secure-direct.otzo.com
Open in
urlscan Pro
34.150.172.137
Malicious Activity!
Public Scan
Effective URL: https://secure-direct.otzo.com/
Submission: On May 02 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 30th 2022. Valid for: 3 months.
This is the only time secure-direct.otzo.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Suncoast Credit Union (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 10 | 34.150.172.137 34.150.172.137 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
9 | 1 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.172.150.34.bc.googleusercontent.com
secure-direct.otzo.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
otzo.com
1 redirects
secure-direct.otzo.com |
1 MB |
9 | 1 |
Domain | Requested by | |
---|---|---|
10 | secure-direct.otzo.com |
1 redirects
secure-direct.otzo.com
|
9 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
secure-direct.otzo.com cPanel, Inc. Certification Authority |
2022-04-30 - 2022-07-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://secure-direct.otzo.com/
Frame ID: 032FBAE22E4212C7B71883CAF00E1A7D
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
Suncoast Credit UnionPage URL History Show full URLs
-
http://secure-direct.otzo.com/
HTTP 301
https://secure-direct.otzo.com/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://secure-direct.otzo.com/
HTTP 301
https://secure-direct.otzo.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
secure-direct.otzo.com/ Redirect Chain
|
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s1.png
secure-direct.otzo.com/images/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s2.png
secure-direct.otzo.com/images/ |
694 KB 694 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s3.png
secure-direct.otzo.com/images/ |
52 KB 52 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s4.png
secure-direct.otzo.com/images/ |
75 KB 75 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s5.png
secure-direct.otzo.com/images/ |
150 KB 150 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s6.png
secure-direct.otzo.com/images/ |
82 KB 82 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s7.png
secure-direct.otzo.com/images/ |
99 KB 100 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s9.png
secure-direct.otzo.com/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Suncoast Credit Union (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
secure-direct.otzo.com
34.150.172.137
20dadde23b187d1620841d1f5df62bc381ef10341e5eebf9caecd16185fc1ef9
665f5116b2ca6c8ebb58747c260aa419d9b5b0411ff194d8fb0ff2a9460840e4
7327ffd002679ac9822df7592576e6e8aafdc84f4434cd6987f05b44da5a72a5
85c497b620d83ec65413d9eac58bc967c726aac2674e4dc4a76bad1557f89a71
a8601871777ca97a7cb283444dfe016b90331efb9bcac89751401d126240ead4
ac234d092cd635a5ca23ca7bc84e5f7188312b877a3a9bc07cbb213899a174f4
ad90a7105edb4dbb4f04e47544a2dc9bd00e199a883ebdc21d94fdf5647ca0db
bab4cd64dcb5bb011f8517f65ec19342b0a6b7c81d138d25ec177b9622af27d2
f9a7e8d5b191361f2f66b72e44a67af0ca2f31b16f07a8bd29e709a5d8d1d285