![](/screenshots/6e468ce5-d7cf-4519-9b1b-3d301cf285d1.png)
onpointz.duckdns.org
Open in
urlscan Pro
178.128.252.140
Malicious Activity!
Public Scan
Submission: On June 28 via api from US — Scanned from NL
Summary
TLS certificate: Issued by R10 on June 27th 2024. Valid for: 3 months.
This is the only time onpointz.duckdns.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OnPoint Community Credit Union (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 178.128.252.140 178.128.252.140 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
12 | 192.0.54.4 192.0.54.4 | 62659 (Q2HOLDINGS) (Q2HOLDINGS) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
18 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
onlineaccess1.com
cdn1.onlineaccess1.com — Cisco Umbrella Rank: 21120 |
403 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83 |
913 B |
1 |
duckdns.org
onpointz.duckdns.org |
18 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
18 | 4 |
Domain | Requested by | |
---|---|---|
12 | cdn1.onlineaccess1.com |
onpointz.duckdns.org
cdn1.onlineaccess1.com |
1 | fonts.googleapis.com |
cdn1.onlineaccess1.com
|
1 | onpointz.duckdns.org | |
0 | mhtml.blink Failed |
onpointz.duckdns.org
|
18 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
secure.onpointcu.com |
www.onpointcu.com |
cdn1.onlineaccess1.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
webdisk.onpointz.duckdns.org R10 |
2024-06-27 - 2024-09-25 |
3 months | crt.sh |
onlineaccess1.com GTS CA 1P5 |
2024-05-08 - 2024-08-06 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://onpointz.duckdns.org/
Frame ID: 6FC4311829DAFE030B1CC2B98B65A1FB
Requests: 19 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Forgot Login ID
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Return to login
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
onpointz.duckdns.org/ |
17 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css-33f78766-cfc2-46f6-8f00-528134bfc3e3@mhtml.blink
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css-82037456-a503-440d-a320-7d486cb79338@mhtml.blink
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css-5a6c6648-f32b-4f2a-995c-1ff20b1325ef@mhtml.blink
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css-69aad04c-5e12-423e-b569-bdb6fd1722c0@mhtml.blink
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
q2-tecton-theme.css
cdn1.onlineaccess1.com/cdn/base/tecton/v1.10.5/ |
32 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
highcontrast-18df5a8ba9e966e15cd989df372dfe93.css
cdn1.onlineaccess1.com/cdn/depot/5123_Test__/304/7aa2b9cd77837554154830c28b583fe6/assets/ |
1 MB 143 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
cdn1.onlineaccess1.com/cdn/base/4.4.0.124C/assets/ |
93 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.css
cdn1.onlineaccess1.com/cdn/base/4.4.0.124C/assets/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme-q2-b33159883934fe3a96afb2cb9740f2a9.css
cdn1.onlineaccess1.com/cdn/depot/5123_Test__/304/7aa2b9cd77837554154830c28b583fe6/assets/ |
1 MB 143 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tecton-590048df214033d1c1591d552a32c9af.css
cdn1.onlineaccess1.com/cdn/base/4.4.0.124C/assets/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
35 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ncua_logo_small-522fff694e01c333db64c939a8e1f17d.png
cdn1.onlineaccess1.com/cdn/depot/5123_Test__/304/7aa2b9cd77837554154830c28b583fe6/assets/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 913 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-8c469eb87d20466873ce51f82e83e518.png
cdn1.onlineaccess1.com/cdn/depot/5123_Test__/304/7aa2b9cd77837554154830c28b583fe6/assets/images/logos/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OpenSans-Regular.woff
cdn1.onlineaccess1.com/cdn/base/4.4.0.124C/assets/fonts/OpenSans/ |
24 KB 25 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontello.woff2
cdn1.onlineaccess1.com/cdn/depot/5123_Test__/304/7aa2b9cd77837554154830c28b583fe6/assets/fonts/ |
34 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OpenSans-Semibold.woff
cdn1.onlineaccess1.com/cdn/base/4.4.0.124C/assets/fonts/OpenSans/ |
24 KB 25 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-ebadff0d34edf108a19e69c9d85d341d.ico
cdn1.onlineaccess1.com/cdn/depot/5123_Test__/304/7aa2b9cd77837554154830c28b583fe6/assets/images/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mhtml.blink
- URL
- cid:css-33f78766-cfc2-46f6-8f00-528134bfc3e3@mhtml.blink
- Domain
- mhtml.blink
- URL
- cid:css-82037456-a503-440d-a320-7d486cb79338@mhtml.blink
- Domain
- mhtml.blink
- URL
- cid:css-5a6c6648-f32b-4f2a-995c-1ff20b1325ef@mhtml.blink
- Domain
- mhtml.blink
- URL
- cid:css-69aad04c-5e12-423e-b569-bdb6fd1722c0@mhtml.blink
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OnPoint Community Credit Union (Financial)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.onlineaccess1.com/ | Name: __cfruid Value: 41efc4a1a2cf87282a820658a02692c7c649a911-1719563835 |
|
cdn1.onlineaccess1.com/ | Name: __cflb Value: 02DiuDJZwTATiSnybBeVDKjTCUZYfphxGFd45wYa6A4eU |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn1.onlineaccess1.com
fonts.googleapis.com
mhtml.blink
onpointz.duckdns.org
mhtml.blink
178.128.252.140
192.0.54.4
2a00:1450:4001:830::200a
04330ffee350c99dd47276ea9e40ff460069f7fe0bd71ab3fa6aa33b5583af39
15d83a51b60396d427c6ddc25d9730980297f17d7c3fe2a5dcb32c1a1b691300
4483497438628f7ffef13d13a3101e9e169f69109b1655206398a1e033dfcf31
4a1060c3e1c734b812e7ca9380f621304fbec44ab9564dbb480caa9cb7828c0a
5962b5a5dcd77571f10ecf2dec093f9c6378571d6febe84daa64590605a8554b
5aaa8f13900c90fb79456072f2fe99960f9506f642c87cbc96e1851cd54c2fa2
5e335db7f8ef9f87be9dcc9c56f071d27a7b5bbd9111cfcdabd6babe5eb4e968
62372f054e22221b146ae621435675715fcf7ae53b557a34570247e80a172c4a
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
95915582ecc56aa27829e7bd118b423f09cba0856ce517fdcd82e4e05726e6e6
9f1569ee2a7a51c32b4556926a95d5b9f7dee295a4757ad5176459dffee36cb9
a055d762b41b75dedefaed72ad1c5efa297b9298368b4297c9571d9277760839
e1b77b72494cf192d3183013edec28c6d97a78bb3731c649ecd0ca9b716f4c43
fbb5d60b0e8fbf3ce2eeb2479ad9ef6744585303f9ee0bf27c62b35a0a2dc30a