onpoinstdev.com Open in urlscan Pro
2606:4700:3032::ac43:a816  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response onpoinstdev.com/	55 KB 10 KB	410ms 344ms	Document text/html	2606:4700:3032::ac43:a816 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://onpoinstdev.com/ Protocol HTTP/1.1 Server 2606:4700:3032::ac43:a816 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa1029b5f6d4ecac32dc4cb30f585ec76e0dbbef1c29f77ab18488b8eff8ccf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Age 676 CF-Cache-Status DYNAMIC CF-RAY 760b1c83db62e65c-LHR Cache-Control max-age=0, private, must-revalidate, max-age=0, must-revalidate, no-cache, no-store, private Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 27 Oct 2022 11:32:29 GMT Expires Thu, 27 Oct 2022 11:21:13 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Pragma no-cache Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Vfm8ndJzel7clod%2Fr%2B%2BGNZ1MuUaXtx0mGe6vVu4osHGk2no8m9KajHMeaRKOPzbLdNMeFygjdYRE3LeOfzghNbeADwoIwliph5uaFL2zSt0E72rXvEkp87t5gAERT3QpgxpZmtxDvJR%2F9QP9S4%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding X-BKSrc 0.5 X-Cache HIT X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	b8f1a967-183f-40d5-9d1b-0b355ad02cc0.css d282ykz6vx01th.cloudfront.net/b8/f1/	666 KB 61 KB	149ms 72ms	Stylesheet text/css	13.225.84.192 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d282ykz6vx01th.cloudfront.net/b8/f1/b8f1a967-183f-40d5-9d1b-0b355ad02cc0.css Requested by Host: onpoinstdev.com URL: http://onpoinstdev.com/ Protocol HTTP/1.1 Server 13.225.84.192 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-192.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 8a81840976528920528eb4e0d43ea18556b527b26680c3eab73fca2aa68f1159 Request headers accept-language en-GB,en;q=0.9 Referer http://onpoinstdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Thu, 27 Oct 2022 11:21:33 GMT Content-Encoding gzip Via 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C2 Age 657 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Thu, 27 Oct 2022 11:20:46 GMT Server AmazonS3 ETag W/"e245af9f0f93e6547921a5b794b6d984" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=315360000, public X-Amz-Cf-Id wsF2vXWkJuV8BesIvxaFo0Efuya7kWrLmiIn0YorpoxWI9JtwpglSw== Expires Sun, 24 Oct 2032 12:20:45 GMT
GET H/1.1	200 OK	photo-swipe.css d3b4n3yyoc8n59.cloudfront.net/632f533507/compiled/	14 KB 5 KB	135ms 52ms	Stylesheet text/css	2600:9000:2315:ca00:1d:272c:cb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d3b4n3yyoc8n59.cloudfront.net/632f533507/compiled/photo-swipe.css Requested by Host: onpoinstdev.com URL: http://onpoinstdev.com/ Protocol HTTP/1.1 Server 2600:9000:2315:ca00:1d:272c:cb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 0f99afca623dcb8b1d842752cc0d351a56ed3cd2c1445830d9e1b4c6844d00d7 Request headers accept-language en-GB,en;q=0.9 Referer http://onpoinstdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 16:30:08 GMT Content-Encoding gzip Via 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront) X-Amz-Cf-Pop DUS51-P2 Age 68759 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive X-BKSrc 0.5 Last-Modified Wed, 26 Oct 2022 15:55:34 GMT Server openresty Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=31536000 X-Amz-Cf-Id UHvi_sJD-dv1QfCw1LhDoVNPTS3-yP9kLkCgZoJvdzQQKNu4NamhdQ== Expires Thu, 26 Oct 2023 16:26:30 GMT
GET H/1.1	200 OK	a84788e9-3896-4a13-ae58-61bff028733e.png d2f0ora2gkri0g.cloudfront.net/a8/47/	3 KB 4 KB	125ms 51ms	Image image/png	108.157.4.8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://d2f0ora2gkri0g.cloudfront.net/a8/47/a84788e9-3896-4a13-ae58-61bff028733e.png Requested by Host: onpoinstdev.com URL: http://onpoinstdev.com/ Protocol HTTP/1.1 Server 108.157.4.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-8.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash ed518261972445f0ec39ea427d6d083ed69fffbc5e601d2b8f12cc659ef1d87e Request headers accept-language en-GB,en;q=0.9 Referer http://onpoinstdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Thu, 27 Oct 2022 11:10:43 GMT Via 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront) Last-Modified Thu, 27 Oct 2022 11:06:43 GMT Server AmazonS3 X-Amz-Cf-Pop DUS51-P2 Age 1308 ETag "a12c6571a7a73afdb8338bf201be858a" X-Cache Hit from cloudfront Content-Type image/png Cache-Control max-age=315360000, public Connection keep-alive Accept-Ranges bytes Content-Length 3464 X-Amz-Cf-Id ydKTur6Z1NldPVFG0L_W_ODBdvJuLMQOgXbNLBL-STE-RhCxJjZ1tQ== Expires Sun, 24 Oct 2032 12:06:42 GMT
GET H/1.1	200 OK	translations.js Show response d3b4n3yyoc8n59.cloudfront.net/ad9cb8a/en/	135 KB 38 KB	52ms 51ms	Script application/javascript	2600:9000:2315:ca00:1d:272c:cb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d3b4n3yyoc8n59.cloudfront.net/ad9cb8a/en/translations.js?sections=widgets,mobile,shared_views,shared_components Requested by Host: onpoinstdev.com URL: http://onpoinstdev.com/ Protocol HTTP/1.1 Server 2600:9000:2315:ca00:1d:272c:cb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 17e85151cec89da04873d35ecf672d2444c8198aa5abdbf7d9fe2ed8f6c5404b Request headers accept-language en-GB,en;q=0.9 Referer http://onpoinstdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 17:09:04 GMT Content-Encoding gzip Via 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront) X-Amz-Cf-Pop DUS51-P2 Age 68407 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Pragma public X-BKSrc 0.5 Server openresty Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000, public X-Amz-Cf-Id NGwR96TblNtZhM2Qwa8zozGb7dsRwOBXTc76yweZyTmyQt6-VPAa4g== Expires Thu, 26 Oct 2023 16:32:22 GMT
GET H/1.1	200 OK	published-v10-site-libs.js Show response d3b4n3yyoc8n59.cloudfront.net/632f533507/compiled/	537 KB 181 KB	77ms 51ms	Script application/javascript	2600:9000:2315:ca00:1d:272c:cb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d3b4n3yyoc8n59.cloudfront.net/632f533507/compiled/published-v10-site-libs.js Requested by Host: onpoinstdev.com URL: http://onpoinstdev.com/ Protocol HTTP/1.1 Server 2600:9000:2315:ca00:1d:272c:cb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 1616916c8f1f4378a2dec7a242d58e0c912872b219641d9568c9a4387c0f9d8c Request headers accept-language en-GB,en;q=0.9 Referer http://onpoinstdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 17:09:05 GMT Content-Encoding gzip Via 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront) X-Amz-Cf-Pop DUS51-P2 Age 68726 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive X-BKSrc 0.5 Last-Modified Wed, 26 Oct 2022 15:56:36 GMT Server openresty Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 X-Amz-Cf-Id VXl8DUK_o0uT_i6lOK8hEgHhCQNif1n-1M6SMN77zh1DdEGdy8gpFQ== Expires Thu, 26 Oct 2023 16:27:03 GMT
GET H/1.1	200 OK	published-v8-site.js Show response d3b4n3yyoc8n59.cloudfront.net/632f533507/compiled/	211 KB 65 KB	51ms 51ms	Script application/javascript	2600:9000:2315:ca00:1d:272c:cb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d3b4n3yyoc8n59.cloudfront.net/632f533507/compiled/published-v8-site.js Requested by Host: onpoinstdev.com URL: http://onpoinstdev.com/ Protocol HTTP/1.1 Server 2600:9000:2315:ca00:1d:272c:cb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash c607934fec2c2c2e84bb7a26c652f734d33b3b2fffb1f7b2a09fab4dda018b50 Request headers accept-language en-GB,en;q=0.9 Referer http://onpoinstdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 16:30:09 GMT Content-Encoding gzip Via 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront) X-Amz-Cf-Pop DUS51-P2 Age 68725 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive X-BKSrc 0.5 Last-Modified Wed, 26 Oct 2022 15:56:41 GMT Server openresty Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 X-Amz-Cf-Id 7PKA2zjZVXS-e8i1H7t0mNl7jDJloi6Rhs3uuAg-d3iRqbz6GqYQPw== Expires Thu, 26 Oct 2023 16:27:04 GMT
GET H/1.1	200 OK	twig-widget-views-v2.js Show response d3b4n3yyoc8n59.cloudfront.net/632f533507/compiled/	149 KB 26 KB	51ms 51ms	Script application/javascript	2600:9000:2315:ca00:1d:272c:cb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d3b4n3yyoc8n59.cloudfront.net/632f533507/compiled/twig-widget-views-v2.js Requested by Host: onpoinstdev.com URL: http://onpoinstdev.com/ Protocol HTTP/1.1 Server 2600:9000:2315:ca00:1d:272c:cb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 50dba4bff70548de21d126d3af4c4db495f5ae60d8771e5ad6a581ae31892f75 Request headers accept-language en-GB,en;q=0.9 Referer http://onpoinstdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 16:30:08 GMT Content-Encoding gzip Via 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront) X-Amz-Cf-Pop DUS51-P2 Age 68759 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive X-BKSrc 0.5 Last-Modified Wed, 26 Oct 2022 15:55:54 GMT Server openresty Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 X-Amz-Cf-Id kkMBr8ohcN241C9aSIAPIRvu5NsaKU9RXAI8IIjvP25kSIM8zhsJ5g== Expires Thu, 26 Oct 2023 16:26:30 GMT
GET H/1.1	200 OK	scroll-out.js Show response d3b4n3yyoc8n59.cloudfront.net/632f533507/compiled/	4 KB 2 KB	100ms 51ms	Script application/javascript	2600:9000:2315:ca00:1d:272c:cb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d3b4n3yyoc8n59.cloudfront.net/632f533507/compiled/scroll-out.js Requested by Host: onpoinstdev.com URL: http://onpoinstdev.com/ Protocol HTTP/1.1 Server 2600:9000:2315:ca00:1d:272c:cb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 94737accc3751bceee403deb144f3e6528acd9411efdb7def8305706e507e9a6 Request headers accept-language en-GB,en;q=0.9 Referer http://onpoinstdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 17:07:05 GMT Content-Encoding gzip Via 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront) X-Amz-Cf-Pop DUS51-P2 Age 68760 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive X-BKSrc 0.5 Last-Modified Wed, 26 Oct 2022 15:56:39 GMT Server openresty Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 X-Amz-Cf-Id B7zBal4WOUOe-h10EREtcTSvl4-iez57OjKL10guFo25c-AZrTFYfg== Expires Thu, 26 Oct 2023 16:26:30 GMT
GET H2	200	css fonts.googleapis.com/	4 KB 1 KB	181ms 65ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,700 Requested by Host: d282ykz6vx01th.cloudfront.net URL: http://d282ykz6vx01th.cloudfront.net/b8/f1/b8f1a967-183f-40d5-9d1b-0b355ad02cc0.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer http://d282ykz6vx01th.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 27 Oct 2022 11:32:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 27 Oct 2022 11:04:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 27 Oct 2022 11:32:30 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	168ms 53ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://onpoinstdev.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 21 Oct 2022 13:14:53 GMT x-content-type-options nosniff age 512257 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 21 Oct 2023 13:14:53 GMT
GET H/1.1	200 OK	rubik.woff.json Show response d3b4n3yyoc8n59.cloudfront.net/632f533507/seven/fonts/	228 KB 174 KB	102ms 51ms	XHR application/json	2600:9000:2315:ca00:1d:272c:cb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d3b4n3yyoc8n59.cloudfront.net/632f533507/seven/fonts/rubik.woff.json Requested by Host: onpoinstdev.com URL: http://onpoinstdev.com/ Protocol HTTP/1.1 Server 2600:9000:2315:ca00:1d:272c:cb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash b0deab959f92d9e895f05b47f222c09633ab73370b6780a3c26029e21fd59165 Request headers accept-language en-GB,en;q=0.9 Referer http://onpoinstdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 21:56:56 GMT Content-Encoding gzip Via 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront) X-Amz-Cf-Pop DUS51-P2 Age 68570 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive X-BKSrc 0.5 Last-Modified Wed, 26 Oct 2022 15:54:58 GMT Server openresty Content-Type application/json Access-Control-Allow-Origin * Cache-Control max-age=31536000 X-Amz-Cf-Id ni-SN2JJHJak-_ElYA0E4h_Vta8tzxa2AcLYHEOc4yCFvYfcW-pGYg== Expires Thu, 26 Oct 2023 16:29:39 GMT
GET H/1.1	200 OK	playfair_display.woff.json Show response d3b4n3yyoc8n59.cloudfront.net/632f533507/seven/fonts/	111 KB 83 KB	102ms 51ms	XHR application/json	2600:9000:2315:ca00:1d:272c:cb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d3b4n3yyoc8n59.cloudfront.net/632f533507/seven/fonts/playfair_display.woff.json Requested by Host: onpoinstdev.com URL: http://onpoinstdev.com/ Protocol HTTP/1.1 Server 2600:9000:2315:ca00:1d:272c:cb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash a5b8e2b7dff3744a931cfd699a4569bb03da4e8b09804d4a2d70b1a37f41f81f Request headers accept-language en-GB,en;q=0.9 Referer http://onpoinstdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 21:56:56 GMT Content-Encoding gzip Via 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront) X-Amz-Cf-Pop DUS51-P2 Age 64400 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive X-BKSrc 0.5 Last-Modified Wed, 26 Oct 2022 15:54:58 GMT Server openresty Content-Type application/json Access-Control-Allow-Origin * Cache-Control max-age=31536000 X-Amz-Cf-Id IAyJhEyj_OF0z0fvigKKvmaO_LyPyHHsGaiIvJZXWb5eSFxmCabHNg== Expires Thu, 26 Oct 2023 17:39:10 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sharepoint (Online)

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| Brand object| App object| Server object| Profile undefined| $ undefined| jQuery function| bk$ object| BaseKit object| Twig object| goog object| twig object| __document_write_ajax_callbacks__ undefined| writeCapture function| _ object| Backbone object| Mn object| Marionette object| Cocktail function| PhotoSwipe function| PhotoSwipeUI_Default function| flatpickr object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| Bottle object| Site number| fallback function| ScrollOut object| navigationToggle object| ProfileModel string| key object| fontCollection

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d282ykz6vx01th.cloudfront.net
d2f0ora2gkri0g.cloudfront.net
d3b4n3yyoc8n59.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
onpoinstdev.com
108.157.4.8
13.225.84.192
2600:9000:2315:ca00:1d:272c:cb40:21
2606:4700:3032::ac43:a816
2a00:1450:4001:801::2003
2a00:1450:4001:80e::200a
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0f99afca623dcb8b1d842752cc0d351a56ed3cd2c1445830d9e1b4c6844d00d7
1616916c8f1f4378a2dec7a242d58e0c912872b219641d9568c9a4387c0f9d8c
17e85151cec89da04873d35ecf672d2444c8198aa5abdbf7d9fe2ed8f6c5404b
50dba4bff70548de21d126d3af4c4db495f5ae60d8771e5ad6a581ae31892f75
5fa1029b5f6d4ecac32dc4cb30f585ec76e0dbbef1c29f77ab18488b8eff8ccf
8a81840976528920528eb4e0d43ea18556b527b26680c3eab73fca2aa68f1159
94737accc3751bceee403deb144f3e6528acd9411efdb7def8305706e507e9a6
a5b8e2b7dff3744a931cfd699a4569bb03da4e8b09804d4a2d70b1a37f41f81f
b0deab959f92d9e895f05b47f222c09633ab73370b6780a3c26029e21fd59165
c607934fec2c2c2e84bb7a26c652f734d33b3b2fffb1f7b2a09fab4dda018b50
ed518261972445f0ec39ea427d6d083ed69fffbc5e601d2b8f12cc659ef1d87e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615