Submitted URL: http://okta-cbhq.net/
Effective URL: https://okta-cbhq.net/oauth2/v1/authorize
Submission: On October 14 via manual from HK — Scanned from SE

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 24 HTTP transactions. The main IP is 80.78.28.247, located in Sweden and belongs to ABSTRACT, FI. The main domain is okta-cbhq.net.
TLS certificate: Issued by E5 on October 13th 2024. Valid for: 3 months.
This is the only time okta-cbhq.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Coinbase (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
10 80.78.28.247 39287 (ABSTRACT)
9 3.161.82.47 16509 (AMAZON-02)
2 99.83.213.230 16509 (AMAZON-02)
2 18.245.86.116 16509 (AMAZON-02)
24 5
Apex Domain
Subdomains
Transfer
11 oktacdn.com
ok7static.oktacdn.com — Cisco Umbrella Rank: 12039
ok2static.oktacdn.com — Cisco Umbrella Rank: 14764
417 KB
10 okta-cbhq.net
okta-cbhq.net
8 KB
2 okta.com
snapchat.okta.com
7 KB
24 3
Domain Requested by
10 okta-cbhq.net okta-cbhq.net
9 ok7static.oktacdn.com okta-cbhq.net
ok7static.oktacdn.com
2 ok2static.oktacdn.com okta-cbhq.net
2 snapchat.okta.com okta-cbhq.net
24 4

This site contains links to these domains. Also see Links.

Domain
snapchat.okta.com
www.okta.com
Subject Issuer Validity Valid
okta-cbhq.net
E5
2024-10-13 -
2025-01-11
3 months crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-15 -
2025-01-02
a year crt.sh
*.okta.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-12 -
2025-03-14
a year crt.sh

This page contains 1 frames:

Primary Page: https://okta-cbhq.net/oauth2/v1/authorize
Frame ID: 0C459CE9E0F8F47B5EC80F577319C371
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Coinbase - Sign In

Page URL History Show full URLs

  1. http://okta-cbhq.net/ HTTP 307
    https://okta-cbhq.net/ Page URL
  2. https://okta-cbhq.net/oauth2/v1/authorize Page URL

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

432 kB
Transfer

617 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://okta-cbhq.net/ HTTP 307
    https://okta-cbhq.net/ Page URL
  2. https://okta-cbhq.net/oauth2/v1/authorize Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://okta-cbhq.net/ HTTP 307
  • https://okta-cbhq.net/

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
okta-cbhq.net/
Redirect Chain
  • http://okta-cbhq.net/
  • https://okta-cbhq.net/
82 B
457 B
Document
General
Full URL
https://okta-cbhq.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.78.28.247 , Sweden, ASN39287 (ABSTRACT, FI),
Reverse DNS
504e1cf7.host.njalla.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7d7ab8c1e2e469539e0d85d2b2166238c71bfd40ae7a373babf3744fc89a0ef8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Disposition
inline; filename=index.html
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 14 Oct 2024 01:16:02 GMT
ETag
W/"1726525447.0-82-2956069772"
Last-Modified
Mon, 16 Sep 2024 22:24:07 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Location
https://okta-cbhq.net/
Non-Authoritative-Reason
HttpsUpgrades
init.js
okta-cbhq.net/static/js/
921 B
1 KB
Script
General
Full URL
https://okta-cbhq.net/static/js/init.js
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.78.28.247 , Sweden, ASN39287 (ABSTRACT, FI),
Reverse DNS
504e1cf7.host.njalla.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c8ff5a54213c5ac0146b1ffe36974b07113f9f7060f951d5f80b93befa3b03f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://okta-cbhq.net/

Response headers

Cache-Control
no-cache
ETag
"1726525437.0-921-2354842133"
Connection
keep-alive
Content-Length
921
Date
Mon, 14 Oct 2024 01:16:02 GMT
Last-Modified
Mon, 16 Sep 2024 22:23:57 GMT
Content-Type
text/javascript; charset=utf-8
Server
nginx/1.18.0 (Ubuntu)
Content-Disposition
inline; filename=init.js
create
okta-cbhq.net/api/v1/
63 B
226 B
Fetch
General
Full URL
https://okta-cbhq.net/api/v1/create
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/static/js/init.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.78.28.247 , Sweden, ASN39287 (ABSTRACT, FI),
Reverse DNS
504e1cf7.host.njalla.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d035b776ff8700a0c639b64530cac63c6564f8c08c2d27c882c2074bcaa6d5e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://okta-cbhq.net/

Response headers

Content-Length
63
Date
Mon, 14 Oct 2024 01:16:03 GMT
Content-Type
application/json
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
favicon.ico
okta-cbhq.net/
207 B
394 B
Other
General
Full URL
https://okta-cbhq.net/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.78.28.247 , Sweden, ASN39287 (ABSTRACT, FI),
Reverse DNS
504e1cf7.host.njalla.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://okta-cbhq.net/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Date
Mon, 14 Oct 2024 01:16:02 GMT
Content-Type
text/html; charset=utf-8
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
user
okta-cbhq.net/api/v1/
96 B
259 B
Fetch
General
Full URL
https://okta-cbhq.net/api/v1/user
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/static/js/init.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.78.28.247 , Sweden, ASN39287 (ABSTRACT, FI),
Reverse DNS
504e1cf7.host.njalla.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9091a86f03306d6c8fbfceb3626f00d70f220106ab0c90a044ffb08c3aafe96e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Authorization
e0fddbecb67ca05b60c68cf2e00c4461214328edd018c084
Referer
https://okta-cbhq.net/

Response headers

Content-Length
96
Date
Mon, 14 Oct 2024 01:16:03 GMT
Content-Type
application/json
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Primary Request authorize
okta-cbhq.net/oauth2/v1/
11 KB
3 KB
Document
General
Full URL
https://okta-cbhq.net/oauth2/v1/authorize
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/static/js/init.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.78.28.247 , Sweden, ASN39287 (ABSTRACT, FI),
Reverse DNS
504e1cf7.host.njalla.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
517a572aeaa4489620a94a29aacf941509a8920ac27ad9f1926f5390ced401c6

Request headers

Referer
https://okta-cbhq.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Disposition
inline; filename=okta_signin.html
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 14 Oct 2024 01:16:03 GMT
ETag
W/"1728865246.0-11350-4285009418"
Last-Modified
Mon, 14 Oct 2024 00:20:46 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
okta-sign-in.min.css
ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.2/css/
218 KB
37 KB
Stylesheet
General
Full URL
https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.2/css/okta-sign-in.min.css
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/oauth2/v1/authorize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7738d992d1d1edb51bbf93d2c5100a778ae483529f923062ba711dff3f8ba500
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://okta-cbhq.net
Referer
https://okta-cbhq.net/

Response headers

content-encoding
gzip
etag
W/"4b1af4d1f10235c036028d485722bb83"
age
1264128
expires
Mon, 29 Sep 2025 10:07:15 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
gZbUdPgayXQU7TJfzNx79J1cMm65YZkRdV_fkRPh5w7hxJQS_cXtjg==
date
Sun, 29 Sep 2024 10:07:15 GMT
content-type
text/css
last-modified
Thu, 05 Sep 2024 05:07:18 GMT
vary
Accept-Encoding
strict-transport-security
max-age=315360000; includeSubDomains
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
via
1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-meta-sha1sum
9c6f82f7b63046904a943695254a4a284afb0bae
x-amz-cf-pop
FRA56-P10
server
nginx
loginpage-theme.c8c15f6857642c257bcd94823d968bb1.css
ok7static.oktacdn.com/assets/loginpage/css/
7 KB
3 KB
Stylesheet
General
Full URL
https://ok7static.oktacdn.com/assets/loginpage/css/loginpage-theme.c8c15f6857642c257bcd94823d968bb1.css
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/oauth2/v1/authorize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a9966a22000716a17f6a350b2d200e6638f3cb672021e57976cee906cacab021
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://okta-cbhq.net/

Response headers

content-encoding
gzip
etag
W/"c8c15f6857642c257bcd94823d968bb1"
age
352732
expires
Thu, 09 Oct 2025 23:17:11 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
FjrZ0rZUTqfTql1uLD7qQ2yZku7V8e-NXL2PLC7hrzd4b0_zRUfycA==
date
Wed, 09 Oct 2024 23:17:11 GMT
content-type
text/css
last-modified
Tue, 06 Aug 2024 23:01:53 GMT
vary
Accept-Encoding
strict-transport-security
max-age=315360000; includeSubDomains
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
via
1.1 9c8021538470ab47dffa34921d0b4aca.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-meta-sha1sum
9bcc52e2f521518405982468701a635fac1aef72
x-amz-cf-pop
FRA56-P10
server
nginx
style-sheet
snapchat.okta.com/api/internal/brand/theme/
556 B
2 KB
Stylesheet
General
Full URL
https://snapchat.okta.com/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/oauth2/v1/authorize
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.213.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9fda6e8074f1dfbe.awsglobalaccelerator.com
Software
nginx /
Resource Hash
9af30b5e4695010f9be253f861784e638c81274ca0390214629886029ca9b509
Security Headers
Name Value
Content-Security-Policy default-src 'self' snapchat.okta.com *.oktacdn.com; connect-src 'self' snapchat.okta.com snapchat-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com snapchat.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' snapchat.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' snapchat.okta.com *.oktacdn.com; frame-src 'self' snapchat.okta.com snapchat-admin.okta.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' snapchat.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' snapchat.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://okta-cbhq.net/

Response headers

content-encoding
gzip
x-rate-limit-limit
2400
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 01:16:03 GMT
p3p
CP="HONK"
date
Mon, 14 Oct 2024 01:16:03 GMT
x-rate-limit-remaining
2395
content-type
text/css
vary
Accept-Encoding
x-okta-request-id
8bcaffb1c74e6e1643f1176aa05078c1
strict-transport-security
max-age=315360000; includeSubDomains
content-security-policy
default-src 'self' snapchat.okta.com *.oktacdn.com; connect-src 'self' snapchat.okta.com snapchat-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com snapchat.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' snapchat.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' snapchat.okta.com *.oktacdn.com; frame-src 'self' snapchat.okta.com snapchat-admin.okta.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' snapchat.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' snapchat.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
cache-control
max-age=31536000, must-revalidate
x-rate-limit-reset
1728868576
accept-ch
Sec-CH-UA-Platform-Version
referrer-policy
strict-origin-when-cross-origin
x-xss-protection
0
server
nginx
okta-logo-end-user-dashboard.fc6d8fdbcb8cb4c933d009e71456cec6.svg
ok7static.oktacdn.com/assets/img/logos/
958 B
1 KB
Image
General
Full URL
https://ok7static.oktacdn.com/assets/img/logos/okta-logo-end-user-dashboard.fc6d8fdbcb8cb4c933d009e71456cec6.svg
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/oauth2/v1/authorize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
3f3891aeaf25fec84fcdd3bb35e1c7900df90bd81262bddfe5b7519accfb3a97
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://okta-cbhq.net/

Response headers

etag
"fc6d8fdbcb8cb4c933d009e71456cec6"
age
1510297
expires
Fri, 26 Sep 2025 13:44:26 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
KzBKb7VnlXr0hqLV_lqYEn8aqd99VaIO09l-EY0AGG6glr1_0EVGsA==
date
Thu, 26 Sep 2024 13:44:47 GMT
content-type
image/svg+xml
last-modified
Wed, 02 Dec 2020 01:08:51 GMT
strict-transport-security
max-age=315360000; includeSubDomains
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
via
1.1 9c8021538470ab47dffa34921d0b4aca.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
958
x-amz-cf-pop
FRA56-P10
server
nginx
fs0r7c0fg5KOrEgMz0x7
ok2static.oktacdn.com/fs/bco/1/
5 KB
5 KB
Image
General
Full URL
https://ok2static.oktacdn.com/fs/bco/1/fs0r7c0fg5KOrEgMz0x7
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/oauth2/v1/authorize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-116.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
fb0c76594006b2f096ea63598d73387e23424ea3751ee8a30799fd70933ec675
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://okta-cbhq.net/

Response headers

etag
"06e26843f72b9355c99685572a72784c"
age
334443
expires
Fri, 10 Oct 2025 04:22:00 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
PR52v4NgNmBpE9PEw-P1Q-hRPTTQ6CN8SmHYnWWiMW8MsKBnr6Vc3Q==
date
Thu, 10 Oct 2024 04:22:00 GMT
content-type
image/png
last-modified
Fri, 09 Apr 2021 17:00:02 GMT
strict-transport-security
max-age=315360000; includeSubDomains
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
via
1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
5060
x-amz-cf-pop
FRA60-P6
server
nginx
fs0thv2xqxSCju5tm357
ok7static.oktacdn.com/fs/bco/1/
6 KB
6 KB
Image
General
Full URL
https://ok7static.oktacdn.com/fs/bco/1/fs0thv2xqxSCju5tm357
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/oauth2/v1/authorize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
19ee041662655fb3e8b6670032fd7bdcab6f63e4f898ae3130d4f89e286af58a
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://okta-cbhq.net/

Response headers

etag
"4a4396e872522831811a5058f1d26d14"
age
508689
expires
Wed, 08 Oct 2025 03:57:54 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
Zx-jI3Me4wYuIhQzcJXjdQfnRSxk0iDZuKhc76zOLaFJxsVncIaQbg==
date
Tue, 08 Oct 2024 03:57:54 GMT
content-type
image/png
last-modified
Tue, 27 Jun 2023 05:21:46 GMT
strict-transport-security
max-age=315360000; includeSubDomains
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
via
1.1 9c8021538470ab47dffa34921d0b4aca.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
5887
x-amz-cf-pop
FRA56-P10
server
nginx
poll.js
okta-cbhq.net/static/js/
940 B
1 KB
Script
General
Full URL
https://okta-cbhq.net/static/js/poll.js
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/oauth2/v1/authorize
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.78.28.247 , Sweden, ASN39287 (ABSTRACT, FI),
Reverse DNS
504e1cf7.host.njalla.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e534b01f04ad4721f7cde5e173a1098ae537d0f84a30d908d0eddae6a2fc4514

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://okta-cbhq.net/oauth2/v1/authorize

Response headers

Cache-Control
no-cache
ETag
"1726525573.0-940-2357332504"
Connection
keep-alive
Content-Length
940
Date
Mon, 14 Oct 2024 01:16:03 GMT
Last-Modified
Mon, 16 Sep 2024 22:26:13 GMT
Content-Type
text/javascript; charset=utf-8
Server
nginx/1.18.0 (Ubuntu)
Content-Disposition
inline; filename=poll.js
fs0vwr2kotJeSF1Mu0x7
ok2static.oktacdn.com/fs/bco/7/
96 KB
97 KB
Image
General
Full URL
https://ok2static.oktacdn.com/fs/bco/7/fs0vwr2kotJeSF1Mu0x7
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/oauth2/v1/authorize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-116.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ed8a15b98233029ffb7215fabd5850d6e696cc5ebbd47e095bcdafaffdfc89e0
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://okta-cbhq.net/

Response headers

etag
"572519f4091989edaf73904ddb20126f"
age
517287
expires
Wed, 08 Oct 2025 01:34:36 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
tBqjAL2BJAG6eUWUkpjful6vIdEXZsJo9Y8VtiFY3-YmqPGB_fK8cg==
date
Tue, 08 Oct 2024 01:34:36 GMT
content-type
image/jpeg
last-modified
Mon, 27 Jun 2022 16:09:16 GMT
strict-transport-security
max-age=315360000; includeSubDomains
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
via
1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
98305
x-amz-cf-pop
FRA60-P6
server
nginx
checkbox-sign-in-widget.png
ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.2/img/ui/forms/
3 KB
4 KB
Image
General
Full URL
https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.2/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: ok7static.oktacdn.com
URL: https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.2/css/okta-sign-in.min.css

Response headers

etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
age
1264127
expires
Mon, 29 Sep 2025 10:07:16 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
L0LvjDmDuwdyEdeC4BzepS6T5649bU5k5URFyxBrHgESd2-geFJsDA==
date
Sun, 29 Sep 2024 10:07:16 GMT
content-type
image/png
last-modified
Thu, 05 Sep 2024 05:08:24 GMT
strict-transport-security
max-age=315360000; includeSubDomains
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
via
1.1 9c8021538470ab47dffa34921d0b4aca.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-sha1sum
e0bb021ffdf93c68fef44de2a3b08f378b6fb50a
content-length
3141
x-amz-cf-pop
FRA56-P10
server
nginx
Aeonik-Regular.c672e6fbaa411f5719f3.woff2
ok7static.oktacdn.com/assets/loginpage/font/assets/
42 KB
42 KB
Font
General
Full URL
https://ok7static.oktacdn.com/assets/loginpage/font/assets/Aeonik-Regular.c672e6fbaa411f5719f3.woff2
Requested by
Host: ok7static.oktacdn.com
URL: https://ok7static.oktacdn.com/assets/loginpage/css/loginpage-theme.c8c15f6857642c257bcd94823d968bb1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
419a069f2859715998ec2beda0659052f7e22469385cc25011c7ecbb97266719
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://okta-cbhq.net
Referer
https://ok7static.oktacdn.com/assets/loginpage/css/loginpage-theme.c8c15f6857642c257bcd94823d968bb1.css

Response headers

etag
"f37dd71e272c2e2a491b7f3e0bc3bc3b"
age
493346
expires
Wed, 08 Oct 2025 08:13:37 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
7L0XoOa9ao9oob7wY48n4d3YFSVWZq5qsYj52Ehja9EeOcDEury8_Q==
date
Tue, 08 Oct 2024 08:13:37 GMT
content-type
application/font-woff2
last-modified
Thu, 09 Nov 2023 00:35:08 GMT
strict-transport-security
max-age=315360000; includeSubDomains
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
via
1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-sha1sum
74824da964c79c9acfb73d1f9501f6d2eeeb4373
content-length
42632
x-amz-cf-pop
FRA56-P10
server
nginx
Inter-SemiBold.b5f0f109bc88052d4000.woff2
ok7static.oktacdn.com/assets/loginpage/font/assets/
103 KB
104 KB
Font
General
Full URL
https://ok7static.oktacdn.com/assets/loginpage/font/assets/Inter-SemiBold.b5f0f109bc88052d4000.woff2
Requested by
Host: ok7static.oktacdn.com
URL: https://ok7static.oktacdn.com/assets/loginpage/css/loginpage-theme.c8c15f6857642c257bcd94823d968bb1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://okta-cbhq.net
Referer
https://ok7static.oktacdn.com/assets/loginpage/css/loginpage-theme.c8c15f6857642c257bcd94823d968bb1.css

Response headers

etag
"007ad31a53f4ab3f58ee74f2308482ce"
age
1498219
expires
Fri, 26 Sep 2025 17:05:44 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
9rPJRe-I60-exGocUGepnG0TlucKLixsRPQrewBKSjDu900h6bfcMw==
date
Thu, 26 Sep 2024 17:05:51 GMT
content-type
application/font-woff2
last-modified
Thu, 09 Nov 2023 00:34:19 GMT
strict-transport-security
max-age=315360000; includeSubDomains
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
via
1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-sha1sum
dfa9f8f3d79bf8a0001fe72eeadad0490cba59cc
content-length
105804
x-amz-cf-pop
FRA56-P10
server
nginx
Inter-Regular.c8ba52b05a9ef10f4758.woff2
ok7static.oktacdn.com/assets/loginpage/font/assets/
97 KB
97 KB
Font
General
Full URL
https://ok7static.oktacdn.com/assets/loginpage/font/assets/Inter-Regular.c8ba52b05a9ef10f4758.woff2
Requested by
Host: ok7static.oktacdn.com
URL: https://ok7static.oktacdn.com/assets/loginpage/css/loginpage-theme.c8c15f6857642c257bcd94823d968bb1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://okta-cbhq.net
Referer
https://ok7static.oktacdn.com/assets/loginpage/css/loginpage-theme.c8c15f6857642c257bcd94823d968bb1.css

Response headers

etag
"dc131113894217b5031000575d9de002"
age
1221477
expires
Mon, 29 Sep 2025 21:58:06 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
DfID0ikXswCBcQYKj3el00iCU7-Uu0IF5jju1rcAheO5Ha6H_34wvw==
date
Sun, 29 Sep 2024 21:58:06 GMT
content-type
application/font-woff2
last-modified
Thu, 09 Nov 2023 00:35:08 GMT
strict-transport-security
max-age=315360000; includeSubDomains
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
via
1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-sha1sum
f96348260751ea78b1d23e9557db297290bdaf28
content-length
98868
x-amz-cf-pop
FRA56-P10
server
nginx
okticon.woff
ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.2/font/
20 KB
21 KB
Font
General
Full URL
https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.2/font/okticon.woff
Requested by
Host: ok7static.oktacdn.com
URL: https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://okta-cbhq.net
Referer
https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.2/css/okta-sign-in.min.css

Response headers

etag
"db28723126138387cdf40680e6e0fa5d"
age
38950
expires
Mon, 13 Oct 2025 14:26:53 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
w3Kb5KhveM4hn_7tRoe8FPM1__i6Z0ZfMss0Bh7tCfFKfOhmw-j41A==
date
Sun, 13 Oct 2024 14:26:53 GMT
content-type
application/font-woff
last-modified
Thu, 05 Sep 2024 05:08:17 GMT
strict-transport-security
max-age=315360000; includeSubDomains
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
via
1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-sha1sum
4d706297987d613a4e3f4f23d08c62d16830845d
content-length
20600
x-amz-cf-pop
FRA56-P10
server
nginx
favicon.ico
snapchat.okta.com/
5 KB
6 KB
Other
General
Full URL
https://snapchat.okta.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.213.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9fda6e8074f1dfbe.awsglobalaccelerator.com
Software
nginx /
Resource Hash
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://okta-cbhq.net/

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
x-robots-tag
noindex,nofollow
etag
W/"5430-1728493936000"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
5430
date
Mon, 14 Oct 2024 01:16:04 GMT
content-type
image/x-icon
last-modified
Wed, 09 Oct 2024 17:12:16 GMT
server
nginx
user
okta-cbhq.net/api/v1/
96 B
259 B
Fetch
General
Full URL
https://okta-cbhq.net/api/v1/user
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/static/js/poll.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.78.28.247 , Sweden, ASN39287 (ABSTRACT, FI),
Reverse DNS
504e1cf7.host.njalla.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9a66c96602e4e77d40a7acdeb703995506ea5af7746c6afa3ee6d67fcd2d6ed9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Authorization
e0fddbecb67ca05b60c68cf2e00c4461214328edd018c084
Referer
https://okta-cbhq.net/oauth2/v1/authorize

Response headers

Content-Length
96
Date
Mon, 14 Oct 2024 01:16:04 GMT
Content-Type
application/json
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
user
okta-cbhq.net/api/v1/
96 B
259 B
Fetch
General
Full URL
https://okta-cbhq.net/api/v1/user
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/static/js/poll.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.78.28.247 , Sweden, ASN39287 (ABSTRACT, FI),
Reverse DNS
504e1cf7.host.njalla.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
726ccffbab0a2c5fe59cb9efa2c7496024fb9449e630fc69843921b2db354984

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Authorization
e0fddbecb67ca05b60c68cf2e00c4461214328edd018c084
Referer
https://okta-cbhq.net/oauth2/v1/authorize

Response headers

Content-Length
96
Date
Mon, 14 Oct 2024 01:16:05 GMT
Content-Type
application/json
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
user
okta-cbhq.net/api/v1/
96 B
259 B
Fetch
General
Full URL
https://okta-cbhq.net/api/v1/user
Requested by
Host: okta-cbhq.net
URL: https://okta-cbhq.net/static/js/poll.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.78.28.247 , Sweden, ASN39287 (ABSTRACT, FI),
Reverse DNS
504e1cf7.host.njalla.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
936ce8b43e18d35ff57060748dada899e4b520df7a6ff7b063b110bc6df12fa8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Authorization
e0fddbecb67ca05b60c68cf2e00c4461214328edd018c084
Referer
https://okta-cbhq.net/oauth2/v1/authorize

Response headers

Content-Length
96
Date
Mon, 14 Oct 2024 01:16:06 GMT
Content-Type
application/json
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
user
okta-cbhq.net/api/v1/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
okta-cbhq.net
URL
https://okta-cbhq.net/api/v1/user

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Coinbase (Crypto Exchange)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| createSession function| getUser function| authenticate function| main

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://okta-cbhq.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (NOT FOUND)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ok2static.oktacdn.com
ok7static.oktacdn.com
okta-cbhq.net
snapchat.okta.com
okta-cbhq.net
18.245.86.116
3.161.82.47
80.78.28.247
99.83.213.230
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
19ee041662655fb3e8b6670032fd7bdcab6f63e4f898ae3130d4f89e286af58a
3f3891aeaf25fec84fcdd3bb35e1c7900df90bd81262bddfe5b7519accfb3a97
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
419a069f2859715998ec2beda0659052f7e22469385cc25011c7ecbb97266719
517a572aeaa4489620a94a29aacf941509a8920ac27ad9f1926f5390ced401c6
726ccffbab0a2c5fe59cb9efa2c7496024fb9449e630fc69843921b2db354984
7738d992d1d1edb51bbf93d2c5100a778ae483529f923062ba711dff3f8ba500
7d7ab8c1e2e469539e0d85d2b2166238c71bfd40ae7a373babf3744fc89a0ef8
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
9091a86f03306d6c8fbfceb3626f00d70f220106ab0c90a044ffb08c3aafe96e
936ce8b43e18d35ff57060748dada899e4b520df7a6ff7b063b110bc6df12fa8
9a66c96602e4e77d40a7acdeb703995506ea5af7746c6afa3ee6d67fcd2d6ed9
9af30b5e4695010f9be253f861784e638c81274ca0390214629886029ca9b509
a9966a22000716a17f6a350b2d200e6638f3cb672021e57976cee906cacab021
c8ff5a54213c5ac0146b1ffe36974b07113f9f7060f951d5f80b93befa3b03f2
d035b776ff8700a0c639b64530cac63c6564f8c08c2d27c882c2074bcaa6d5e9
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
e534b01f04ad4721f7cde5e173a1098ae537d0f84a30d908d0eddae6a2fc4514
e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80
ed8a15b98233029ffb7215fabd5850d6e696cc5ebbd47e095bcdafaffdfc89e0
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa
fb0c76594006b2f096ea63598d73387e23424ea3751ee8a30799fd70933ec675