www.otpbank-survey.5hwbet.com
Open in
urlscan Pro
185.114.245.109
Malicious Activity!
Public Scan
Submission: On March 20 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on June 29th 2022. Valid for: a year.
This is the only time www.otpbank-survey.5hwbet.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 1 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 185.114.245.109 185.114.245.109 | 9123 (TIMEWEB-AS) (TIMEWEB-AS) | |
4 | 195.228.112.223 195.228.112.223 | 211595 (OTPHU-AS) (OTPHU-AS) | |
11 | 2 |
ASN9123 (TIMEWEB-AS, RU)
PTR: vh310.timeweb.ru
www.otpbank-survey.5hwbet.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
5hwbet.com
www.otpbank-survey.5hwbet.com |
910 KB |
4 |
otpbank.hu
www.otpbank.hu — Cisco Umbrella Rank: 287734 |
739 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
7 | www.otpbank-survey.5hwbet.com |
www.otpbank-survey.5hwbet.com
|
4 | www.otpbank.hu |
www.otpbank-survey.5hwbet.com
|
11 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.otpbank.hu |
karrier.otpbank.hu |
www.facebook.com |
www.youtube.com |
www.linkedin.com |
www.shiwaforce.com |
www.google.com |
www.mozilla.org |
www.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.timeweb.ru GlobalSign RSA OV SSL CA 2018 |
2022-06-29 - 2023-07-31 |
a year | crt.sh |
www.otpbank.hu DigiCert SHA2 Extended Validation Server CA |
2022-08-16 - 2023-09-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.otpbank-survey.5hwbet.com/
Frame ID: FD27A46EF11531BE076370BDBDFAA625
Requests: 11 HTTP requests in this frame
35 Outgoing links
These are links going to different origins than the main page.
Title: Hitelek
Search URL Search Domain Scan URL
Title: Bankszámlák
Search URL Search Domain Scan URL
Title: Bankkártyák
Search URL Search Domain Scan URL
Title: Megtakarítások
Search URL Search Domain Scan URL
Title: Biztosítások
Search URL Search Domain Scan URL
Title: Rólunk
Search URL Search Domain Scan URL
Title: Karrier
Search URL Search Domain Scan URL
Title: Szállítóknak
Search URL Search Domain Scan URL
Title: Fenntarthatóság
Search URL Search Domain Scan URL
Title: Akadálymentesség
Search URL Search Domain Scan URL
Title: OTP Csoport
Search URL Search Domain Scan URL
Title: Társaságirányítás
Search URL Search Domain Scan URL
Title: Díjak és elismerések
Search URL Search Domain Scan URL
Title: OTP LAB
Search URL Search Domain Scan URL
Title: Befektetőknek
Search URL Search Domain Scan URL
Title: Közlemények
Search URL Search Domain Scan URL
Title: Jelentések
Search URL Search Domain Scan URL
Title: Prezentációk
Search URL Search Domain Scan URL
Title: Foglaljon időpontot!
Search URL Search Domain Scan URL
Title: Küldjön üzenetet!
Search URL Search Domain Scan URL
Title: Fiók- és ATM-kereső
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: 81E64249-5B2A-4D90-A582-9B087E2871B8
Search URL Search Domain Scan URL
Title: Impresszum és nyilatkozatok
Search URL Search Domain Scan URL
Title: Hirdetmények és üzletszabályzatok
Search URL Search Domain Scan URL
Title: Pénzügyi Navigátor
Search URL Search Domain Scan URL
Title: Adatvédelem
Search URL Search Domain Scan URL
Title: Powered by Shiwa
Search URL Search Domain Scan URL
Title: Chrome
Search URL Search Domain Scan URL
Title: Firefox
Search URL Search Domain Scan URL
Title: Internet Explorer
Search URL Search Domain Scan URL
Title: Edge
Search URL Search Domain Scan URL
Title: Read more.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.otpbank-survey.5hwbet.com/ |
1 MB 476 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frame-portal.597430122fca8714417d.bundle.css
www.otpbank.hu/static/portal/frame/ |
364 KB 58 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout.b0cb679365ec4170f1e5.bundle.css
www.otpbank.hu/static/portal/layouts/AV9PK/ |
126 KB 127 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
complaints.6829d2b0fbe74d4a59e6.bundle.css
www.otpbank.hu/static/portal/applications/ |
22 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
www.otpbank-survey.5hwbet.com/assets/survey/css/ |
3 KB 542 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Panaszkezeles-1920x696@2x.jpg
www.otpbank.hu/static/portal/sw/pic/Panaszkezeles-termek-newhero/ |
529 KB 530 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Squad-Heavy.woff
www.otpbank-survey.5hwbet.com/assets/survey/fonts/ |
66 KB 67 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sourcesanspro-black.ttf
www.otpbank-survey.5hwbet.com/assets/survey/fonts/ |
259 KB 260 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sourcesanspro-semibold.woff
www.otpbank-survey.5hwbet.com/assets/survey/fonts/ |
62 KB 63 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sourcesanspro-bold.woff
www.otpbank-survey.5hwbet.com/assets/survey/fonts/ |
22 KB 22 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sourcesanspro-regular.woff
www.otpbank-survey.5hwbet.com/assets/survey/fonts/ |
22 KB 22 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
page.url
Submitted on
April 27th 2023, 6:04:51 am
UTC —
From Hungary
Threats:
Phishing
Brand Impersonation
Scam
Brands:
OTP Bank
HU
Comment: The website impersonates the visual elements of the OTP Bank HU.
Also contains phishing elements after completing a survey.
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.otpbank-survey.5hwbet.com
www.otpbank.hu
185.114.245.109
195.228.112.223
1d9519b8c8449ab223886af36637bbd3a03c821a5a20280c406176f92b17dd66
2179921189b567fb4f8e0fa32f1b413584ed42f05174f3863cac17ee67396b16
2dbeb67cf9f99b16732a9f6e9bf2d73a20f377878152048d2f094724503beaa5
5eabba9c9fb2ebceefdc8b725dffee99cdd98d2bc7d04acf6a11a5eb03e46f69
93d3368cb0fb2224a77b7e59b02f592f9c8e73f12905b25e3a9f445f3a4e18fd
9e5228a77f1f5a710fa838a6b6c3f156bcdccb26bcabfe94fe59efbacd91e5e0
a1d314383d0ae899e13deb2878830ddabba1fdebd71d4a903bb9ce9c7f5ba9eb
c3744d37cb0f489f50e8379d0c6bcdc8c75a6261124ab39a59f96886f5b4cd9d
e96835b0d686880e83a3bc7a708ee86c868e08d7279decc01472d6452ece0440
ea0fc782c3ceaa5b201135247dd0e2a3d9156d51b568557693f8f3bb7c71a33c
ebb9d186d5435108053e5aeb5107ca970a9067a4747ea99a695af10ddef22c1b