carousell.klonek.shop Open in urlscan Pro
172.67.158.67  Malicious Activity! Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response carousell.klonek.shop/login/275DX317WN250M0583379/	120 KB 13 KB	143ms 108ms	Document text/html	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13b1dd1baadf0d1ebd3bf88d6dd8713671c08deeba9901add8d15c2c2ccd01ff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8bb9f937adce71f2-LHR content-encoding br content-type text/html; charset=UTF-8 date Sat, 31 Aug 2024 03:35:57 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46o1VlAO4ylU9cdtedSkhGlaDiTIMpBq0xURgFn39VifYafcTWHgPsP8ZwfNDFCTZRgIjfbDyTUr1BRDtDhe5OsoYKeRoZeKjRX85hsxv8IrlvwJj7znFGtZQ%2Fs3WnS7TgjAA7HdlB4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	themes_login.css carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/	3 KB 1 KB	35ms 34ms	Stylesheet text/css	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/themes_login.css Requested by Host: carousell.klonek.shop URL: https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6e7b2d2cf7ceda9372532f96cdee2227145feae1623251d3e4e9764416a04a6 Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 31 Aug 2024 03:35:57 GMT content-encoding br cf-cache-status HIT last-modified Wed, 07 Aug 2024 09:20:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 583 etag W/"66b33c66-a2b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=esj9V5VK6E33HYV9P6E7jmb65hOzCTavwh79jRdOn3fUmVMVNEhdu2wGWVgRQq2z6%2Bow5YpeH1OBQehN25fKqJia%2F0LYMePQ%2BeNSelcEfonopRyGKeJKWX%2BwyJ3XEIs%2BU4bgkmLc4UY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8bb9f9385e1971f2-LHR alt-svc h3=":443"; ma=86400
GET H3	200	language_login.css carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/	2 KB 1 KB	35ms 33ms	Stylesheet text/css	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/language_login.css Requested by Host: carousell.klonek.shop URL: https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 20a9677251a6dad8428152366c6d83407e61bdca0e057d77557891d3e10f6155 Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 31 Aug 2024 03:35:57 GMT content-encoding br cf-cache-status HIT last-modified Wed, 07 Aug 2024 09:20:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 583 etag W/"66b33c66-62a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xa3lySXfO3lqXEVIAfOJyTcqUkwz%2F%2FbJNyBSdeE7kNTYOc2Xc8R0%2FI4EUN39XSYGlxAVsoqTsQys8nkL6X%2Bh%2FjqfcLmvescn9pNtdep%2F%2BiCAisqlJxCIbYgoBHLFDK1SkNXcBC5iYaQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8bb9f9385e1b71f2-LHR alt-svc h3=":443"; ma=86400
GET H3	200	login.css carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/	11 KB 3 KB	40ms 39ms	Stylesheet text/css	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/login.css Requested by Host: carousell.klonek.shop URL: https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3401c28fc4c919b7e1d4635a7ba912aa5db80f170fb3bb6fa5aff2cbc66d7c7 Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 31 Aug 2024 03:35:57 GMT content-encoding br cf-cache-status HIT last-modified Wed, 07 Aug 2024 09:20:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 583 etag W/"66b33c66-2cc6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jw0AzrSnIJwZqBbkG6bTZjUBdbTwzQc8kJheJ8SOrT%2BKwAnBJhkmZmEsD%2FAhEgBwWn9fKAXS8qJcxcm0JTRvU3jRshskAg46rBvCj5Q%2FvR5yAspsOg5vPvnOsb%2BwtKjRCVg5eV23ILA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8bb9f9385e1c71f2-LHR alt-svc h3=":443"; ma=86400
GET H3	200	bootstrap.css carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/	137 KB 21 KB	41ms 40ms	Stylesheet text/css	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/bootstrap.css Requested by Host: carousell.klonek.shop URL: https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 721c544deee24af2de4e69899757cba8906b62bef51b46beb82593979cdb85a9 Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 31 Aug 2024 03:35:57 GMT content-encoding br cf-cache-status HIT last-modified Wed, 07 Aug 2024 09:20:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 583 etag W/"66b33c66-224bd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WHwNurVCKa3KLq34FI82dPZsDgZl0URJ2xwITehJtCUijyfRQoDgB71wOSSYsOczrqMDT4x8AzQ%2BCMzW7u%2B%2F09LfYcesgyPLugGYCfIWVKFFGHt7KZ2bHF%2FYaJJ6yFQz5MB9uSfytn4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8bb9f9385e1d71f2-LHR alt-svc h3=":443"; ma=86400
GET H3	200	themes.css carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/	3 KB 1 KB	37ms 36ms	Stylesheet text/css	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/themes.css Requested by Host: carousell.klonek.shop URL: https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63594a983bb6d2a7ae09e26d07a7d5c81fd3f57307e2289d6099afa18413b4cd Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 31 Aug 2024 03:35:57 GMT content-encoding br cf-cache-status HIT last-modified Wed, 07 Aug 2024 09:20:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 583 etag W/"66b33c66-a56" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ZGsMM7s0jg7r37PC2lJFy%2B66190J2YK3ne5CIewEN25O2Zi0dOAiV8WARB6PqT%2FZnXfzv5%2B0mYcj36%2FZDHBJlAonlJH7V17UGXSbgYQlLNI9Bu6o3yHDEtAWyJ6S5HPMao%2B%2BQopx04%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8bb9f9385e1e71f2-LHR alt-svc h3=":443"; ma=86400
GET H3	200	language.css carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/	2 KB 1 KB	37ms 37ms	Stylesheet text/css	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/language.css Requested by Host: carousell.klonek.shop URL: https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 525437a2ad8dd7a795a2e3343e95ddb3cb899021eb6e1f5436884f6372cdfb6a Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 31 Aug 2024 03:35:57 GMT content-encoding br cf-cache-status HIT last-modified Wed, 07 Aug 2024 09:20:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 583 etag W/"66b33c66-9b2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DFF2nrb1sOpMpE6HIRswG8q%2FNUGt7d1DTyyv3vt8xByng%2FlccZZzgRxh4Rj17aPG6pgWSyLnfz25Im7KXbjyJH1PWDtYSFOzy1E18he0c8kgtk3Y1B9fY5%2B3nJ0MfXPe%2BhObouNqqvE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8bb9f9385e2071f2-LHR alt-svc h3=":443"; ma=86400
GET H3	200	enhanced.css carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/	12 KB 3 KB	37ms 37ms	Stylesheet text/css	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/enhanced.css Requested by Host: carousell.klonek.shop URL: https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d75afb2689d7d59270559409075bdda199d7041258189b9ff5b94467c158c8f2 Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 31 Aug 2024 03:35:57 GMT content-encoding br cf-cache-status HIT last-modified Wed, 07 Aug 2024 09:20:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 583 etag W/"66b33c66-3091" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xbthFLS%2BlMe%2F%2Bt79V%2Bi%2FufLylyanQOKWFJuv6IEkFqxowZ6CcSMTnonCyHfg2IjTfLLJYw9FRzgeqnJ7pBgVsJLnLKnQSjSfbnHoj315TKvzvyubBEQExzAe6iWgoY%2F%2BDg1NAkNuj10%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8bb9f9385e2171f2-LHR alt-svc h3=":443"; ma=86400
GET H3	200	desktoplogo.webp carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/	5 KB 5 KB	32ms 32ms	Image image/webp	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/desktoplogo.webp Requested by Host: carousell.klonek.shop URL: https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 647dab92fc86284f72852d84109d525b5603d4cb4d0745b345f4b4c2338ad2f6 Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 31 Aug 2024 03:35:57 GMT cf-cache-status HIT last-modified Wed, 07 Aug 2024 09:20:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 728 etag "66b33c66-12ca" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ckIkjQHeZTSO%2BwP%2FI2r0wj9UiQoEczwy%2B0uFwbtnR0v2w%2Fv89mZuRxIITEmjgaSlrWYBeTq5c%2BaPi84S6BA9pJr0SWGEBAvk4AzikN0nv29r%2BvG5DP%2F8xXP2w48%2Fvvi9XHJXjkhgx9w%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=14400 accept-ranges bytes cf-ray 8bb9f938be4c71f2-LHR alt-svc h3=":443"; ma=86400 content-length 4810
GET H3	200	Dawn.jpg carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/	1 MB 1 MB	33ms 33ms	Image image/jpeg	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/Dawn.jpg Requested by Host: carousell.klonek.shop URL: https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b6b1483487618be17d59cd437845401ee968b2b0acaaee224a0a84562fa2b0e Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 31 Aug 2024 03:35:57 GMT cf-cache-status HIT last-modified Wed, 07 Aug 2024 09:20:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 583 etag "66b33c66-147bd4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63YxtGAmHqX%2FIVteoem%2BDEN481h98cJRVx0%2BPDQD8YgUZo2UNFm7yJId1KQp2uETyo3SOt1HoIK3auGqZqHyhu1Ax9EsOrM1%2FufhQ2MNOxfhp8W8NWpmN%2BjYXNFDrAj%2FHlOjhGpk3YM%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8bb9f938ce5171f2-LHR alt-svc h3=":443"; ma=86400 content-length 1342420
GET H3	200	dbsicons.woff carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/font/	2 KB 2 KB	200ms 200ms	Font application/font-woff	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/font/dbsicons.woff Requested by Host: carousell.klonek.shop URL: https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f5244c71b03253ff5e2a4da21f13a016b0456825d5399ba583768bd12692c95 Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ Origin https://carousell.klonek.shop User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 31 Aug 2024 03:35:57 GMT content-encoding br cf-cache-status HIT last-modified Wed, 07 Aug 2024 09:20:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 583 etag W/"66b33c66-70c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f5XsUxvSbi4lBkK8D48CM7p2iGd%2B2bd7FV%2B8EPFXXXT%2B1rk5tPXS%2BKgra2LFMIyBu8QfxGTbtRVIKnKyRy7JpmBIASftb0tBlPTZ3H5T%2BeOBhtOuxm%2FTJHeaSEz%2FHq7PBPAGpHd%2BxBI%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 8bb9f938de5471f2-LHR alt-svc h3=":443"; ma=86400
GET H2	200	css2 fonts.googleapis.com/	2 KB 859 B	422ms 44ms	Stylesheet text/css	142.250.185.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f10.1e100.net Software ESF / Resource Hash e3b151a4b2bd2ae79b61b582c7629330112ea1ee33a7545ff6524c654b66289b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://carousell.klonek.shop/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Sat, 31 Aug 2024 03:35:58 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Sat, 31 Aug 2024 03:35:58 GMT
GET H3	200	operator-img.png carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/gen/	123 KB 123 KB	139ms 139ms	Image image/png	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/gen/operator-img.png Requested by Host: carousell.klonek.shop URL: https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ad959dc0c70ef9d40126cefdcc3ad6aaba451078b3533a4204aff83e1de81f3 Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 31 Aug 2024 03:35:57 GMT cf-cache-status HIT last-modified Wed, 07 Aug 2024 09:20:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 991 etag "66b33c51-1ea0a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F1GKmBo7W%2Bw0jdzQLfGOnrDMiH0eWlLkPAm9WY2%2FL07tbYaZy0DhB4D5VHOVnh32EzCZX96kqiahwzmlrr2XESWfnxWEZnH3%2BjJDRMoPUQ1ginDaE36NHewAIMYZwEopcifIl1%2F6kH0%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8bb9f9393e7e71f2-LHR alt-svc h3=":443"; ma=86400 content-length 125450
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.0/	84 KB 30 KB	421ms 36ms	Script text/javascript	142.250.184.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js Requested by Host: carousell.klonek.shop URL: https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f10.1e100.net Software sffe / Resource Hash 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://carousell.klonek.shop/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 30 Aug 2024 23:37:36 GMT content-encoding gzip x-content-type-options nosniff age 14302 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30089 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 30 Aug 2025 23:37:36 GMT
GET H2	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXp-obK4.woff2 fonts.gstatic.com/s/montserrat/v26/	15 KB 15 KB	416ms 35ms	Font font/woff2	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXp-obK4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software sffe / Resource Hash 8985d8188d008865294153ef9d8aaf292eef3637347b8bc717b6603e6b9ae00e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://carousell.klonek.shop User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 29 Aug 2024 08:45:13 GMT x-content-type-options nosniff age 154245 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14948 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:52:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Aug 2025 08:45:13 GMT
POST H3	200	ajax Show response carousell.klonek.shop/ix9fjnak93/0w2gsb/252/	3 KB 1 KB	94ms 92ms	XHR text/html	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell.klonek.shop/ix9fjnak93/0w2gsb/252/ajax Requested by Host: carousell.klonek.shop URL: https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebc15d2d858f17ea842d48e39da47068eb11098ace982f592b16e210fa575fde Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Sat, 31 Aug 2024 03:35:58 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zlb5J%2BxPan5JudJRRfncV0r5G%2FR%2BPD2u%2BW09HFRjGPw0mxh4CHpDLparY3HSNTMDXOgt0YFgh5L1dGS5fbpAgDy%2F3PNW6pGFqezCZW1vU4Y%2BXmdDtCN2d%2FsW1mal9EWZQ08kKfKqujo%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 8bb9f93ef94871f2-LHR alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	206	alert.mp3 carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/gen/	14 KB 15 KB	40ms 40ms	Media audio/mpeg	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/gen/alert.mp3 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a18bd97abbc747b6a928313fcfff5c253a4164ed768724912ac140edcb332c2 Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Range bytes=0- Response headers date Sat, 31 Aug 2024 03:35:58 GMT cf-cache-status HIT last-modified Wed, 07 Aug 2024 09:20:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 991 etag "66b33c51-39f4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4btxNeUDVDo4OoBHfUpfgv5waXbz5UM2zwq%2BGMRDrqbo3xZSJ1tORGswCDRdTRjIswTuV7%2BLqJLRk76XSSYVm7k7p1iC%2BcmkK%2B%2BCT2PkIOhrZlfKUa26W8NB8Fv5C6qf4rOfdC1WILI%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg Content-Range bytes 0-14835/14836 cache-control max-age=14400 cf-ray 8bb9f93ef94b71f2-LHR alt-svc h3=":443"; ma=86400 Content-Length 14836
GET H3	200	favicon.png carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/	450 B 908 B	35ms 35ms	Other image/png	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell.klonek.shop/6y5vscqf/kg51x/343fdldg/banks/posb/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash afd4096a9d9d820169a152f9b247ce527363afafe16cf0e46b074af97beaf5eb Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 31 Aug 2024 03:35:58 GMT cf-cache-status HIT last-modified Wed, 07 Aug 2024 09:20:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 583 etag "66b33c66-1c2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CvrH6voIZSD8gEU89iA%2FiNEqrSGU1RP1XwFk52ezlQ5tw%2F%2Bt4nBdqgnWL7645Of8HkgzwxpwA0OPV4bCU0sPii5Yx30ey0mbBHnytG9O1ZLSUpuDdpY%2FlSQLC4hWWbigTn7NzsDi1NY%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8bb9f93ef94e71f2-LHR alt-svc h3=":443"; ma=86400 content-length 450
POST H3	200	ajax Show response carousell.klonek.shop/ix9fjnak93/0w2gsb/252/	3 KB 1 KB	93ms 92ms	XHR text/html	172.67.158.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carousell.klonek.shop/ix9fjnak93/0w2gsb/252/ajax Requested by Host: carousell.klonek.shop URL: https://carousell.klonek.shop/login/275DX317WN250M0583379/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebc15d2d858f17ea842d48e39da47068eb11098ace982f592b16e210fa575fde Request headers Referer https://carousell.klonek.shop/login/275DX317WN250M0583379/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Sat, 31 Aug 2024 03:36:02 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ETOAWHLWqnGp%2F8HVinsDENbtevG%2FuV4Q%2Bv%2FdqQwSHg25b0V24Ugg9F%2FxuqUcC0blmtVbbDpvqf0ghCfEbV4fMaJwU07VP3WSN%2FdImcXK0DelwxbV62u8FPMir0ZaSYN6KPpNwOyZgec%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 8bb9f957eda371f2-LHR alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: POSB Bank (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| ajaxsup function| sendmsg function| openwrite function| changeInput function| setWindowVisibility function| fullscreen function| soundAlert function| startAjax

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			carousell.klonek.shop/	1969-12-31 23:59:59	Name: PHPSESSID Value: 321f95ba235ef70de9ffa48da4ca1ee2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
carousell.klonek.shop
fonts.googleapis.com
fonts.gstatic.com
142.250.184.234
142.250.185.195
142.250.185.202
172.67.158.67
13b1dd1baadf0d1ebd3bf88d6dd8713671c08deeba9901add8d15c2c2ccd01ff
1f5244c71b03253ff5e2a4da21f13a016b0456825d5399ba583768bd12692c95
20a9677251a6dad8428152366c6d83407e61bdca0e057d77557891d3e10f6155
525437a2ad8dd7a795a2e3343e95ddb3cb899021eb6e1f5436884f6372cdfb6a
5b6b1483487618be17d59cd437845401ee968b2b0acaaee224a0a84562fa2b0e
63594a983bb6d2a7ae09e26d07a7d5c81fd3f57307e2289d6099afa18413b4cd
647dab92fc86284f72852d84109d525b5603d4cb4d0745b345f4b4c2338ad2f6
6ad959dc0c70ef9d40126cefdcc3ad6aaba451078b3533a4204aff83e1de81f3
721c544deee24af2de4e69899757cba8906b62bef51b46beb82593979cdb85a9
8985d8188d008865294153ef9d8aaf292eef3637347b8bc717b6603e6b9ae00e
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
9a18bd97abbc747b6a928313fcfff5c253a4164ed768724912ac140edcb332c2
afd4096a9d9d820169a152f9b247ce527363afafe16cf0e46b074af97beaf5eb
c3401c28fc4c919b7e1d4635a7ba912aa5db80f170fb3bb6fa5aff2cbc66d7c7
c6e7b2d2cf7ceda9372532f96cdee2227145feae1623251d3e4e9764416a04a6
d75afb2689d7d59270559409075bdda199d7041258189b9ff5b94467c158c8f2
e3b151a4b2bd2ae79b61b582c7629330112ea1ee33a7545ff6524c654b66289b
ebc15d2d858f17ea842d48e39da47068eb11098ace982f592b16e210fa575fde