otpbnk-hu-rafael164336.codeanyapp.com Open in urlscan Pro
198.199.109.95  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response otpbnk-hu-rafael164336.codeanyapp.com/HU/	89 KB 17 KB	757ms 267ms	Document text/html	198.199.109.95 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 198.199.109.95 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS codeanyproxy.com Software openresty / Resource Hash 57f6694dabacfaa5806a8476b939627ad88608b0057f729200460fcecc9fb0d1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers content-encoding gzip content-length 17354 content-type text/html; charset=UTF-8 date Sun, 28 Aug 2022 03:48:12 GMT server openresty vary Accept-Encoding
GET H2	200	frame-netbank.af83ad26afdccb98cc27.bundle.css otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/	218 KB 37 KB	506ms 503ms	Stylesheet text/css	198.199.109.95 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/frame-netbank.af83ad26afdccb98cc27.bundle.css Requested by Host: otpbnk-hu-rafael164336.codeanyapp.com URL: https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 198.199.109.95 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS codeanyproxy.com Software openresty / Resource Hash 1d7e98fd499e6f7e17d251ad92b494b31e82b36ba568317d3030fb9743455bae Request headers accept-language jp-JP,jp;q=0.9 Referer https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 03:48:12 GMT content-encoding gzip last-modified Fri, 26 Aug 2022 17:41:38 GMT server openresty etag "36864-5e7286d14c14f-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 37862
GET H2	200	layout.b1a99319a9e07e5d1082.bundle.css otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/	54 KB 11 KB	462ms 459ms	Stylesheet text/css	198.199.109.95 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/layout.b1a99319a9e07e5d1082.bundle.css Requested by Host: otpbnk-hu-rafael164336.codeanyapp.com URL: https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 198.199.109.95 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS codeanyproxy.com Software openresty / Resource Hash 517e37a49f54a558d0d0ca603a40d228e4989914752d451f662a8172624d4df3 Request headers accept-language jp-JP,jp;q=0.9 Referer https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 03:48:12 GMT content-encoding gzip last-modified Fri, 26 Aug 2022 17:41:38 GMT server openresty etag "d70b-5e7286d14c14f-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 11385
GET H2	200	netbank-login.eb40baf408a754bdf2ee.bundle.css otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/	96 KB 12 KB	431ms 429ms	Stylesheet text/css	198.199.109.95 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/netbank-login.eb40baf408a754bdf2ee.bundle.css Requested by Host: otpbnk-hu-rafael164336.codeanyapp.com URL: https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 198.199.109.95 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS codeanyproxy.com Software openresty / Resource Hash 195b9ff4c23f0027b9adbecfee37dcab68931240d37f5bd0236a3c8c0df6330f Request headers accept-language jp-JP,jp;q=0.9 Referer https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 03:48:12 GMT content-encoding gzip last-modified Fri, 26 Aug 2022 17:41:38 GMT server openresty etag "17e29-5e7286d14c537-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 12304
GET H2	200	branch-atm-widget.f80a85b46b50e35e545e.bundle.css otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/	9 KB 2 KB	265ms 264ms	Stylesheet text/css	198.199.109.95 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/branch-atm-widget.f80a85b46b50e35e545e.bundle.css Requested by Host: otpbnk-hu-rafael164336.codeanyapp.com URL: https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 198.199.109.95 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS codeanyproxy.com Software openresty / Resource Hash 6a93fd74bf46b7453effbd23437cca1d34831447543d980ba760242d52d8e7a9 Request headers accept-language jp-JP,jp;q=0.9 Referer https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 03:48:12 GMT content-encoding gzip last-modified Fri, 26 Aug 2022 17:41:38 GMT server openresty etag "227d-5e7286d14b97f-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1863
GET H2	404	common.js.download otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/	0 0	510ms 509ms	Script text/html	198.199.109.95 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/common.js.download Requested by Host: otpbnk-hu-rafael164336.codeanyapp.com URL: https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 198.199.109.95 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS codeanyproxy.com Software openresty / Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 03:48:12 GMT server openresty content-length 360 content-type text/html; charset=iso-8859-1
GET H2	404	util.js.download otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/	0 0	506ms 506ms	Script text/html	198.199.109.95 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/util.js.download Requested by Host: otpbnk-hu-rafael164336.codeanyapp.com URL: https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 198.199.109.95 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS codeanyproxy.com Software openresty / Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 03:48:12 GMT server openresty content-length 358 content-type text/html; charset=iso-8859-1
GET H2	200	otp-direkt-logo-white.svg otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/	8 KB 8 KB	266ms 265ms	Image image/svg+xml	198.199.109.95 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/otp-direkt-logo-white.svg Requested by Host: otpbnk-hu-rafael164336.codeanyapp.com URL: https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 198.199.109.95 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS codeanyproxy.com Software openresty / Resource Hash 13c1603934a09e61452b7fa3bf96e8d3b7297f39426f412133f38ee3de82e1fa Request headers accept-language jp-JP,jp;q=0.9 Referer https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 03:48:13 GMT last-modified Fri, 26 Aug 2022 17:41:38 GMT server openresty accept-ranges bytes etag "20ee-5e7286d14c537" content-length 8430 content-type image/svg+xml
GET H2	200	50.jpg ru.otpbank.com.ua/upload/images/icons304px/	22 KB 22 KB	1072ms 260ms	Image image/jpeg	195.248.93.27 OTPUA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ru.otpbank.com.ua/upload/images/icons304px/50.jpg Requested by Host: otpbnk-hu-rafael164336.codeanyapp.com URL: https://otpbnk-hu-rafael164336.codeanyapp.com/HU/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.248.93.27 , Ukraine, ASN41260 (OTPUA-AS, UA), Reverse DNS colab.otpbank.com.ua Software nginx / Resource Hash c33b1a6c66082c361fa1ab4a21629f75d7661a5525d8ece48add6583186dafd3 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://otpbnk-hu-rafael164336.codeanyapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 03:59:57 GMT x-content-type-options nosniff last-modified Wed, 09 Oct 2019 01:55:24 GMT server nginx etag "5d9d3e0c-56a9" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 22185 expires Tue, 27 Sep 2022 03:59:57 GMT
GET H/1.1	200 OK	netbank-login-bg.png www.otpbank.hu/static/portal/assets/img/application/netbank-login/	608 KB 0	1872ms 740ms	Image image/png	195.228.112.223 OTPHU-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.otpbank.hu/static/portal/assets/img/application/netbank-login/netbank-login-bg.png Requested by Host: otpbnk-hu-rafael164336.codeanyapp.com URL: https://otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/netbank-login.eb40baf408a754bdf2ee.bundle.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.228.112.223 Budapest, Hungary, ASN211595 (OTPHU-AS, HU), Reverse DNS Software OTP Bank plc / Resource Hash Security Headers Name Value Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers accept-language jp-JP,jp;q=0.9 Referer https://otpbnk-hu-rafael164336.codeanyapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Mon, 22 Aug 2022 07:02:00 GMT Server OTP Bank plc ETag "0642113f5b5d81:0" X-Frame-Options SAMEORIGIN Content-Type image/png Date Sun, 28 Aug 2022 03:59:57 GMT Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com Accept-Ranges bytes Content-Length 930053 X-XSS-Protection 1

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OTP Bank (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/util.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://otpbnk-hu-rafael164336.codeanyapp.com/HU/OTP%20Bank%20-%20OTPdirekt%20bel%C3%A9p%C3%A9s_files/common.js.download Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

otpbnk-hu-rafael164336.codeanyapp.com
ru.otpbank.com.ua
www.otpbank.hu
195.228.112.223
195.248.93.27
198.199.109.95
13c1603934a09e61452b7fa3bf96e8d3b7297f39426f412133f38ee3de82e1fa
195b9ff4c23f0027b9adbecfee37dcab68931240d37f5bd0236a3c8c0df6330f
1d7e98fd499e6f7e17d251ad92b494b31e82b36ba568317d3030fb9743455bae
517e37a49f54a558d0d0ca603a40d228e4989914752d451f662a8172624d4df3
57f6694dabacfaa5806a8476b939627ad88608b0057f729200460fcecc9fb0d1
6a93fd74bf46b7453effbd23437cca1d34831447543d980ba760242d52d8e7a9
c33b1a6c66082c361fa1ab4a21629f75d7661a5525d8ece48add6583186dafd3