verzoek.online-gelijk.xyz
Open in
urlscan Pro
31.220.29.65
Malicious Activity!
Public Scan
Submission Tags: @jcybersec_
Submission: On June 16 via api from GB
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on June 16th 2020. Valid for: 3 months.
This is the only time verzoek.online-gelijk.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 31.220.29.65 31.220.29.65 | 25369 (BANDWIDTH-AS) (BANDWIDTH-AS) | |
9 | 1 |
ASN25369 (BANDWIDTH-AS, GB)
PTR: hosting.albahost.net
verzoek.online-gelijk.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
online-gelijk.xyz
verzoek.online-gelijk.xyz |
169 KB |
9 | 1 |
Domain | Requested by | |
---|---|---|
9 | verzoek.online-gelijk.xyz |
verzoek.online-gelijk.xyz
|
9 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.ing.jobs |
www.facebook.com |
twitter.com |
instagram.com |
www.linkedin.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
verzoek.online-gelijk.xyz Let's Encrypt Authority X3 |
2020-06-16 - 2020-09-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://verzoek.online-gelijk.xyz/pay
Frame ID: B305D0968E5AC55CEDC1E3F27B663647
Requests: 9 HTTP requests in this frame
6 Outgoing links
These are links going to different origins than the main page.
Title: Werken bij ING
Search URL Search Domain Scan URL
Title: ING op Facebook
Search URL Search Domain Scan URL
Title: ING op Twitter
Search URL Search Domain Scan URL
Title: ING op Instagram
Search URL Search Domain Scan URL
Title: ING op LinkedIn
Search URL Search Domain Scan URL
Title: ING op Youtube
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
pay
verzoek.online-gelijk.xyz/ |
23 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
verzoek.online-gelijk.xyz/public/verzoek/css/ |
651 KB 66 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gBetaalverzoek-algemeen.svg
verzoek.online-gelijk.xyz/public/verzoek/img/ |
9 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gBetaalverzoek-ideal.svg
verzoek.online-gelijk.xyz/public/verzoek/img/ |
18 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
INGMeWeb-Bold.woff
verzoek.online-gelijk.xyz/public/verzoek/font/ |
23 KB 4 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
INGMeWeb-Regular.woff
verzoek.online-gelijk.xyz/public/verzoek/font/ |
23 KB 4 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ing-icons-v4-6.woff
verzoek.online-gelijk.xyz/public/verzoek/font/ |
68 KB 69 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
INGMeWeb-Bold.ttf
verzoek.online-gelijk.xyz/public/verzoek/font/ |
23 KB 4 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
INGMeWeb-Regular.ttf
verzoek.online-gelijk.xyz/public/verzoek/font/ |
23 KB 4 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
verzoek.online-gelijk.xyz/ | Name: PHPSESSID Value: jp5g2tmlv7t8r4cpoirr9gtprh |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
verzoek.online-gelijk.xyz
31.220.29.65
3b5249aa62da52d9853ebd8a7c8f43ed84b3941f10bd6cd7eff0619889daa2d2
4d44e96e620584c1588fd60045508c88cd0a8ed6f6e3d9c9105b7ec803045e8b
80f705db087ae0810b0e69fa34e3f9f86caf425912a68d22b9df8c6ec0c440d4
b3aea53b8e6c1bba6a6f65340faecf79f4b704770ce55fd6f26c4cefb47609a7
fe17c85838590018104a44464eb8db80f843d7c152f4a1c34438c0fad626c22a