![](/screenshots/25949d08-166e-438c-8ac1-bff406db3dda.png)
octodesign.gr
Open in
urlscan Pro
78.157.212.10
Malicious Activity!
Public Scan
Submission: On April 13 via automatic, source openphish
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on March 15th 2018. Valid for: 3 months.
This is the only time octodesign.gr was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Westpac (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 78.157.212.10 78.157.212.10 | 42831 (UKSERVERS...) (UKSERVERS-AS UK Dedicated Servers) | |
7 | 1 |
ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB)
PTR: bravo.cloudns.io
octodesign.gr |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
octodesign.gr
octodesign.gr |
42 KB |
7 | 1 |
Domain | Requested by | |
---|---|---|
7 | octodesign.gr |
octodesign.gr
|
7 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
octodesign.gr Let's Encrypt Authority X3 |
2018-03-15 - 2018-06-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://octodesign.gr/weedert/naje/asjdur/app/westpac/bank/step2.php?section=signinpage&update=&cookiecheck=yes&desation=nba/signin&accountopening/Application=&cookiecheck=yes&destinpage&update=&cookiecheck=
Frame ID: D1C80E9FAA0C43402B02BF6E8C221171
Requests: 7 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
step2.php
octodesign.gr/weedert/naje/asjdur/app/westpac/bank/ |
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w11.png
octodesign.gr/weedert/naje/asjdur/app/westpac/bank/images/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w12.png
octodesign.gr/weedert/naje/asjdur/app/westpac/bank/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w13.png
octodesign.gr/weedert/naje/asjdur/app/westpac/bank/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
octodesign.gr/weedert/naje/asjdur/app/westpac/bank/images/ |
962 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w14.png
octodesign.gr/weedert/naje/asjdur/app/westpac/bank/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
submit.png
octodesign.gr/weedert/naje/asjdur/app/westpac/bank/images/ |
686 B 818 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Westpac (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| unhideBody0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
octodesign.gr
78.157.212.10
1fc888b127dd9fca4927d5cb3c0bb0d05ce8c38cb41e385d4294f14c68cd14f5
534ce038c2d96fd751a0e1a49de51c1cd94cadbabd32339ecb8b80c23ed6236b
6cac435dd560f79f146677c3f5e496b9d1df597d104e275df7eca06868f4b1bc
8e45cd28373a54151cfda9e1ae013e7f3e827296118ee6a8c2bfdbf28b2944b5
a9b9ce47590a6d8fd75a8fd57bc14e4d58e8c40194795925f0693c74ba43cd3e
c24e6af380d9c81a1c69a1f2fb299d946bd6227117e4b84688f35a97e182bab2
c33a2d9a18cc52bfb376fb0feeb99e07733469ce7ee37013054e1b05502a1bb9