support-account.duckdns.org Open in urlscan Pro
34.135.218.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://support-account.duckdns.org/
Submission: On November 19 via automatic, source openphish (November 19th 2022, 1:12:34 pm UTC) — Scanned from DE

Summary HTTP 23 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 34.135.218.55, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is support-account.duckdns.org.
TLS certificate: Issued by R3 on November 19th 2022. Valid for: 3 months.

This is the only time support-account.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3	34.135.218.55 34.135.218.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
19	23.205.244.224 23.205.244.224	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:440... 2606:4700:4400::6812:2b9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	3

3 34.135.218.55 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.218.135.34.bc.googleusercontent.com

support-account.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.205.244.224 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-244-224.deploy.static.akamaitechnologies.com

www17.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2b9f (United States)

ASN13335 (CLOUDFLARENET, US)

www.waldenu.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	wellsfargomedia.com www17.wellsfargomedia.com — Cisco Umbrella Rank: 22484	209 KB
3	duckdns.org support-account.duckdns.org	54 KB
1	waldenu.edu www.waldenu.edu — Cisco Umbrella Rank: 259985	146 KB
23	3

	Domain	Requested by
19	www17.wellsfargomedia.com	support-account.duckdns.org
3	support-account.duckdns.org	support-account.duckdns.org
1	www.waldenu.edu	support-account.duckdns.org
23	3

This site contains links to these domains. Also see Links.

Domain
creditcards.wellsfargo.com
appointments.wellsfargo.com
confirmcard.wellsfargo.com
apply.wellsfargo.com
icomplete.wellsfargo.com
connect.secure.wellsfargo.com
oam.wellsfargo.com
learnmore.wf.com
stories.wf.com
apps.apple.com
play.google.com
www.facebook.com
www.linkedin.com
www.instagram.com
www.pinterest.com
www.youtube.com
www.twitter.com
www.sipc.org

Subject Issuer	Validity	Valid
support-account.duckdns.org R3	`2022-11-19` - `2023-02-17`	3 months	crt.sh
www17.wellsfargomedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-09` - `2023-06-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-07` - `2023-02-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://support-account.duckdns.org/
Frame ID: 0C2E59C67B4631E94CAEA724DEC6AFCA
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wells Fargo Bank | Financial Services & Online Banking

Page Statistics

23
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

408 kB
Transfer

644 kB
Size

0
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://creditcards.wellsfargo.com/
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://appointments.wellsfargo.com/maa/appointment/topic/
Title: Make an appointment

Search URL Search Domain Scan URL

URL: https://creditcards.wellsfargo.com/active-cash-credit-card/
Title: Wells Fargo Active Cash® Card Unlimited 2% cash rewards on purchases

Search URL Search Domain Scan URL

URL: https://creditcards.wellsfargo.com/autograph-visa-credit-card/
Title: Wells Fargo AutographSM Card Many ways to earn 3X points

Search URL Search Domain Scan URL

URL: https://creditcards.wellsfargo.com/reflect-visa-credit-card/
Title: Wells Fargo Reflect® Card Enjoy our lowest intro APR

Search URL Search Domain Scan URL

URL: https://creditcards.wellsfargo.com/hotels-com-card/
Title: Hotels.com® Rewards Visa® Credit Card Get closer to unlocking your next escape

Search URL Search Domain Scan URL

URL: https://creditcards.wellsfargo.com/bilt-points-credit-card/
Title: Bilt World Elite Mastercard® Earn points on rent. And more.

Search URL Search Domain Scan URL

URL: https://confirmcard.wellsfargo.com/
Title: Confirm credit card

Search URL Search Domain Scan URL

URL: https://apply.wellsfargo.com/getting_started?product_code=CC&language=en&applicationtype=creditcarddirectmail&sub_channel=WEB&vendor_code=WF
Title: Respond to mail offer

Search URL Search Domain Scan URL

URL: https://icomplete.wellsfargo.com/oas/status/personal-loans-rate-checker/getting-started/
Title: See my loan options

Search URL Search Domain Scan URL

URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS
Title: Current auto loan customers Sign in to make payments, view statements, set up alerts, and more

Search URL Search Domain Scan URL

URL: https://oam.wellsfargo.com/oamo/identity/enrollment
Title: Enroll in Wells Fargo Online® Use online banking to manage your auto loan

Search URL Search Domain Scan URL

URL: https://learnmore.wf.com/EV/
Title: Learn about electric vehicles

Search URL Search Domain Scan URL

URL: https://appointments.wellsfargo.com/maa/appointment/
Title: Make an appointment

Search URL Search Domain Scan URL

URL: https://creditcards.wellsfargo.com/?sub_channel=WEB&vendor_code=IA&lang=en&product_code=CC&SubProduct_Code=MC&placement_id=C_CCD_WWW_MC_NA_ACQ_HPP_STATIC_EN_HTT_DT_BANNER_TK1&offerid=C_ccd_findcreditcardrspvdefault_smlprimary%20&slotid=WF_CON_HP_SML_PRIMARY&linkloc=HP&OfferType=TK1
Title: Find a credit card Learn more

Search URL Search Domain Scan URL

URL: https://stories.wf.com/?cid=vty
Title: Wells Fargo Stories

Search URL Search Domain Scan URL

URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=mobilebrowser
Title: Continue to Sign On

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/id311548709
Title: Continue

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.wf.wellsfargomobile
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.twitter.com/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.sipc.org/
Title: Continue

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
support-account.duckdns.org/ 115 KB
15 KB 506ms
128ms Document
text/html 34.135.218.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://support-account.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.135.218.55 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.218.135.34.bc.googleusercontent.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: 62da487c479bf8abb379fa4c87f24a986e9265b8bbbc19b38b2fca6dfbde35fd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 15308
Content-Type: text/html
Date: Sat, 19 Nov 2022 13:12:28 GMT
ETag: "1cc99-5edd28e3a53d4-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Sat, 19 Nov 2022 13:11:08 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding

GET
H/1.1 200
OK ps-homepage.css
support-account.duckdns.org/ui/css/homepage-ui/ 165 KB
23 KB 247ms
130ms Stylesheet
text/css 34.135.218.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://support-account.duckdns.org/ui/css/homepage-ui/ps-homepage.css
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.135.218.55 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.218.135.34.bc.googleusercontent.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: c9ed466cf80821ca1f76d41bc202afaf8c7d8bdb69cf0a36bb4c6cd06421f285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 19 Nov 2022 13:12:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Nov 2022 03:23:52 GMT
Server: Apache/2.4.54 (Debian)
ETag: "292a4-5ed296b43c6d7-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 23621

GET
H2 200 wf_logo_220x23.png
www17.wellsfargomedia.com/assets/images/rwd/ 2 KB
2 KB 146ms
25ms Image
image/webp 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-244-224.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 0d7727e08780a04f9c86fca16ed264664eea2b161744cfb70836880bf04fc1ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:28 GMT
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
x-serial: 853
server: Akamai Image Manager
x-check-cacheable: YES
etag: "61bcfcce-10c2"
content-type: image/webp
cache-control: private, no-transform, max-age=585538
content-length: 1710
expires: Sat, 26 Nov 2022 07:51:26 GMT

GET
H2 200 Active-Cash-Card-79x50.png
www17.wellsfargomedia.com/assets/images/rwd/ 852 B
1 KB 132ms
42ms Image
image/webp 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-244-224.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: b5b73fb58b90213e3e94e8bb2f2821ae968e4a14c736940a2a80673c5039919b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:28 GMT
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
etag: "6217f519-1d25"
content-type: image/webp
cache-control: private, no-transform, max-age=555144
content-length: 852
expires: Fri, 25 Nov 2022 23:24:52 GMT

GET
H2 200 wf_autograph_card_79x50.jpg
www17.wellsfargomedia.com/assets/images/rwd/ 1 KB
1 KB 132ms
43ms Image
image/webp 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-244-224.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c2f04b9277e2158e498ea44ff61a651461ac7bcf0eed712b78fa8e21ae6eabfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:28 GMT
last-modified: Thu, 14 Jul 2022 19:31:27 GMT
x-serial: 2010
server: Akamai Image Manager
x-check-cacheable: YES
etag: "6286a22a-81c"
content-type: image/webp
cache-control: private, no-transform, max-age=886813
content-length: 1118
expires: Tue, 29 Nov 2022 19:32:41 GMT

GET
H2 200 Reflect-Card-79x50.png
www17.wellsfargomedia.com/assets/images/rwd/ 712 B
897 B 132ms
43ms Image
image/webp 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-244-224.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7867b0f1e4d21ebd684268360f820149578a15141a9128b57a97843c0fcb3b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:28 GMT
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
etag: "6217f519-1c20"
content-type: image/webp
cache-control: private, no-transform, max-age=765046
content-length: 712
expires: Mon, 28 Nov 2022 09:43:14 GMT

GET
H2 200 h.com_card_79x50.png
www17.wellsfargomedia.com/assets/images/rwd/ 2 KB
2 KB 142ms
53ms Image
image/webp 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.wellsfargomedia.com/assets/images/rwd/h.com_card_79x50.png
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-244-224.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 749d47078866f2ebe0c2b692de339996ede393b570c7f73418ac0ed9a6882539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:28 GMT
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
etag: "6217f519-23fc"
content-type: image/webp
cache-control: private, no-transform, max-age=555193
content-length: 2286
expires: Fri, 25 Nov 2022 23:25:41 GMT

GET
H2 200 bilt_card_79x50.png
www17.wellsfargomedia.com/assets/images/rwd/ 1 KB
2 KB 155ms
67ms Image
image/webp 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-244-224.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 5220e2267bf1d52810fa37112ed26e7d0d6a6f8cfaaa7d36c032b68562030d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:28 GMT
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
x-serial: 961
server: Akamai Image Manager
x-check-cacheable: YES
etag: "6217f519-1be6"
content-type: image/webp
cache-control: private, no-transform, max-age=694165
content-length: 1348
expires: Sun, 27 Nov 2022 14:01:53 GMT

GET
H2 200 seo-1038-bs-washington-dc-usa-june-246176785-1200x675.jpg
www.waldenu.edu/-/media/walden/images/seo-article/ 145 KB
146 KB 830ms
747ms Image
image/jpeg 2606:4700:4400::6812:2b9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.waldenu.edu/-/media/walden/images/seo-article/seo-1038-bs-washington-dc-usa-june-246176785-1200x675.jpg?hash=C1AE4B22D87204475154BF873DACA7D0

Requested by

Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13e436a4398e8f02f5285f12406abe4bce73e1ae0ccd5d5a14e56ee29b724cc3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.waldenfacts.com http://waldenfacts.com http://laureate.postclickmarketing.com http://50years.waldenu.edu
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://*.waldenfacts.com http://waldenfacts.com http://laureate.postclickmarketing.com http://50years.waldenu.edu
cf-cache-status: MISS
content-disposition: inline; filename="SEO-1038-bs-Washington-Dc-Usa-june-246176785-1200x675.jpg"
content-length: 148583
x-node: SC9-CD3
last-modified: Tue, 01 Mar 2022 22:51:31 GMT
server: cloudflare
etag: b93e07c025334ca183de99528900b13a
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 76c932995b579a39-FRA

GET
H2 200 wfi000_ic_b-wf_icon_house_gradient_64x64.png
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/ 1004 B
1 KB 70ms
68ms Image
image/webp 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_house_gradient_64x64.png
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-244-224.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8e16030cdf2d91809d0540f79aa3a3be4b83e4a9bf13bd91def3962f1484406f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:28 GMT
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
x-serial: 131
server: Akamai Image Manager
x-check-cacheable: YES
etag: "61a93697-f60"
content-type: image/webp
cache-control: private, no-transform, max-age=585428
content-length: 1004
expires: Sat, 26 Nov 2022 07:49:36 GMT

GET
H2 200 wfi000_ic_b-wf_icon_check_mark_gradient_64x64.png
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/ 1 KB
1 KB 80ms
79ms Image
image/webp 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_check_mark_gradient_64x64.png
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-244-224.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 9d7f1fe0833268a6a9468b9fc19436ffe00b8596c67131b09361467deaed1b76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:28 GMT
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
etag: "61a93697-12d2"
content-type: image/webp
cache-control: private, no-transform, max-age=357793
content-length: 1344
expires: Wed, 23 Nov 2022 16:35:41 GMT

GET
H2 200 wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/ 562 B
748 B 81ms
80ms Image
image/webp 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-244-224.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 9bd4d77dfdadd6574d42e469c1968fffce0422134f4487f1d785367752743f96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:28 GMT
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
etag: "61a93697-769"
content-type: image/webp
cache-control: private, no-transform, max-age=765033
content-length: 562
expires: Mon, 28 Nov 2022 09:43:01 GMT

GET
H2 200 first_time_experience-account_summary.png
www17.wellsfargomedia.com/assets/images/rwd/ 2 KB
3 KB 82ms
80ms Image
image/webp 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-244-224.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: ea103ea932d2ebdd8e57887e4beabb394c21b6f260f49adfa8be4772cb61faec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:28 GMT
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
etag: "618287e9-14da"
content-type: image/webp
cache-control: private, no-transform, max-age=823786
content-length: 2496
expires: Tue, 29 Nov 2022 02:02:14 GMT

GET
H2 200 wfi_ph_g_1199830824_1600x700.jpg
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/ 50 KB
51 KB 91ms
90ms Image
image/webp 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_g_1199830824_1600x700.jpg
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-244-224.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: e037cf255bed27ebd83c682b368532fc925848a9ff0e42d97132ac995e43bbdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:28 GMT
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
x-serial: 832
server: Akamai Image Manager
x-check-cacheable: YES
etag: "61a7e46d-172e2"
content-type: image/webp
cache-control: private, no-transform, max-age=765030
content-length: 51474
expires: Mon, 28 Nov 2022 09:42:58 GMT

GET
H/1.1 200
OK /
support-account.duckdns.org/ 15 KB
15 KB 257ms
128ms Image
text/html 34.135.218.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support-account.duckdns.org/
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.135.218.55 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.218.135.34.bc.googleusercontent.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 19 Nov 2022 13:12:28 GMT
Content-Encoding: gzip
Last-Modified: Sat, 19 Nov 2022 13:11:08 GMT
Server: Apache/2.4.54 (Debian)
ETag: "1cc99-5edd28e3a53d4-gzip"
Vary: Accept-Encoding
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15308

GET
H2 200 responsive-sprite-v7.png
www17.wellsfargomedia.com/assets/images/sprite/ 47 KB
48 KB 26ms
25ms Image
image/png 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png

Requested by

Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/ui/css/homepage-ui/ps-homepage.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-244-224.deploy.static.akamaitechnologies.com

Software

Resource Hash

9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
date: Sat, 19 Nov 2022 13:12:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Jul 2022 20:04:58 GMT
etag: "62d9b16a-bdb9"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=13118993
accept-ranges: bytes
content-length: 48569
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 09:22:21 GMT

GET
H2 200 position-1-bg-gradient.png
www17.wellsfargomedia.com/assets/images/homepage/ 2 KB
2 KB 43ms
42ms Image
image/webp 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/ui/css/homepage-ui/ps-homepage.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-244-224.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 659ec8c02bafa9c286c39731fb1d2d382a7a8dd2ee8cc4132146558dbe27b6a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:28 GMT
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
x-serial: 858
server: Akamai Image Manager
x-check-cacheable: YES
etag: "61619278-9f2c"
content-type: image/webp
cache-control: private, no-transform, max-age=784786
content-length: 2330
expires: Mon, 28 Nov 2022 15:12:14 GMT

GET
H2 200 position-2-bg-gradient.png
www17.wellsfargomedia.com/assets/images/homepage/ 2 KB
2 KB 44ms
43ms Image
image/webp 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/ui/css/homepage-ui/ps-homepage.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-244-224.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 50ce7b0d954443e5fd62e3cd003bc7124bda0b30dd58d6a66485c72be96959c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:28 GMT
last-modified: Thu, 14 Jul 2022 02:02:39 GMT
server: Akamai Image Manager
etag: "61619278-cf3e"
content-type: image/webp
cache-control: private, no-transform, max-age=585502
content-length: 2340
expires: Sat, 26 Nov 2022 07:50:50 GMT

GET
H2 200 position-3-bg-gradient.png
www17.wellsfargomedia.com/assets/images/homepage/ 2 KB
2 KB 33ms
33ms Image
image/webp 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
Requested by: Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/ui/css/homepage-ui/ps-homepage.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-244-224.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 10c22e3b130204065c1a61e7995a9defe21f0408801e8b442035a03f8d16ad64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-account.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:12:28 GMT
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
x-serial: 416
server: Akamai Image Manager
x-check-cacheable: YES
etag: "61619278-7b35"
content-type: image/webp
cache-control: private, no-transform, max-age=816137
content-length: 2092
expires: Mon, 28 Nov 2022 23:54:45 GMT

GET
H2 200 wellsfargosans-rg.woff2
www17.wellsfargomedia.com/assets/fonts/ 22 KB
22 KB 68ms
23ms Font
font/woff2 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2

Requested by

Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/ui/css/homepage-ui/ps-homepage.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-244-224.deploy.static.akamaitechnologies.com

Software

Resource Hash

631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support-account.duckdns.org/
Origin: https://support-account.duckdns.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
date: Sat, 19 Nov 2022 13:12:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=12573640
accept-ranges: bytes
content-length: 22424
x-xss-protection: 1; mode=block
expires: Fri, 14 Apr 2023 01:53:08 GMT

GET
H2 200 wellsfargosans-bd.woff2
www17.wellsfargomedia.com/assets/fonts/ 22 KB
22 KB 70ms
26ms Font
font/woff2 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2

Requested by

Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/ui/css/homepage-ui/ps-homepage.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-244-224.deploy.static.akamaitechnologies.com

Software

Resource Hash

6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support-account.duckdns.org/
Origin: https://support-account.duckdns.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
strict-transport-security: max-age=31536000; includeSubdomains;
date: Sat, 19 Nov 2022 13:12:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=12572605
accept-ranges: bytes
content-length: 22172
x-xss-protection: 1; mode=block
expires: Fri, 14 Apr 2023 01:35:53 GMT

GET
H2 200 wellsfargosans-sbd.woff2
www17.wellsfargomedia.com/assets/fonts/ 22 KB
22 KB 71ms
26ms Font
font/woff2 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2

Requested by

Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/ui/css/homepage-ui/ps-homepage.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-244-224.deploy.static.akamaitechnologies.com

Software

Resource Hash

ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support-account.duckdns.org/
Origin: https://support-account.duckdns.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
date: Sat, 19 Nov 2022 13:12:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=11064401
accept-ranges: bytes
content-length: 22600
x-xss-protection: 1; mode=block
expires: Mon, 27 Mar 2023 14:39:09 GMT

GET
H2 200 wellsfargosans-lt.woff2
www17.wellsfargomedia.com/assets/fonts/ 21 KB
21 KB 89ms
45ms Font
font/woff2 23.205.244.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2

Requested by

Host: support-account.duckdns.org
URL: https://support-account.duckdns.org/ui/css/homepage-ui/ps-homepage.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.244.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-244-224.deploy.static.akamaitechnologies.com

Software

Resource Hash

63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support-account.duckdns.org/
Origin: https://support-account.duckdns.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
date: Sat, 19 Nov 2022 13:12:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=11930971
accept-ranges: bytes
content-length: 21636
x-xss-protection: 1; mode=block
expires: Thu, 06 Apr 2023 15:21:59 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| utag_data object| WFUI_CONTAINER

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

support-account.duckdns.org
www.waldenu.edu
www17.wellsfargomedia.com
23.205.244.224
2606:4700:4400::6812:2b9f
34.135.218.55
0d7727e08780a04f9c86fca16ed264664eea2b161744cfb70836880bf04fc1ac
10c22e3b130204065c1a61e7995a9defe21f0408801e8b442035a03f8d16ad64
13e436a4398e8f02f5285f12406abe4bce73e1ae0ccd5d5a14e56ee29b724cc3
50ce7b0d954443e5fd62e3cd003bc7124bda0b30dd58d6a66485c72be96959c0
5220e2267bf1d52810fa37112ed26e7d0d6a6f8cfaaa7d36c032b68562030d05
62da487c479bf8abb379fa4c87f24a986e9265b8bbbc19b38b2fca6dfbde35fd
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
659ec8c02bafa9c286c39731fb1d2d382a7a8dd2ee8cc4132146558dbe27b6a8
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
749d47078866f2ebe0c2b692de339996ede393b570c7f73418ac0ed9a6882539
7867b0f1e4d21ebd684268360f820149578a15141a9128b57a97843c0fcb3b72
8e16030cdf2d91809d0540f79aa3a3be4b83e4a9bf13bd91def3962f1484406f
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
9bd4d77dfdadd6574d42e469c1968fffce0422134f4487f1d785367752743f96
9d7f1fe0833268a6a9468b9fc19436ffe00b8596c67131b09361467deaed1b76
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
b5b73fb58b90213e3e94e8bb2f2821ae968e4a14c736940a2a80673c5039919b
c2f04b9277e2158e498ea44ff61a651461ac7bcf0eed712b78fa8e21ae6eabfb
c9ed466cf80821ca1f76d41bc202afaf8c7d8bdb69cf0a36bb4c6cd06421f285
e037cf255bed27ebd83c682b368532fc925848a9ff0e42d97132ac995e43bbdf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea103ea932d2ebdd8e57887e4beabb394c21b6f260f49adfa8be4772cb61faec

support-account.duckdns.org Open in urlscan Pro 34.135.218.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

23 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

408 kBTransfer

644 kBSize

0 Cookies

26 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Indicators

support-account.duckdns.org Open in urlscan Pro
34.135.218.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

408 kB
Transfer

644 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!