onyxphishing.org
Open in
urlscan Pro
172.67.215.8
Public Scan
Effective URL: https://onyxphishing.org/login/
Submission: On June 24 via api from TR — Scanned from DE
Summary
TLS certificate: Issued by WE1 on June 15th 2024. Valid for: 3 months.
This is the only time onyxphishing.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2606:4700:303... 2606:4700:3031::6815:32f8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 27 | 172.67.215.8 172.67.215.8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a04:4e42::485 2a04:4e42::485 | 54113 (FASTLY) (FASTLY) | |
27 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
onyxphishing.org
4 redirects
onyxphishing.org |
662 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381 |
57 KB |
27 | 2 |
Domain | Requested by | |
---|---|---|
29 | onyxphishing.org |
4 redirects
onyxphishing.org
|
2 | cdn.jsdelivr.net |
onyxphishing.org
|
27 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
onyxphishing.org WE1 |
2024-06-15 - 2024-09-13 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://onyxphishing.org/login/
Frame ID: 3B13857FBC0849056057B59010CDAEA6
Requests: 23 HTTP requests in this frame
Frame:
https://onyxphishing.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Frame ID: DD8EBB80EC976D20B0654367269AE1F2
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
Giriş Yap | Onyx Phising PanelPage URL History Show full URLs
-
https://onyxphishing.org/
HTTP 302
https://onyxphishing.org/login HTTP 301
http://onyxphishing.org/login/ HTTP 307
https://onyxphishing.org/login/ Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
OWL Carousel (Widgets) Expand
Detected patterns
- <link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
- owl\.carousel.*\.js
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://onyxphishing.org/
HTTP 302
https://onyxphishing.org/login HTTP 301
http://onyxphishing.org/login/ HTTP 307
https://onyxphishing.org/login/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 21- https://onyxphishing.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://onyxphishing.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
- https://onyxphishing.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://onyxphishing.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
onyxphishing.org/login/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
materialdesignicons.min.css
onyxphishing.org/assets/vendors/mdi/css/ |
172 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vendor.bundle.base.css
onyxphishing.org/assets/vendors/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-jvectormap.css
onyxphishing.org/assets/vendors/jvectormap/ |
6 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
flag-icon.min.css
onyxphishing.org/assets/vendors/flag-icon-css/css/ |
33 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
owl.carousel.min.css
onyxphishing.org/assets/vendors/owl-carousel-2/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
owl.theme.default.min.css
onyxphishing.org/assets/vendors/owl-carousel-2/ |
1013 B 953 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
onyxphishing.org/assets/css/ |
720 KB 74 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iziToast.min.css
cdn.jsdelivr.net/npm/izitoast/dist/css/ |
41 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
cdn.jsdelivr.net/gh/hung1001/font-awesome-pro@4cac1a6/css/ |
363 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rocket-loader.min.js
onyxphishing.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
onyx.jpg
onyxphishing.org/assets/images/ |
124 KB 124 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Rubik-Medium.ttf
onyxphishing.org/assets/fonts/Rubik/ |
133 KB 62 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Rubik-Regular.ttf
onyxphishing.org/assets/fonts/Rubik/ |
130 KB 61 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
materialdesignicons-webfont.woff2
onyxphishing.org/assets/vendors/mdi/fonts/ |
219 KB 220 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
snowfall.js
onyxphishing.org/assets/js/ |
10 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
todolist.js
onyxphishing.org/assets/js/ |
972 B 913 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
settings.js
onyxphishing.org/assets/js/ |
4 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
misc.js
onyxphishing.org/assets/js/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hoverable-collapse.js
onyxphishing.org/assets/js/ |
519 B 880 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
off-canvas.js
onyxphishing.org/assets/js/ |
185 B 637 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vendor.bundle.base.js
onyxphishing.org/assets/vendors/js/ |
181 KB 58 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
onyxphishing.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/ Frame DD8E Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
898ea0b58a7d5d79
onyxphishing.org/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame DD8E |
0 678 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
onyxphishing.org/ |
744 B 851 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
onyxphishing.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/ Frame DD8E Redirect Chain
|
8 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
898ea0b58a7d5d79
onyxphishing.org/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame DD8E |
0 679 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 undefined| event object| fence object| sharedStorage object| __cfQR function| $ function| jQuery number| uidEvent object| bootstrap function| PerfectScrollbar boolean| __cfRLUnblockHandlers2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
onyxphishing.org/ | Name: PHPSESSID Value: 8ka52brv41s99mvdfon052p7pe |
|
.onyxphishing.org/ | Name: cf_clearance Value: ZTTR2fVx_lQPYSrAnsDghzkVihP9QVqAR_W1Ao1DJMA-1719252139-1.0.1.1-Ul4jsZ6M2KCA3u7K2dhUospz7ndnCk8SQm0OtqRqg1gSytw0n8s2.80lHihdAiFlW5dPJ7iyYZwgXSXgkr3aLw |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
onyxphishing.org
172.67.215.8
2606:4700:3031::6815:32f8
2a04:4e42::485
0c93ef2613d2207307a8e91ceb6719e0c6e313c10e58860bdaca02a849b72b97
270c24d7594c69e712dfc5841b7bb167b5d9311d3c491e880c010fc245781a51
2d94d51ce44ac060c0337445a3a6a8954d3912cfcc561981b127e8ff17ed0b9b
2ff6d556d912ad50670b60fabe34ff2abd19bd058d83eede68bde0bd93d49708
30cce6685d7d021791e4d8faf556282595fe8ed814f29349a977d48652b8d96d
38fa4c1c62d8e03985674aef0dadea6613ca52ca8dc74ef899a8873f0fbd5c26
4622d8f57a4463b4b9fbf85d646dd2486345901669c2595fb4921c1a5b29f0c4
4b7ce9994125d7d22ef6dbdadb6cc9290ae92aaf63d59bf3af9619c646bc3486
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
59c3d4149227f84e2aa682cea0734bfe5a7f991b3c80820fac98865bf23371db
5b1dcc860ae3f7127cc092a26d288c5f6fcd9e27fd336b96cc48ab94a7fb8bc2
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
950f6fe06869da2cad3bdd64bc88bc9ed6746335ceaf0c0f6d4e7f5b85f01731
97899f2699e15c5db8d3390d6f14d5c0f61aba899b3eab327d6ee0f3d7f210c5
bca64d524d21f8f6305406003284d503b4ab74108e0a9e866695d6a5db052579
c3afbede6d686c5685d591a6ed8a18adc1edde8da48c4b589f8fcbe1256be63f
c4772e97742bb0756ab29709b59debdfbca546b640277ff1f86935b0a72eca7f
c81596913c0ea12ebabd652d0a50bb67add450720543108fff5dfe3837793215
ca18bb26ea08e6d0be7f92c9ccda4d243c1cf767876e07bac62ee6b74e41faa6
cc1dd76abe28078cd5a69ee986ccf3a3d7e74bd95d9fff16db7700daca37dcfb
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d27e980d821ec562661f24cab514474d7be86a742b5e915fa6c7efd21e77aaf9
daac3e2e53f7f08075ec4af0001b3f968c9457dda98978f8012914c2611f788d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855