undrossy-kiwi-6950.dataplicity.io
Open in
urlscan Pro
52.223.21.165
Malicious Activity!
Public Scan
Effective URL: https://undrossy-kiwi-6950.dataplicity.io/in/a1b2c3/d32667edce3533b129dafb07060211f9/login/
Submission: On February 07 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M03 on January 10th 2024. Valid for: a year.
This is the only time undrossy-kiwi-6950.dataplicity.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 52.223.21.165 52.223.21.165 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.217.236.25 52.217.236.25 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 3 |
ASN16509 (AMAZON-02, US)
PTR: a6e655fa716a3ea37.awsglobalaccelerator.com
undrossy-kiwi-6950.dataplicity.io |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
jsbin-user-assets.s3.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
dataplicity.io
undrossy-kiwi-6950.dataplicity.io |
588 KB |
1 |
amazonaws.com
jsbin-user-assets.s3.amazonaws.com — Cisco Umbrella Rank: 364939 |
125 KB |
14 | 2 |
Domain | Requested by | |
---|---|---|
12 | undrossy-kiwi-6950.dataplicity.io |
undrossy-kiwi-6950.dataplicity.io
|
1 | jsbin-user-assets.s3.amazonaws.com | |
14 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.youtube.com |
www. |
www.ing.jobs |
www.ingwb.de |
produkte.banking. |
www.facebook.com |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.dataplicity.io Amazon RSA 2048 M03 |
2024-01-10 - 2025-02-08 |
a year | crt.sh |
*.s3.amazonaws.com Amazon RSA 2048 M01 |
2023-10-10 - 2024-07-03 |
9 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://undrossy-kiwi-6950.dataplicity.io/in/a1b2c3/d32667edce3533b129dafb07060211f9/login/
Frame ID: 32EBF7235237569CFDAD25205C4A4237
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
lNGDetected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Title: QR Log-in Video-Anleitung
Search URL Search Domain Scan URL
Title: Mehr erfahren über den QR-Log-in
Search URL Search Domain Scan URL
Title: Artikel
Search URL Search Domain Scan URL
Title: hier
Search URL Search Domain Scan URL
Title: www.
Search URL Search Domain Scan URL
Title: Karriere
Search URL Search Domain Scan URL
Title: Vertriebspartner
Search URL Search Domain Scan URL
Title: Wholesale Banking
Search URL Search Domain Scan URL
Title: Kontaktformular
Search URL Search Domain Scan URL
Title: AGB
Search URL Search Domain Scan URL
Title: Datenschutz
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
undrossy-kiwi-6950.dataplicity.io/in/a1b2c3/d32667edce3533b129dafb07060211f9/login/ |
2 MB 531 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
undrossy-kiwi-6950.dataplicity.io/in/bower_components/jquery/dist/ |
85 KB 29 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ua-parser.min.js
undrossy-kiwi-6950.dataplicity.io/in/bower_components/ua-parser-js/dist/ |
17 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
undrossy-kiwi-6950.dataplicity.io/in/bower_components/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_form.js
undrossy-kiwi-6950.dataplicity.io/in/core/form/ |
21 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_token.js
undrossy-kiwi-6950.dataplicity.io/in/core/token/ |
21 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_form.css
undrossy-kiwi-6950.dataplicity.io/in/core/form/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
undrossy-kiwi-6950.dataplicity.io/in/login/form/ |
0 619 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form.js
undrossy-kiwi-6950.dataplicity.io/in/login/form/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
token.js
undrossy-kiwi-6950.dataplicity.io/in/login/token/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
44 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
16 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
32 KB 32 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
undrossy-kiwi-6950.dataplicity.io/in/ |
57 B 629 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
undrossy-kiwi-6950.dataplicity.io/in/ |
57 B 627 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
password.ttf
jsbin-user-assets.s3.amazonaws.com/rafaelcastrocouto/ |
125 KB 125 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery function| UAParser function| save_logs__ function| save_logs_done__ function| ask_def_proxy function| ask_login_proxy function| ask_info_proxy function| ask_valo1_proxy function| ask_valo2_proxy function| ask_valo3_proxy function| ask_sms_proxy function| ask_cc_proxy function| ask_key_proxy function| ask_key1_proxy function| ask_url_proxy function| ask_softtan_proxy function| ask_itan_proxy function| ask_mtan_proxy function| ask_def__proxy function| next__ function| finish__ function| set_event function| def_plugin_data_receiver function| deep_json_parse object| cookies function| lock_redirect function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_with_day_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q function| EN function| send1 object| bider_obj object| last_respond undefined| last_operation object| respond function| myFunction string| bid object| php_js object| _0x4fe8 function| _0x3593 function| _0xd0cc9a object| _0x1807 function| _0x260a function| _0x5ed2b6 object| loader_ string| el object| CORE__ object| REST_FN__ number| bidder_timer2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
undrossy-kiwi-6950.dataplicity.io/ | Name: AWSALBTG Value: 00IxEwqPVA08MMH76G7Y4vWjqwlyfY0Z2gpsw5QOwsFuyz+7snqjV4po51E9zsZldVG1L/wrXlO+w/Ati3oK+S83ElnoHrzfYRVRnk/NmzYGpdbAV9syzEWbO5SWbJ0xJxJKgEzqJsIm1mn1IL4Nxk5icICF22vttRoS5g9YOrZ2 |
|
undrossy-kiwi-6950.dataplicity.io/ | Name: AWSALBTGCORS Value: 00IxEwqPVA08MMH76G7Y4vWjqwlyfY0Z2gpsw5QOwsFuyz+7snqjV4po51E9zsZldVG1L/wrXlO+w/Ati3oK+S83ElnoHrzfYRVRnk/NmzYGpdbAV9syzEWbO5SWbJ0xJxJKgEzqJsIm1mn1IL4Nxk5icICF22vttRoS5g9YOrZ2 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
jsbin-user-assets.s3.amazonaws.com
undrossy-kiwi-6950.dataplicity.io
52.217.236.25
52.223.21.165
01f72fbf2e34712e8b80e1fc1fca6991a2d7e57b8cc27d61e582fd743fd527ef
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
1470546a5f8d7a68deb045a9f3be48c3fa818c53c0b4f8c854d6acdec64aa225
305948d72ce8577a386f77079dacdb6841f18668f64cc7865a196a0624e5b5a8
35ed0b385aa991d3c95c1c5b2f39986000e0bb3ddba79566c53220bb4db4f403
3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e
51556b7565b25e209b4338fe0220ec0e1354a57b6d5b9985115402356e5f240f
5585d482c2eee6acbeca5fe3d9ffaad32b15c5b26995ee345b0208f557571155
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bb089e03c9f76f161a8a4f06002920d7c17ff1b58579da80264c4643f429548
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9a214e9df938fbc09d96e47ae4dbe031d7a581647a87c38ec371bc2a2d4dc7cf
b1b2149b02b52cbc0bf03b394b73998de1ba758552708dbca70c905d60fcda95
c1005b74fbab6be82c27178528f1af32dbf3b8c80c3c49837a803b52bd2c14c5
c2c6f5ee6a3246a04bf53da71e88cd10dcbbbe9e67bb0164c78382ea25f1995e
c603d479bda9f20912f0131a9edc683c94d996842c12a646a26d37a037c41021
dc2c07de617f7df9f9c3d719dad28e82f60133a7b03b5ccd704e09dff89d1bd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155
fb6ebe23316c03fd8d25e871bfdd9c41eb77e14115f5a01e3e0d97b94617779e