secure.internetbankotp.xyz Open in urlscan Pro
77.246.108.158  Malicious Activity! Public Scan

URL: http://secure.internetbankotp.xyz/
Submission: On January 10 via manual from RO — Scanned from NL

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 77.246.108.158, located in Netherlands and belongs to VDSINA, AE. The main domain is secure.internetbankotp.xyz.
This is the only time secure.internetbankotp.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious1 votes Show Verdicts

Domain & IP information

IP Address AS Autonomous System
4 77.246.108.158 216071 (VDSINA)
1 2a04:4e42::649 54113 (FASTLY)
5 4
Apex Domain
Subdomains
Transfer
4 internetbankotp.xyz
secure.internetbankotp.xyz
5 MB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1219
31 KB
5 2
Domain Requested by
4 secure.internetbankotp.xyz secure.internetbankotp.xyz
1 code.jquery.com secure.internetbankotp.xyz
5 2

This site contains links to these domains. Also see Links.

Domain
internetbank.otpbank.hu
www.otpbank.hu
play.google.com
itunes.apple.com
Subject Issuer Validity Valid
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh

This page contains 2 frames:

Primary Page: http://secure.internetbankotp.xyz/
Frame ID: 379D3442012F575B43166507F5AA870F
Requests: 20 HTTP requests in this frame

Frame: data://truncated
Frame ID: 361D5725B701C1F2787D5956FC52B91F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Új internet- és mobilbank – OTP Bank

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

5
Requests

20 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

4
IPs

2
Countries

5432 kB
Transfer

9597 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
secure.internetbankotp.xyz/
8 MB
5 MB
Document
General
Full URL
http://secure.internetbankotp.xyz/
Protocol
HTTP/1.1
Server
77.246.108.158 , Netherlands, ASN216071 (VDSINA, AE),
Reverse DNS
v2275299.hosted-by-vdsina.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 10 Jan 2024 10:13:17 GMT
Last-Modified
Tue, 09 Jan 2024 20:11:34 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
jquery-3.6.4.min.js
code.jquery.com/
88 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.4.min.js
Requested by
Host: secure.internetbankotp.xyz
URL: http://secure.internetbankotp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 10:13:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
10079397
x-cache
HIT, HIT
content-length
31011
x-served-by
cache-lga21953-LGA, cache-ams21039-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1704881597.450395,VS0,VE0
etag
W/"28feccc0-15ec3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
6, 1637
main.js
secure.internetbankotp.xyz/static/js/
4 KB
5 KB
Script
General
Full URL
http://secure.internetbankotp.xyz/static/js/main.js
Requested by
Host: secure.internetbankotp.xyz
URL: http://secure.internetbankotp.xyz/
Protocol
HTTP/1.1
Server
77.246.108.158 , Netherlands, ASN216071 (VDSINA, AE),
Reverse DNS
v2275299.hosted-by-vdsina.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
59045aad5599eb703ffd082cfb724f6cffcc1d7a2278a528df20dc9f03f829b7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 10:13:17 GMT
Last-Modified
Tue, 09 Jan 2024 19:49:48 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4469
Content-Type
text/javascript; charset=utf-8
chat.js
secure.internetbankotp.xyz/static/js/
2 KB
2 KB
Script
General
Full URL
http://secure.internetbankotp.xyz/static/js/chat.js
Requested by
Host: secure.internetbankotp.xyz
URL: http://secure.internetbankotp.xyz/
Protocol
HTTP/1.1
Server
77.246.108.158 , Netherlands, ASN216071 (VDSINA, AE),
Reverse DNS
v2275299.hosted-by-vdsina.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b7e7541d05698f8159db7f6dc19dbea7d5bce3927bc8224bdc10ab25d14a9615

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 10:13:17 GMT
Last-Modified
Tue, 09 Jan 2024 18:41:06 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1823
Content-Type
text/javascript; charset=utf-8
chat.css
secure.internetbankotp.xyz/static/css/
4 KB
4 KB
Stylesheet
General
Full URL
http://secure.internetbankotp.xyz/static/css/chat.css
Requested by
Host: secure.internetbankotp.xyz
URL: http://secure.internetbankotp.xyz/
Protocol
HTTP/1.1
Server
77.246.108.158 , Netherlands, ASN216071 (VDSINA, AE),
Reverse DNS
v2275299.hosted-by-vdsina.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dbba77ef13c342fde8f9bea6f3bbdf3737d394c1b541f6a0569b7b5d802cdf58

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 10:13:17 GMT
Last-Modified
Tue, 09 Jan 2024 19:37:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4031
Content-Type
text/css; charset=utf-8
truncated
/
107 KB
107 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc36a0eee0bf0000f32c3b59ea6e639636cbea8ec747675b7201bf31bb92d0e7

Request headers

Referer
http://secure.internetbankotp.xyz/
Origin
http://secure.internetbankotp.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/
418 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
847ae3fc07a309823d4dbfc8294a7abff2779392a67f59fe8d0fe22ba0cb3d6c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
129 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a828e7b455161fa0bb00a35c7a1763c1b83fb1effe2f70663b30e47b71a584

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
17 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a18e2e10e5659c343e1a1b8f8dc0ea8f6f5d0bdca0c27c446517c72a378f9f20

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
22 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f36a37a55d481fc67474576bd57e1616845618e2d7dc3c44c3a05bd513f5fa65

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
10 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb160cf0c587f4746479eaaf74e4ee6a65399b5931148a85ba4785383f330f35

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
226 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a1c2d0ce7881c42fe2e1d9114ca25a74f79b870fb9622974b27309828a497f9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
11 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a6733bbc1a0433da8696cbef37266a32e1782142e242f5a38bdae707a55682e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
11 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3701bda03d86a02f98f953ce4a37303a68a1e0d70a0ed225e7d85229e9447af

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9db0b35cea2aed60d1621c66ec197456bfb887c3808294087289c67d51d8b50d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd200e43b7ec1eaa61b7a9b9bb8c332f8a1fe439f107fb82d7a22b014644bda8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
41 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a87cba1d08bc5397e7f459b9339b2427c42d824e223839840731f0a2cdd42f69

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://secure.internetbankotp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
106 KB
106 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2431e5b3f94c2bd49b264ed0c0c0417652ecb91658262a11f9a26fe55c8cd5d

Request headers

Referer
http://secure.internetbankotp.xyz/
Origin
http://secure.internetbankotp.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/
106 KB
106 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a8dc80f61e0245ed84ef82932d68e164d618739d0a0feb1120f11f70d96497d

Request headers

Referer
http://secure.internetbankotp.xyz/
Origin
http://secure.internetbankotp.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/
100 KB
100 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
139000322132870bde1770327d5c33099918141ea9cbb29e544a3dd03a25883d

Request headers

Referer
http://secure.internetbankotp.xyz/
Origin
http://secure.internetbankotp.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ Frame 361D
129 KB
129 KB
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a828e7b455161fa0bb00a35c7a1763c1b83fb1effe2f70663b30e47b71a584

Request headers

Referer
http://secure.internetbankotp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment


Malicious page.url
Submitted on January 15th 2024, 8:56:26 am UTC — From Hungary

Threats: Phishing Brand Impersonation Scam
Comment: The website impersonates the visual elements of the OTP Bank HU. Phishing website.

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| toggleChat function| addMessage function| sendMessage function| handleChatKeyPress function| addChatMessage function| savepage_ShadowLoader function| wsSend

1 Cookies

Domain/Path Name / Value
secure.internetbankotp.xyz/ Name: user_id
Value: Ay9Gf

15 Console Messages

Source Level URL
Text
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 58)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 61)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 61)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 61)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 61)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 61)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 61)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 61)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 61)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 61)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 61)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 61)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 61)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 61)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://secure.internetbankotp.xyz/static/js/main.js(Line 61)
Message:
WebSocket connection to 'wss://secure.internetbankotp.xyz/api/ws' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED