ingenetix.centraal-onderhoud.eu
Open in
urlscan Pro
185.250.251.20
Malicious Activity!
Public Scan
Effective URL: https://ingenetix.centraal-onderhoud.eu/VChxj47dhsx/
Submission: On August 08 via manual from NL
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on August 8th 2019. Valid for: 3 months.
This is the only time ingenetix.centraal-onderhoud.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2606:4700:30:... 2606:4700:30::681c:151c | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2a00:f48:2000... 2a00:f48:2000:affe::50 | 47447 (TTM) (TTM) | |
12 | 185.250.251.20 185.250.251.20 | 31400 (ACCELERAT...) (ACCELERATED-IT) | |
13 | 2 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
linksplit.io |
ASN31400 (ACCELERATED-IT, DE)
PTR: vweb02.mine-host.de
ingenetix.centraal-onderhoud.eu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
centraal-onderhoud.eu
ingenetix.centraal-onderhoud.eu |
238 KB |
2 |
linksplit.io
2 redirects
linksplit.io |
875 B |
1 |
12hp.at
maxbwave.12hp.at |
379 B |
13 | 3 |
Domain | Requested by | |
---|---|---|
12 | ingenetix.centraal-onderhoud.eu |
ingenetix.centraal-onderhoud.eu
|
2 | linksplit.io | 2 redirects |
1 | maxbwave.12hp.at | |
13 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
inlogcodes.mijn.ing.nl |
aanvragen.ing.nl |
www.ing.nl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
maxbwave.12hp.at Let's Encrypt Authority X3 |
2019-08-08 - 2019-11-06 |
3 months | crt.sh |
ingenetix.centraal-onderhoud.eu Let's Encrypt Authority X3 |
2019-08-08 - 2019-11-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ingenetix.centraal-onderhoud.eu/VChxj47dhsx/
Frame ID: 000F6DD4C2B354A8CB31B171A00D31AE
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://linksplit.io/rTSRC0h
HTTP 301
https://linksplit.io/rTSRC0h HTTP 302
https://maxbwave.12hp.at/-/rechts.php Page URL
- https://ingenetix.centraal-onderhoud.eu/VChxj47dhsx/ Page URL
Detected technologies
Lua (Programming Languages) ExpandDetected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Gebruikersnaam of wachtwoord vergeten?
Search URL Search Domain Scan URL
Title: Mijn ING aanvragen
Search URL Search Domain Scan URL
Title: Contact met ING
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://linksplit.io/rTSRC0h
HTTP 301
https://linksplit.io/rTSRC0h HTTP 302
https://maxbwave.12hp.at/-/rechts.php Page URL
- https://ingenetix.centraal-onderhoud.eu/VChxj47dhsx/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://linksplit.io/rTSRC0h HTTP 301
- https://linksplit.io/rTSRC0h HTTP 302
- https://maxbwave.12hp.at/-/rechts.php
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
rechts.php
maxbwave.12hp.at/-/ Redirect Chain
|
59 B 379 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
ingenetix.centraal-onderhoud.eu/VChxj47dhsx/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsq.js
ingenetix.centraal-onderhoud.eu/VChxj47dhsx/ |
111 KB 112 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ing-logo.svg
ingenetix.centraal-onderhoud.eu/VChxj47dhsx/css/img/ |
11 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alert-error.svg
ingenetix.centraal-onderhoud.eu/VChxj47dhsx/css/img/ |
623 B 816 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkbox.svg
ingenetix.centraal-onderhoud.eu/VChxj47dhsx/css/img/ |
281 B 474 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-chevron-open-right.svg
ingenetix.centraal-onderhoud.eu/VChxj47dhsx/css/img/ |
366 B 559 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menu-close.svg
ingenetix.centraal-onderhoud.eu/VChxj47dhsx/css/img/ |
348 B 541 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustratie_algemenestoring.png
ingenetix.centraal-onderhoud.eu/VChxj47dhsx/css/img/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.css
ingenetix.centraal-onderhoud.eu/VChxj47dhsx/ |
15 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
811383197.svg
ingenetix.centraal-onderhoud.eu/VChxj47dhsx/css/img/ |
21 KB 21 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1224525800.woff2
ingenetix.centraal-onderhoud.eu/VChxj47dhsx/css/fonts/ |
30 KB 30 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_388920554.woff2
ingenetix.centraal-onderhoud.eu/VChxj47dhsx/css/fonts/ |
29 KB 29 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ingenetix.centraal-onderhoud.eu
linksplit.io
maxbwave.12hp.at
185.250.251.20
2606:4700:30::681c:151c
2a00:f48:2000:affe::50
1e932fd1c21334067f030f29d277be08c51604c49d3dffe1600b891fceae4e3f
3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e
3e5c9215408174cff78c491ad0cd933f2cf7c21bdaf61d71abac85e49f901fd2
4022271930d079acbbf85b25ee337d77605cb3f55fc15eb14d0e3c3fefd1c99e
403237e689dc78baa222a8d6cb6e3455d49c6dcef78391657e52f4161ee3da36
71345e7c99ee0f1cadbc1d9c778e97195c6859d5ba04ef931f306b06aa2ba683
83fd226ddbc6ab7a502849918dc525f5cd4a2c3d63711ffe9c08570d535bead9
84a60ca3b0ec180e3295696847244027db35fc8bd6f3c4919efcb0bdfa01d87a
9030f83b22e9a96c2aafff1a3abfdd4ffd0cffa31e1748df717d84282fba82b5
b90e10d7180b7429755bc1da73e716f93d3343e6f3e933ad905c9ef0b555f700
c40c32284db736cf15432a4da1684b391bb82d244589b2001f83a4cbd8e984bb
e86ba4f8dd6a82f423fbc44a456b3849eab753d9cee1057159093b9005ecb711
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155