob.com.sg/assets/pdfs/personal/ebanking/pubtnc.pdf
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://www.uob.com.sg/privacy/index.html
Title: Privacy & Security

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login.htm Show response
faschooler.id/zpp/1/ 21 KB
21 KB 589ms
295ms Document
text/html 103.24.13.91
IDNIC-CBNCLOUD-AS...

General

Check archive.org

Show headers Download Go to

Full URL: http://faschooler.id/zpp/1/login.htm
Protocol: HTTP/1.1
Server: 103.24.13.91 , Indonesia, ASN132644 (IDNIC-CBNCLOUD-AS-ID PT. Cyberindo Mega Persada, ID),
Reverse DNS: server3.e-cbncloud.co.id
Software: Apache /
Resource Hash: 483c429626b8dc3ee19995abf2332d27fabf3791ed101611958d517fd23912e2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: faschooler.id
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Feb 2017 14:35:42 GMT
Last-Modified: Tue, 27 Dec 2016 10:07:46 GMT
Server: Apache
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 21735

GET
H/1.1 200
OK Cookie set UOBApplet.js Show response
pib.uob.com.sg/PIBLogin/js/ 21 KB
7 KB 1852ms
545ms Script
application/javascript 61.8.33.41

General

Check archive.org

Show headers Download Go to

Full URL

https://pib.uob.com.sg/PIBLogin/js/UOBApplet.js

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

19bf20390e1dc23a9465cf509037bb179c65e714bb305cd74a96c99ab44b1d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://faschooler.id/zpp/1/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 07 Oct 2015 15:22:22 GMT
X-Frame-Options: SAMEORIGIN
ETag: "20785-52d5-52185501d0780"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: max-age=1800,public
Date: Wed, 22 Feb 2017 14:35:47 GMT
Set-Cookie: TS01db599e=01264305ebdea6baaad9b670eecd32dd8df1f075b8d46db9a6e93016fef545140cfd93ab44; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 7042
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set pib_user_password.js Show response
pib.uob.com.sg/PIBLogin/js/ 9 KB
2 KB 1587ms
281ms Script
application/javascript 61.8.33.41

General

Check archive.org

Show headers Download Go to

Full URL

https://pib.uob.com.sg/PIBLogin/js/pib_user_password.js?v=1

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

cd108d3257ed9c47d1ecdb582ee5a7a99b9ce77d4721fd986178db9bf0ea1692

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://faschooler.id/zpp/1/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 07 Oct 2015 15:22:22 GMT
X-Frame-Options: SAMEORIGIN
ETag: "234da-22da-52185501d0780"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: max-age=1800,public
Date: Wed, 22 Feb 2017 14:35:47 GMT
Set-Cookie: TS01db599e=01264305eb98156540dd3f040170e592ced0fda1feb8c227b267f0f3a4d9dc9b59835eb1ed; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 2299
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set PIBValidation.js Show response
pib.uob.com.sg/PIBLogin/js/ 20 KB
4 KB 1610ms
303ms Script
application/javascript 61.8.33.41

General

Check archive.org

Show headers Download Go to

Full URL

https://pib.uob.com.sg/PIBLogin/js/PIBValidation.js?v=1

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

db98d5b8f9575e4a482f123c67301c6e08c0548ee10ec00145762c50a6becda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://faschooler.id/zpp/1/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 07 Oct 2015 15:22:22 GMT
X-Frame-Options: SAMEORIGIN
ETag: "20786-4f38-52185501d0780"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: max-age=1800,public
Date: Wed, 22 Feb 2017 14:35:47 GMT
Set-Cookie: TS01db599e=01264305eb583ce5ebbec8898715bb575191a6ffc1549192ab6d6253d1b3ab52e3c354863d; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 4152
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set pib.js Show response
pib.uob.com.sg/PIBLogin/resources/js/ 264 KB
74 KB 1882ms
576ms Script
application/javascript 61.8.33.41

General

Check archive.org

Show headers Download Go to

Full URL

https://pib.uob.com.sg/PIBLogin/resources/js/pib.js

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

1c9d1fab616521f2abc9cc5e230c9434cbcdd5598464e957907b9aacaf365f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://faschooler.id/zpp/1/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 15 Mar 2016 06:43:59 GMT
X-Frame-Options: SAMEORIGIN
ETag: "20698-41ee2-52e10b8d6e9c0"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: max-age=1800,public
Transfer-Encoding: chunked
Set-Cookie: TS01db599e=01264305eb0054e44c3b7d3a05d8d1ff70030f7fae81d43b415bb83535a9a8475bd11e8670; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Date: Wed, 22 Feb 2017 14:35:47 GMT
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set app.js Show response
pib.uob.com.sg/PIBLogin/resources/js/ 58 KB
13 KB 1869ms
282ms Script
application/javascript 61.8.33.41

General

Check archive.org

Show headers Download Go to

Full URL

https://pib.uob.com.sg/PIBLogin/resources/js/app.js

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

02555a045a4fb8bc64d49b758b56fdd36181ecfd599d1689a5d61bac4249736a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://faschooler.id/zpp/1/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 07 Oct 2015 15:22:23 GMT
X-Frame-Options: SAMEORIGIN
ETag: "20697-e906-52185502c49c0"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: max-age=1800,public
Date: Wed, 22 Feb 2017 14:35:47 GMT
Set-Cookie: TS01db599e=01264305eb75ee9ca536cadce3a5bbcc639cba54624fdfa088224a3b921ae7badc0fdbb855; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 13125
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set E2EApplet.js Show response
pib.uob.com.sg/PIBLogin/js/ 34 KB
11 KB 2150ms
544ms Script
application/javascript 61.8.33.41

General

Check archive.org

Show headers Download Go to

Full URL

https://pib.uob.com.sg/PIBLogin/js/E2EApplet.js

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

dfbc3e400a0b0a91a7baa1171a252f019891faafdf93d59c07aa0e58f6951102

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://faschooler.id/zpp/1/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 22 Sep 2016 03:02:38 GMT
X-Frame-Options: SAMEORIGIN
ETag: "20787-8731-53d0fe4eb8f80"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: max-age=1800,public
Date: Wed, 22 Feb 2017 14:35:47 GMT
Set-Cookie: TS01db599e=01264305ebbaa1483f92bc593ad5ce32fac62c378c3bc370119aa502e1fa1bab180810e1a6; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 11592
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set pib_login.js Show response
pib.uob.com.sg/PIBLogin/js/ 11 KB
3 KB 2121ms
274ms Script
application/javascript 61.8.33.41

General

Check archive.org

Show headers Download Go to

Full URL

https://pib.uob.com.sg/PIBLogin/js/pib_login.js

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

fc5d5a4a15386d6eab27891d4d099ff0b125f0649d1e2dbefc2b3e092cdf4589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://faschooler.id/zpp/1/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 09 Mar 2016 17:32:17 GMT
X-Frame-Options: SAMEORIGIN
ETag: "20781-2dd6-52da1144b0a40"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: max-age=1800,public
Date: Wed, 22 Feb 2017 14:35:47 GMT
Set-Cookie: TS01db599e=01264305eb0e18569a7d0696ff4693e972d23db6f9949f6c981757699d00444c2d724cb7b2; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 3127
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set e2escript.js Show response
pib.uob.com.sg/PIBLogin/js/ 7 KB
2 KB 2397ms
276ms Script
application/javascript 61.8.33.41

General

Check archive.org

Show headers Download Go to

Full URL

https://pib.uob.com.sg/PIBLogin/js/e2escript.js

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

8cc01a2324cf546fa781913b46cf84e84e3171d15a2d7a2a180a13edbc6d1dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://faschooler.id/zpp/1/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 07 Oct 2015 15:22:22 GMT
X-Frame-Options: SAMEORIGIN
ETag: "20783-1d73-52185501d0780"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: max-age=1800,public
Date: Wed, 22 Feb 2017 14:35:48 GMT
Set-Cookie: TS01db599e=01264305ebfcf4436f1468515ff927e7938f55e456061f14b09d7e764d24f079122c6021c9; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=98
Content-Length: 1881
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set pib.css
pib.uob.com.sg/PIBLogin/resources/css/ 219 KB
32 KB 1605ms
304ms Stylesheet
text/css 61.8.33.41

General

Check archive.org

Show headers Download Go to

Full URL

https://pib.uob.com.sg/PIBLogin/resources/css/pib.css

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

7f3e0827cd3c904a34a0d51555fcd8b39403bd4064a5aa127adb2c5a7a8abda6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://faschooler.id/zpp/1/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 07 Oct 2015 15:22:22 GMT
X-Frame-Options: SAMEORIGIN
ETag: "2077e-36bc2-52185501d0780"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: max-age=1800,public
Date: Wed, 22 Feb 2017 14:35:47 GMT
Set-Cookie: TS01db599e=01264305eb115c8b1579764e81e322126a66e50c8db97b6c3da2edd2d876f878a27cbabcb3; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 32854
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set app.css
pib.uob.com.sg/PIBLogin/resources/css/ 159 KB
26 KB 1865ms
564ms Stylesheet
text/css 61.8.33.41

General

Check archive.org

Show headers Download Go to

Full URL

https://pib.uob.com.sg/PIBLogin/resources/css/app.css

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

221c4b7567590bea37b844142d6b1ae70718ab4dbda3541e66e948e25da68134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://faschooler.id/zpp/1/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 09 Mar 2016 17:32:17 GMT
X-Frame-Options: SAMEORIGIN
ETag: "20778-27a97-52da1144b0a40"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: max-age=1800,public
Date: Wed, 22 Feb 2017 14:35:47 GMT
Set-Cookie: TS01db599e=01264305eb3a497dac29d73c0d8f5c47b7025a4f95b3e838f38d2ed1d2dcd72c81fdf6c20f; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 26900
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set login.js Show response
pib.uob.com.sg/PIBLogin/resources/js/pages/ 3 KB
815 B 2403ms
272ms Script
application/javascript 61.8.33.41

General

Check archive.org

Show headers Download Go to

Full URL

https://pib.uob.com.sg/PIBLogin/resources/js/pages/login.js

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

694b7af9843c3399a94e428a2af89bf25779c1e4dc8f1831b55adca2207748be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://faschooler.id/zpp/1/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 09 Mar 2016 17:32:18 GMT
X-Frame-Options: SAMEORIGIN
ETag: "2061c-abb-52da1145a4c80"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: max-age=1800,public
Date: Wed, 22 Feb 2017 14:35:48 GMT
Set-Cookie: TS01db599e=01264305ebbfbb5bce52e3a12a7a53d9b1b534f19a26a98023c0d5893a83ed4cf85cf5fc65; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=98
Content-Length: 815
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set poy-banner2.jpg
pib.uob.com.sg/PIBLogin/EN/resources/images/ 124 KB
124 KB 273ms
272ms Image
image/jpeg 61.8.33.41

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pib.uob.com.sg/PIBLogin/EN/resources/images/poy-banner2.jpg

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

0a7369aec49a6158cdb409269ea3f3f8ff0a8662f18c987df410bb9795e6e7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://faschooler.id/zpp/1/login.htm
Cookie: TS01db599e=01264305ebbfbb5bce52e3a12a7a53d9b1b534f19a26a98023c0d5893a83ed4cf85cf5fc65
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: "421ba-1f0de-5421b78df3ec0"
Last-Modified: Fri, 25 Nov 2016 07:57:23 GMT
Date: Wed, 22 Feb 2017 14:35:48 GMT
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1800,public
Set-Cookie: TS01db599e=01264305ebbfbb5bce52e3a12a7a53d9b1b534f19a26a98023c0d5893a83ed4cf85cf5fc65; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 127198
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set UOB_PB_Lasting_Legacy_PIBWeb_Banner_1280wX720hpx.jpg
pib.uob.com.sg/PIBLogin/EN/resources/images/ 666 KB
666 KB 284ms
283ms Image
image/jpeg 61.8.33.41

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pib.uob.com.sg/PIBLogin/EN/resources/images/UOB_PB_Lasting_Legacy_PIBWeb_Banner_1280wX720hpx.jpg

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

49332c783eb268a211617ee7193cc1b70648540b97b378507a5ab5ff77971b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://faschooler.id/zpp/1/login.htm
Cookie: TS01db599e=01264305ebbfbb5bce52e3a12a7a53d9b1b534f19a26a98023c0d5893a83ed4cf85cf5fc65
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: "40ccb-a6637-5394d93e3d400"
Last-Modified: Fri, 05 Aug 2016 06:57:20 GMT
Date: Wed, 22 Feb 2017 14:35:48 GMT
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1800,public
Set-Cookie: TS01db599e=01264305ebbfbb5bce52e3a12a7a53d9b1b534f19a26a98023c0d5893a83ed4cf85cf5fc65; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=97
Content-Length: 681527
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set nationalday16-1280x800px.jpg
pib.uob.com.sg/PIBLogin/EN/resources/images/ 445 KB
445 KB 288ms
287ms Image
image/jpeg 61.8.33.41

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pib.uob.com.sg/PIBLogin/EN/resources/images/nationalday16-1280x800px.jpg

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

e4553fe37a5e91f70eb69022f9be8cc6b40b9c62e35b51391dd4fa68d365a95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://faschooler.id/zpp/1/login.htm
Cookie: TS01db599e=01264305ebbfbb5bce52e3a12a7a53d9b1b534f19a26a98023c0d5893a83ed4cf85cf5fc65
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: "210f3-6f2b8-539503726a640"
Last-Modified: Fri, 05 Aug 2016 10:06:09 GMT
Date: Wed, 22 Feb 2017 14:35:48 GMT
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1800,public
Set-Cookie: TS01db599e=01264305ebbfbb5bce52e3a12a7a53d9b1b534f19a26a98023c0d5893a83ed4cf85cf5fc65; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=98
Content-Length: 455352
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set uob-main-logo.png
pib.uob.com.sg/PIBLogin/EN/resources/images/ 3 KB
3 KB 285ms
285ms Image
image/png 61.8.33.41

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pib.uob.com.sg/PIBLogin/EN/resources/images/uob-main-logo.png

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

b3651813f9a0642593f7f3abe8c17a00c1d5d9d5127ae7028b74788d0df3086a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://faschooler.id/zpp/1/login.htm
Cookie: TS01db599e=01264305ebbfbb5bce52e3a12a7a53d9b1b534f19a26a98023c0d5893a83ed4cf85cf5fc65
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: "4283f-abd-520de35eb60c0"
Last-Modified: Tue, 29 Sep 2015 08:00:43 GMT
Date: Wed, 22 Feb 2017 14:35:48 GMT
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1800,public
Set-Cookie: TS01db599e=01264305ebbfbb5bce52e3a12a7a53d9b1b534f19a26a98023c0d5893a83ed4cf85cf5fc65; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 2749
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set PIBValidation.js Show response
pib.uob.com.sg/PIBLogin/js/ 20 KB
4 KB 272ms
272ms Script
application/javascript 61.8.33.41

General

Check archive.org

Show headers Download Go to

Full URL

https://pib.uob.com.sg/PIBLogin/js/PIBValidation.js

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

db98d5b8f9575e4a482f123c67301c6e08c0548ee10ec00145762c50a6becda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://faschooler.id/zpp/1/login.htm
Cookie: TS01db599e=01264305ebbfbb5bce52e3a12a7a53d9b1b534f19a26a98023c0d5893a83ed4cf85cf5fc65
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 07 Oct 2015 15:22:22 GMT
X-Frame-Options: SAMEORIGIN
ETag: "20786-4f38-52185501d0780"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: max-age=1800,public
Date: Wed, 22 Feb 2017 14:35:48 GMT
Set-Cookie: TS01db599e=01264305ebbfbb5bce52e3a12a7a53d9b1b534f19a26a98023c0d5893a83ed4cf85cf5fc65; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=97
Content-Length: 4152
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set logo_footer.png
pib.uob.com.sg/PIBLogin/EN/resources/images/ 141 B
141 B 289ms
289ms Image
image/png 61.8.33.41

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pib.uob.com.sg/PIBLogin/EN/resources/images/logo_footer.png

Requested by

Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.8.33.41 , Australia, ASN (),

Reverse DNS

ip-61-8-33-41.asianetcom.net

Software

Resource Hash

5ef5c60f97f617985a774fb1cd1a23d85c5590bd7c1b315f72b437af397e2ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pib.uob.com.sg
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://faschooler.id/zpp/1/login.htm
Cookie: TS01db599e=01264305ebbfbb5bce52e3a12a7a53d9b1b534f19a26a98023c0d5893a83ed4cf85cf5fc65
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: "4340d-8d-520de40e2fec0"
Last-Modified: Tue, 29 Sep 2015 08:03:47 GMT
Date: Wed, 22 Feb 2017 14:35:48 GMT
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1800,public
Set-Cookie: TS01db599e=01264305ebbfbb5bce52e3a12a7a53d9b1b534f19a26a98023c0d5893a83ed4cf85cf5fc65; Path=/
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 141
PICS-Label: (PICS-1.1 r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))

GET
H/1.1 200
OK Cookie set analytics.js Show response
uniservices1.uobgroup.com/assets/js/ 44 KB
44 KB 1724ms
560ms Script
application/x-javascript 203.116.108.165
STARHUBINTERNET-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://uniservices1.uobgroup.com/assets/js/analytics.js
Requested by: Host: faschooler.id
URL: http://faschooler.id/zpp/1/login.htm
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 203.116.108.165 Singapore, Singapore, ASN4657 (STARHUBINTERNET-AS StarHub Internet Exchange, SG),
Reverse DNS
Software: /
Resource Hash: be918fc1aed8a78f88e8e815006d954f0501ae3ba046cf7d5c90f5b5c00e383f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: uniservices1.uobgroup.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://faschooler.id/zpp/1/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Feb 2017 14:35:49 GMT
Last-modified: Fri, 22 Jan 2016 10:03:39 GMT
Set-Cookie: TS0189c3a7=012486dc3fccc4400b446b115399373da3527c03be54ade600fea43cc8c0b8a1c918af846b; Path=/
Accept-ranges: bytes
Etag: "af30-56a1fe7b"
Content-length: 44848
Content-type: application/x-javascript

GET opensans-semibold.woff
pib.uob.com.sg/PIBLogin/resources/fonts/opensans/ 0
0

GET uobicons.woff
pib.uob.com.sg/PIBLogin/resources/fonts/ 0
0

GET opensans.woff
pib.uob.com.sg/PIBLogin/resources/fonts/opensans/ 0
0

GET opensans-light.woff
pib.uob.com.sg/PIBLogin/resources/fonts/opensans/ 0
0

GET uobicons.ttf
pib.uob.com.sg/PIBLogin/resources/fonts/ 0
0

GET HelveticaNeue-Bold.woff
pib.uob.com.sg/PIBLogin/resources/fonts/helveticaNeue/ 0
0

GET HelveticaNeue-Light.woff
pib.uob.com.sg/PIBLogin/resources/fonts/helveticaNeue/ 0
0

GET HelveticaNeue-Bold.ttf
pib.uob.com.sg/PIBLogin/resources/fonts/helveticaNeue/ 0
0

GET HelveticaNeue-Light.ttf
pib.uob.com.sg/PIBLogin/resources/fonts/helveticaNeue/ 0
0

GET
H/1.1 404
Not Found announcements_main.html Show response
faschooler.id/online_services/pib/announcements/login/ 380 B
380 B 296ms
295ms XHR
text/html 103.24.13.91
IDNIC-CBNCLOUD-AS...

General

Check archive.org

Show headers Download Go to

Full URL: http://faschooler.id/online_services/pib/announcements/login/announcements_main.html
Requested by: Host: pib.uob.com.sg
URL: https://pib.uob.com.sg/PIBLogin/resources/js/pib.js
Protocol: HTTP/1.1
Server: 103.24.13.91 , Indonesia, ASN132644 (IDNIC-CBNCLOUD-AS-ID PT. Cyberindo Mega Persada, ID),
Reverse DNS: server3.e-cbncloud.co.id
Software: Apache /
Resource Hash: bfc7eac587040531fb8ad1a468b3b40887a88ba1c539ef1b3d961bb512c886e2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: faschooler.id
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/html, */*; q=0.01
Referer: http://faschooler.id/zpp/1/login.htm
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cache-Control: no-cache
Accept: text/html, */*; q=0.01
Referer: http://faschooler.id/zpp/1/login.htm
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Feb 2017 14:35:47 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 380
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found favicon.ico
faschooler.id/ 328 B
328 B 641ms
322ms Other
text/html 103.24.13.91
IDNIC-CBNCLOUD-AS...

General

Check archive.org

Show headers Download Go to

Full URL: http://faschooler.id/favicon.ico
Protocol: HTTP/1.1
Server: 103.24.13.91 , Indonesia, ASN132644 (IDNIC-CBNCLOUD-AS-ID PT. Cyberindo Mega Persada, ID),
Reverse DNS: server3.e-cbncloud.co.id
Software: Apache /
Resource Hash: 6b62a3658ad247e8f30d3e9f35da5e00ffac1ea09785bd1f0a9830f659cf01da

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: faschooler.id
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://faschooler.id/zpp/1/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://faschooler.id/zpp/1/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Feb 2017 14:35:53 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 328
Content-Type: text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pib.uob.com.sg
URL: https://pib.uob.com.sg/PIBLogin/resources/fonts/opensans/opensans-semibold.woff

Domain: pib.uob.com.sg
URL: https://pib.uob.com.sg/PIBLogin/resources/fonts/uobicons.woff

Domain: pib.uob.com.sg
URL: https://pib.uob.com.sg/PIBLogin/resources/fonts/opensans/opensans.woff

Domain: pib.uob.com.sg
URL: https://pib.uob.com.sg/PIBLogin/resources/fonts/opensans/opensans-light.woff

Domain: pib.uob.com.sg
URL: https://pib.uob.com.sg/PIBLogin/resources/fonts/uobicons.ttf

Domain: pib.uob.com.sg
URL: https://pib.uob.com.sg/PIBLogin/resources/fonts/helveticaNeue/HelveticaNeue-Bold.woff

Domain: pib.uob.com.sg
URL: https://pib.uob.com.sg/PIBLogin/resources/fonts/helveticaNeue/HelveticaNeue-Light.woff

Domain: pib.uob.com.sg
URL: https://pib.uob.com.sg/PIBLogin/resources/fonts/helveticaNeue/HelveticaNeue-Bold.ttf

Domain: pib.uob.com.sg
URL: https://pib.uob.com.sg/PIBLogin/resources/fonts/helveticaNeue/HelveticaNeue-Light.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: United Overseas Bank (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

faschooler.id
pib.uob.com.sg
uniservices1.uobgroup.com
pib.uob.com.sg
103.24.13.91
203.116.108.165
61.8.33.41
02555a045a4fb8bc64d49b758b56fdd36181ecfd599d1689a5d61bac4249736a
0a7369aec49a6158cdb409269ea3f3f8ff0a8662f18c987df410bb9795e6e7df
19bf20390e1dc23a9465cf509037bb179c65e714bb305cd74a96c99ab44b1d02
1c9d1fab616521f2abc9cc5e230c9434cbcdd5598464e957907b9aacaf365f0c
221c4b7567590bea37b844142d6b1ae70718ab4dbda3541e66e948e25da68134
483c429626b8dc3ee19995abf2332d27fabf3791ed101611958d517fd23912e2
49332c783eb268a211617ee7193cc1b70648540b97b378507a5ab5ff77971b0b
5ef5c60f97f617985a774fb1cd1a23d85c5590bd7c1b315f72b437af397e2ab1
694b7af9843c3399a94e428a2af89bf25779c1e4dc8f1831b55adca2207748be
6b62a3658ad247e8f30d3e9f35da5e00ffac1ea09785bd1f0a9830f659cf01da
7f3e0827cd3c904a34a0d51555fcd8b39403bd4064a5aa127adb2c5a7a8abda6
8cc01a2324cf546fa781913b46cf84e84e3171d15a2d7a2a180a13edbc6d1dfd
b3651813f9a0642593f7f3abe8c17a00c1d5d9d5127ae7028b74788d0df3086a
be918fc1aed8a78f88e8e815006d954f0501ae3ba046cf7d5c90f5b5c00e383f
bfc7eac587040531fb8ad1a468b3b40887a88ba1c539ef1b3d961bb512c886e2
cd108d3257ed9c47d1ecdb582ee5a7a99b9ce77d4721fd986178db9bf0ea1692
db98d5b8f9575e4a482f123c67301c6e08c0548ee10ec00145762c50a6becda5
dfbc3e400a0b0a91a7baa1171a252f019891faafdf93d59c07aa0e58f6951102
e4553fe37a5e91f70eb69022f9be8cc6b40b9c62e35b51391dd4fa68d365a95d
fc5d5a4a15386d6eab27891d4d099ff0b125f0649d1e2dbefc2b3e092cdf4589

faschooler.id Open in urlscan Pro 103.24.13.91 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

30 Requests

60 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

1483 kBTransfer

2127 kBSize

0 Cookies

6 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

faschooler.id Open in urlscan Pro
103.24.13.91 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

60 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1483 kB
Transfer

2127 kB
Size

0
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!