coxes.ga Open in urlscan Pro
185.58.196.177 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://coxes.ga/otpbank.hu/details.html
Submission: On May 03 via automatic, source openphish (May 3rd 2019, 7:08:16 am UTC)

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 185.58.196.177, located in Spain and belongs to SOLTIA, ES. The main domain is coxes.ga.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 2nd 2019. Valid for: 3 months.

This is the only time coxes.ga was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OTP Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	185.58.196.177 185.58.196.177	201942 (SOLTIA) (SOLTIA)
9	195.228.112.193 195.228.112.193	5483 (MAGYAR-TE...) (MAGYAR-TELEKOM-MAIN-AS Magyar Telekom Nyrt.)
14	3

1 185.58.196.177 (Spain)

ASN201942 (SOLTIA, ES)
PTR: mail.dominio-dns-tth.com

coxes.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 195.228.112.193 (Budapest, Hungary)

ASN5483 (MAGYAR-TELEKOM-MAIN-AS Magyar Telekom Nyrt., HU)
PTR: portalbp.otpbank.hu

www.otpbank.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	otpbank.hu www.otpbank.hu	197 KB
1	coxes.ga coxes.ga	9 KB
14	2

	Domain	Requested by
9	www.otpbank.hu	coxes.ga
1	coxes.ga
14	2

This site contains links to these domains. Also see Links.

Domain
www.otpbank.hu

Subject Issuer	Validity	Valid
coxes.ga Let's Encrypt Authority X3	`2019-05-02` - `2019-07-31`	3 months	crt.sh
www.otpbank.hu DigiCert SHA2 Extended Validation Server CA	`2018-08-21` - `2019-08-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://coxes.ga/otpbank.hu/details.html
Frame ID: F54743E97B93BBA02B73F69FC6AE98A2
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

14
Requests

71 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

206 kB
Transfer

636 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.otpbank.hu/portal/hu/OTPdirekt/Home

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request details.html Show response
coxes.ga/otpbank.hu/ 9 KB
9 KB 213ms
72ms Document
text/html 185.58.196.177
SOLTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://coxes.ga/otpbank.hu/details.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.58.196.177 , Spain, ASN201942 (SOLTIA, ES),
Reverse DNS: mail.dominio-dns-tth.com
Software: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash: e65fb3238d7037ddfb435891ad44ef06424cdfdabdab802b208deb32e2428f0e

Request headers

:method: GET
:authority: coxes.ga
:scheme: https
:path: /otpbank.hu/details.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 03 May 2019 07:07:51 GMT
server: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
last-modified: Mon, 08 Apr 2019 03:43:08 GMT
etag: "24a6-585fca27e6b00"
accept-ranges: bytes
content-length: 9382
content-type: text/html

GET
H/1.1 200
OK frame-netbank.bundle.css
www.otpbank.hu/static/portal/frame/ 130 KB
22 KB 352ms
105ms Stylesheet
text/css 195.228.112.193
MAGYAR-TELEKOM-MA...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpbank.hu/static/portal/frame/frame-netbank.bundle.css?t=1554292897257

Requested by

Host: coxes.ga
URL: https://coxes.ga/otpbank.hu/details.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.228.112.193 Budapest, Hungary, ASN5483 (MAGYAR-TELEKOM-MAIN-AS Magyar Telekom Nyrt., HU),

Reverse DNS

portalbp.otpbank.hu

Software

OTP Bank plc /

Resource Hash

6e55b74aa2e4bf1a005ae44e89f2ed50cf9d292be2c1d980c847f75ddf34ae4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://coxes.ga/otpbank.hu/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Apr 2019 10:16:26 GMT
Server: OTP Bank plc
ETag: "0b94bc686fad41:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Fri, 03 May 2019 07:07:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 21600
X-XSS-Protection: 1

GET
H/1.1 200
OK layout.bundle.css
www.otpbank.hu/static/portal/layouts/APV9L/ 68 KB
11 KB 353ms
106ms Stylesheet
text/css 195.228.112.193
MAGYAR-TELEKOM-MA...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpbank.hu/static/portal/layouts/APV9L/layout.bundle.css?t=1554292897257

Requested by

Host: coxes.ga
URL: https://coxes.ga/otpbank.hu/details.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.228.112.193 Budapest, Hungary, ASN5483 (MAGYAR-TELEKOM-MAIN-AS Magyar Telekom Nyrt., HU),

Reverse DNS

portalbp.otpbank.hu

Software

OTP Bank plc /

Resource Hash

c895ad01fa9c4d640ff585dfdbab2dba1269937fd3de104d5491ac773b6c4b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://coxes.ga/otpbank.hu/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Apr 2019 10:16:26 GMT
Server: OTP Bank plc
ETag: "0b94bc686fad41:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Fri, 03 May 2019 07:07:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 10699
X-XSS-Protection: 1

GET
H/1.1 200
OK netbank-login.bundle.css
www.otpbank.hu/static/portal/applications/ 66 KB
6 KB 300ms
48ms Stylesheet
text/css 195.228.112.193
MAGYAR-TELEKOM-MA...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpbank.hu/static/portal/applications/netbank-login.bundle.css?t=1554292897257

Requested by

Host: coxes.ga
URL: https://coxes.ga/otpbank.hu/details.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.228.112.193 Budapest, Hungary, ASN5483 (MAGYAR-TELEKOM-MAIN-AS Magyar Telekom Nyrt., HU),

Reverse DNS

portalbp.otpbank.hu

Software

OTP Bank plc /

Resource Hash

fa0f5d4e4b82a16c0c96c4dcb14b252f7dac10dcea3d4eb382464ff7ca3de25c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://coxes.ga/otpbank.hu/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Apr 2019 10:16:26 GMT
Server: OTP Bank plc
ETag: "0b94bc686fad41:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Fri, 03 May 2019 07:07:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 5383
X-XSS-Protection: 1

GET
H/1.1 200
OK branch-atm-widget.bundle.css
www.otpbank.hu/static/portal/applications/ 19 KB
3 KB 297ms
46ms Stylesheet
text/css 195.228.112.193
MAGYAR-TELEKOM-MA...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpbank.hu/static/portal/applications/branch-atm-widget.bundle.css?t=1554292897257

Requested by

Host: coxes.ga
URL: https://coxes.ga/otpbank.hu/details.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.228.112.193 Budapest, Hungary, ASN5483 (MAGYAR-TELEKOM-MAIN-AS Magyar Telekom Nyrt., HU),

Reverse DNS

portalbp.otpbank.hu

Software

OTP Bank plc /

Resource Hash

7c1433403129d80cd91690f1aee622b7d39f760c56b0f4c089be16b8292b68d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://coxes.ga/otpbank.hu/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Apr 2019 10:16:26 GMT
Server: OTP Bank plc
ETag: "0b94bc686fad41:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Fri, 03 May 2019 07:07:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2388
X-XSS-Protection: 1

GET
H/1.1 200
OK gdpr-consent.bundle.css
www.otpbank.hu/static/portal/applications/ 26 KB
4 KB 300ms
48ms Stylesheet
text/css 195.228.112.193
MAGYAR-TELEKOM-MA...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpbank.hu/static/portal/applications/gdpr-consent.bundle.css?t=1554292897257

Requested by

Host: coxes.ga
URL: https://coxes.ga/otpbank.hu/details.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.228.112.193 Budapest, Hungary, ASN5483 (MAGYAR-TELEKOM-MAIN-AS Magyar Telekom Nyrt., HU),

Reverse DNS

portalbp.otpbank.hu

Software

OTP Bank plc /

Resource Hash

bd84f9f272104569a45059c3e8e96db958f84e9bc069963dbf8b25064ba50f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://coxes.ga/otpbank.hu/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Apr 2019 10:16:26 GMT
Server: OTP Bank plc
ETag: "0b94bc686fad41:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Fri, 03 May 2019 07:07:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 3780
X-XSS-Protection: 1

GET
H/1.1 200
OK tiny-url.bundle.css
www.otpbank.hu/static/portal/applications/ 4 KB
1 KB 299ms
47ms Stylesheet
text/css 195.228.112.193
MAGYAR-TELEKOM-MA...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpbank.hu/static/portal/applications/tiny-url.bundle.css?t=1554292897257

Requested by

Host: coxes.ga
URL: https://coxes.ga/otpbank.hu/details.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.228.112.193 Budapest, Hungary, ASN5483 (MAGYAR-TELEKOM-MAIN-AS Magyar Telekom Nyrt., HU),

Reverse DNS

portalbp.otpbank.hu

Software

OTP Bank plc /

Resource Hash

2532915752e2dbd9155aa9f09e7533e7dc505fd0b68110ebb1f2282ae4733ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://coxes.ga/otpbank.hu/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Apr 2019 10:16:26 GMT
Server: OTP Bank plc
ETag: "0b94bc686fad41:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Fri, 03 May 2019 07:07:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 954
X-XSS-Protection: 1

GET
H/1.1 200
OK orsi.css
www.otpbank.hu/orsi/static/portal/ 192 KB
30 KB 406ms
109ms Stylesheet
text/css 195.228.112.193
MAGYAR-TELEKOM-MA...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpbank.hu/orsi/static/portal/orsi.css

Requested by

Host: coxes.ga
URL: https://coxes.ga/otpbank.hu/details.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.228.112.193 Budapest, Hungary, ASN5483 (MAGYAR-TELEKOM-MAIN-AS Magyar Telekom Nyrt., HU),

Reverse DNS

portalbp.otpbank.hu

Software

OTP Bank plc /

Resource Hash

494b4c5de93aa3170582a019e31a04bc6b2c7fd17739ac959911e5d40f7f5295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://coxes.ga/otpbank.hu/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 Oct 2018 10:03:56 GMT
Server: OTP Bank plc
ETag: "0ce8ede3770d41:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Fri, 03 May 2019 07:07:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 30752
X-XSS-Protection: 1

GET
H/1.1 200
OK otp-netbank-login_bg-img_desktop.png
www.otpbank.hu/static/portal/assets/img/application/netbank-login/ 117 KB
117 KB 116ms
115ms Image
image/png 195.228.112.193
MAGYAR-TELEKOM-MA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otpbank.hu/static/portal/assets/img/application/netbank-login/otp-netbank-login_bg-img_desktop.png

Requested by

Host: coxes.ga
URL: https://coxes.ga/otpbank.hu/details.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.228.112.193 Budapest, Hungary, ASN5483 (MAGYAR-TELEKOM-MAIN-AS Magyar Telekom Nyrt., HU),

Reverse DNS

portalbp.otpbank.hu

Software

OTP Bank plc /

Resource Hash

2d95b05abbdde1164411b3eb536eecf18a8113052a4046c70d375babd66ca525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://coxes.ga/otpbank.hu/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Apr 2019 10:16:28 GMT
Server: OTP Bank plc
ETag: "0e67cc786fad41:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Date: Fri, 03 May 2019 07:07:52 GMT
Accept-Ranges: bytes
Content-Length: 119387
X-XSS-Protection: 1

GET
H/1.1 200
OK otp-direkt-logo-white.svg
www.otpbank.hu/static/portal/assets/img/ 4 KB
3 KB 69ms
69ms Image
image/svg+xml 195.228.112.193
MAGYAR-TELEKOM-MA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otpbank.hu/static/portal/assets/img/otp-direkt-logo-white.svg

Requested by

Host: coxes.ga
URL: https://coxes.ga/otpbank.hu/details.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.228.112.193 Budapest, Hungary, ASN5483 (MAGYAR-TELEKOM-MAIN-AS Magyar Telekom Nyrt., HU),

Reverse DNS

portalbp.otpbank.hu

Software

OTP Bank plc /

Resource Hash

8c636b308335a38bd55d7bec3e72a132d118b86437869f4087725600c851a4f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://coxes.ga/otpbank.hu/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Apr 2019 10:16:28 GMT
Server: OTP Bank plc
ETag: "0e67cc786fad41:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Date: Fri, 03 May 2019 07:07:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2165
X-XSS-Protection: 1

GET SourceSansPro-Regular.woff
www.otpbank.hu/orsi/static/portal/f/ 0
0

GET SourceSansPro-Semibold.woff
www.otpbank.hu/orsi/static/portal/f/ 0
0

GET SourceSansPro-Regular.ttf
www.otpbank.hu/orsi/static/portal/f/ 0
0

GET SourceSansPro-Semibold.ttf
www.otpbank.hu/orsi/static/portal/f/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.otpbank.hu
URL: https://www.otpbank.hu/orsi/static/portal/f/SourceSansPro-Regular.woff

Domain: www.otpbank.hu
URL: https://www.otpbank.hu/orsi/static/portal/f/SourceSansPro-Semibold.woff

Domain: www.otpbank.hu
URL: https://www.otpbank.hu/orsi/static/portal/f/SourceSansPro-Regular.ttf

Domain: www.otpbank.hu
URL: https://www.otpbank.hu/orsi/static/portal/f/SourceSansPro-Semibold.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OTP Bank (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coxes.ga
www.otpbank.hu
www.otpbank.hu
185.58.196.177
195.228.112.193
2532915752e2dbd9155aa9f09e7533e7dc505fd0b68110ebb1f2282ae4733ecd
2d95b05abbdde1164411b3eb536eecf18a8113052a4046c70d375babd66ca525
494b4c5de93aa3170582a019e31a04bc6b2c7fd17739ac959911e5d40f7f5295
6e55b74aa2e4bf1a005ae44e89f2ed50cf9d292be2c1d980c847f75ddf34ae4f
7c1433403129d80cd91690f1aee622b7d39f760c56b0f4c089be16b8292b68d0
8c636b308335a38bd55d7bec3e72a132d118b86437869f4087725600c851a4f9
bd84f9f272104569a45059c3e8e96db958f84e9bc069963dbf8b25064ba50f01
c895ad01fa9c4d640ff585dfdbab2dba1269937fd3de104d5491ac773b6c4b51
e65fb3238d7037ddfb435891ad44ef06424cdfdabdab802b208deb32e2428f0e
fa0f5d4e4b82a16c0c96c4dcb14b252f7dac10dcea3d4eb382464ff7ca3de25c

coxes.ga Open in urlscan Pro 185.58.196.177 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

71 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

206 kBTransfer

636 kBSize

0 Cookies

1 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

coxes.ga Open in urlscan Pro
185.58.196.177 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

71 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

206 kB
Transfer

636 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!