q.ipsos.pl
Open in
urlscan Pro
80.66.139.206
Malicious Activity!
Public Scan
Submission: On November 24 via manual from CH — Scanned from DE
Summary
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on March 31st 2022. Valid for: a year.
This is the only time q.ipsos.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 80.66.139.206 80.66.139.206 | 1239 (SPRINTLINK) (SPRINTLINK) | |
4 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
12 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
ipsos.pl
q.ipsos.pl |
283 KB |
4 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223 |
97 KB |
12 | 2 |
Domain | Requested by | |
---|---|---|
8 | q.ipsos.pl |
q.ipsos.pl
cdnjs.cloudflare.com |
4 | cdnjs.cloudflare.com |
q.ipsos.pl
cdnjs.cloudflare.com |
12 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ipsos.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2022-03-31 - 2023-05-01 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://q.ipsos.pl/moja-opinia/c/ing2b-inet/da17f3e71f7fbdc0/pl
Frame ID: A559A5C5CAD636F6BD0E94A387015C7F
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
ING Bank Śląski - Bankowość internetowaDetected technologies
jQuery Mobile (Mobile Frameworks) ExpandDetected patterns
- jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
pl
q.ipsos.pl/moja-opinia/c/ing2b-inet/da17f3e71f7fbdc0/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mobile.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-mobile/1.4.5/ |
203 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-98444415ac32.css
q.ipsos.pl/moja-opinia/c/ing2b-inet/da17f3e71f7fbdc0/css/ |
80 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ |
82 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mobile.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-mobile/1.4.5/ |
195 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-a58cee9cb9a2.js
q.ipsos.pl/moja-opinia/c/ing2b-inet/da17f3e71f7fbdc0/js/ |
50 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-857f4ce6adbf.js
q.ipsos.pl/moja-opinia/c/ing2b-inet/da17f3e71f7fbdc0/js/ |
100 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
da17f3e71f7fbdc0
q.ipsos.pl/nsdc/token/ing2b/ |
97 B 248 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
34 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
INGMe-Bold.woff
q.ipsos.pl/moja-opinia/c/ing2b-inet/da17f3e71f7fbdc0/fonts/ |
37 KB 38 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/jquery-mobile/1.4.5/images/ |
6 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
INGMe-Regular.woff
q.ipsos.pl/moja-opinia/c/ing2b-inet/da17f3e71f7fbdc0/fonts/ |
36 KB 37 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.png
q.ipsos.pl/moja-opinia/c/ing2b-inet/da17f3e71f7fbdc0/i/ |
136 KB 136 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| require function| appEnvIsTesting function| appEnvDisplaySymbols function| appEnvDisplayRealSymbols object| log string| __version function| __ object| i18n object| schema_ing2b-inet0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
q.ipsos.pl
2606:4700::6811:180e
80.66.139.206
052f972c8648857d6f84d36f8059c04138bbad6d4d056c002fca48e76f7728be
13734724851a725607110eae46792f0fbdab0266c961527ddac08e53fd1177bb
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950
4a0a7668aaa847d33f49023d0982c6331bc9705cad2586eccb8086a680ef534c
5c281a005beab10ae43215778762481dc0d01396b9372e458c31fb0e94be288d
6c537ece4b92ab5da7d3ad2d375ce522140a9b89544fc531cd25f7955064669f
8413c22c29403a011e6fe11f34160f4e41f77c24cdcf009d9765630bb3a1af89
a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc
ae276c24bb016ae2c50dbbf805005744e46cd62a51b503c116a0a3f2865665c3
aefc4a22c814ea72bb61fc578c5158b50d08f280ad8e65b0ca89ed3f5fc6fe14
e5cb35bd410aba4b717a1cc46814a88b50ff311f9514630dffa3480cb43b92e0