coxes.ga
Open in
urlscan Pro
185.58.196.177
Malicious Activity!
Public Scan
Submission: On May 03 via automatic, source openphish
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on May 2nd 2019. Valid for: 3 months.
This is the only time coxes.ga was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OTP Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 185.58.196.177 185.58.196.177 | 201942 (SOLTIA) (SOLTIA) | |
9 | 195.228.112.193 195.228.112.193 | 5483 (MAGYAR-TE...) (MAGYAR-TELEKOM-MAIN-AS Magyar Telekom Nyrt.) | |
14 | 3 |
ASN5483 (MAGYAR-TELEKOM-MAIN-AS Magyar Telekom Nyrt., HU)
PTR: portalbp.otpbank.hu
www.otpbank.hu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
otpbank.hu
www.otpbank.hu |
197 KB |
1 |
coxes.ga
coxes.ga |
9 KB |
14 | 2 |
Domain | Requested by | |
---|---|---|
9 | www.otpbank.hu |
coxes.ga
|
1 | coxes.ga | |
14 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.otpbank.hu |
Subject Issuer | Validity | Valid | |
---|---|---|---|
coxes.ga Let's Encrypt Authority X3 |
2019-05-02 - 2019-07-31 |
3 months | crt.sh |
www.otpbank.hu DigiCert SHA2 Extended Validation Server CA |
2018-08-21 - 2019-08-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://coxes.ga/otpbank.hu/details.html
Frame ID: F54743E97B93BBA02B73F69FC6AE98A2
Requests: 14 HTTP requests in this frame
Screenshot
Detected technologies
OpenSSL (Web Server Extensions) ExpandDetected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
details.html
coxes.ga/otpbank.hu/ |
9 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frame-netbank.bundle.css
www.otpbank.hu/static/portal/frame/ |
130 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout.bundle.css
www.otpbank.hu/static/portal/layouts/APV9L/ |
68 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
netbank-login.bundle.css
www.otpbank.hu/static/portal/applications/ |
66 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
branch-atm-widget.bundle.css
www.otpbank.hu/static/portal/applications/ |
19 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gdpr-consent.bundle.css
www.otpbank.hu/static/portal/applications/ |
26 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tiny-url.bundle.css
www.otpbank.hu/static/portal/applications/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
orsi.css
www.otpbank.hu/orsi/static/portal/ |
192 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
otp-netbank-login_bg-img_desktop.png
www.otpbank.hu/static/portal/assets/img/application/netbank-login/ |
117 KB 117 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
otp-direkt-logo-white.svg
www.otpbank.hu/static/portal/assets/img/ |
4 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SourceSansPro-Regular.woff
www.otpbank.hu/orsi/static/portal/f/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SourceSansPro-Semibold.woff
www.otpbank.hu/orsi/static/portal/f/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SourceSansPro-Regular.ttf
www.otpbank.hu/orsi/static/portal/f/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SourceSansPro-Semibold.ttf
www.otpbank.hu/orsi/static/portal/f/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.otpbank.hu
- URL
- https://www.otpbank.hu/orsi/static/portal/f/SourceSansPro-Regular.woff
- Domain
- www.otpbank.hu
- URL
- https://www.otpbank.hu/orsi/static/portal/f/SourceSansPro-Semibold.woff
- Domain
- www.otpbank.hu
- URL
- https://www.otpbank.hu/orsi/static/portal/f/SourceSansPro-Regular.ttf
- Domain
- www.otpbank.hu
- URL
- https://www.otpbank.hu/orsi/static/portal/f/SourceSansPro-Semibold.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OTP Bank (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
coxes.ga
www.otpbank.hu
www.otpbank.hu
185.58.196.177
195.228.112.193
2532915752e2dbd9155aa9f09e7533e7dc505fd0b68110ebb1f2282ae4733ecd
2d95b05abbdde1164411b3eb536eecf18a8113052a4046c70d375babd66ca525
494b4c5de93aa3170582a019e31a04bc6b2c7fd17739ac959911e5d40f7f5295
6e55b74aa2e4bf1a005ae44e89f2ed50cf9d292be2c1d980c847f75ddf34ae4f
7c1433403129d80cd91690f1aee622b7d39f760c56b0f4c089be16b8292b68d0
8c636b308335a38bd55d7bec3e72a132d118b86437869f4087725600c851a4f9
bd84f9f272104569a45059c3e8e96db958f84e9bc069963dbf8b25064ba50f01
c895ad01fa9c4d640ff585dfdbab2dba1269937fd3de104d5491ac773b6c4b51
e65fb3238d7037ddfb435891ad44ef06424cdfdabdab802b208deb32e2428f0e
fa0f5d4e4b82a16c0c96c4dcb14b252f7dac10dcea3d4eb382464ff7ca3de25c