secure.internetbankotp.xyz
Open in
urlscan Pro
77.246.108.158
Malicious Activity!
Public Scan
Submission: On January 10 via manual from RO — Scanned from NL
Summary
This is the only time secure.internetbankotp.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 1 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 77.246.108.158 77.246.108.158 | 216071 (VDSINA) (VDSINA) | |
1 | 2a04:4e42::649 2a04:4e42::649 | 54113 (FASTLY) (FASTLY) | |
5 | 4 |
ASN216071 (VDSINA, AE)
PTR: v2275299.hosted-by-vdsina.ru
secure.internetbankotp.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
internetbankotp.xyz
secure.internetbankotp.xyz |
5 MB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 1219 |
31 KB |
5 | 2 |
Domain | Requested by | |
---|---|---|
4 | secure.internetbankotp.xyz |
secure.internetbankotp.xyz
|
1 | code.jquery.com |
secure.internetbankotp.xyz
|
5 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
internetbank.otpbank.hu |
www.otpbank.hu |
play.google.com |
itunes.apple.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
http://secure.internetbankotp.xyz/
Frame ID: 379D3442012F575B43166507F5AA870F
Requests: 20 HTTP requests in this frame
Frame:
data://truncated
Frame ID: 361D5725B701C1F2787D5956FC52B91F
Requests: 1 HTTP requests in this frame
9 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: OTPdirekt internetbank
Search URL Search Domain Scan URL
Title: I forgot my password.
Search URL Search Domain Scan URL
Title: Sign me up
Search URL Search Domain Scan URL
Title: Get it on: Google Play
Search URL Search Domain Scan URL
Title: Download on the App Store
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: Conditions, Comment
Search URL Search Domain Scan URL
Title: Legal information
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
secure.internetbankotp.xyz/ |
8 MB 5 MB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.4.min.js
code.jquery.com/ |
88 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
secure.internetbankotp.xyz/static/js/ |
4 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chat.js
secure.internetbankotp.xyz/static/js/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chat.css
secure.internetbankotp.xyz/static/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
107 KB 107 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
418 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
129 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
22 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
226 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
41 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
106 KB 106 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
106 KB 106 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
100 KB 100 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 361D |
129 KB 129 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
page.url
Submitted on
January 15th 2024, 8:56:26 am
UTC —
From Hungary
Threats:
Phishing
Brand Impersonation
Scam
Comment: The website impersonates the visual elements of the OTP Bank HU.
Phishing website.
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery function| toggleChat function| addMessage function| sendMessage function| handleChatKeyPress function| addChatMessage function| savepage_ShadowLoader function| wsSend1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
secure.internetbankotp.xyz/ | Name: user_id Value: Ay9Gf |
15 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
secure.internetbankotp.xyz
2a04:4e42::649
77.246.108.158
139000322132870bde1770327d5c33099918141ea9cbb29e544a3dd03a25883d
1a6733bbc1a0433da8696cbef37266a32e1782142e242f5a38bdae707a55682e
2a1c2d0ce7881c42fe2e1d9114ca25a74f79b870fb9622974b27309828a497f9
51a828e7b455161fa0bb00a35c7a1763c1b83fb1effe2f70663b30e47b71a584
59045aad5599eb703ffd082cfb724f6cffcc1d7a2278a528df20dc9f03f829b7
6a8dc80f61e0245ed84ef82932d68e164d618739d0a0feb1120f11f70d96497d
847ae3fc07a309823d4dbfc8294a7abff2779392a67f59fe8d0fe22ba0cb3d6c
9db0b35cea2aed60d1621c66ec197456bfb887c3808294087289c67d51d8b50d
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a18e2e10e5659c343e1a1b8f8dc0ea8f6f5d0bdca0c27c446517c72a378f9f20
a2431e5b3f94c2bd49b264ed0c0c0417652ecb91658262a11f9a26fe55c8cd5d
a87cba1d08bc5397e7f459b9339b2427c42d824e223839840731f0a2cdd42f69
b7e7541d05698f8159db7f6dc19dbea7d5bce3927bc8224bdc10ab25d14a9615
bc36a0eee0bf0000f32c3b59ea6e639636cbea8ec747675b7201bf31bb92d0e7
bd200e43b7ec1eaa61b7a9b9bb8c332f8a1fe439f107fb82d7a22b014644bda8
d3701bda03d86a02f98f953ce4a37303a68a1e0d70a0ed225e7d85229e9447af
dbba77ef13c342fde8f9bea6f3bbdf3737d394c1b541f6a0569b7b5d802cdf58
eb160cf0c587f4746479eaaf74e4ee6a65399b5931148a85ba4785383f330f35
f36a37a55d481fc67474576bd57e1616845618e2d7dc3c44c3a05bd513f5fa65