ing-servicio.com
Open in
urlscan Pro
198.54.126.78
Malicious Activity!
Public Scan
Effective URL: https://ing-servicio.com/ing/ing/src/ing-app-login-sca-esd7a0.html?rev=1.18.0
Submission Tags: 7241029
Submission: On July 23 via api from NL
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 23rd 2021. Valid for: a year.
This is the only time ing-servicio.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 198.54.126.78 198.54.126.78 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2606:4700:20:... 2606:4700:20::ac43:498e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 193.41.234.21 193.41.234.21 | 16289 (ING-DIREC...) (ING-DIRECT-SPAIN) | |
11 | 5 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server33-4.web-hosting.com
ing-servicio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
ing-servicio.com
ing-servicio.com |
98 KB |
2 |
ingdirect.es
1 redirects
ing.ingdirect.es |
818 B |
1 |
cloudflare.com
cdnjs.cloudflare.com |
68 KB |
1 |
wts.one
wts.one |
4 KB |
0 |
googleapis.com
Failed
ajax.googleapis.com Failed |
|
11 | 5 |
Domain | Requested by | |
---|---|---|
7 | ing-servicio.com |
ing-servicio.com
|
2 | ing.ingdirect.es |
1 redirects
ing-servicio.com
|
1 | cdnjs.cloudflare.com |
ing-servicio.com
|
1 | wts.one |
ing-servicio.com
|
0 | ajax.googleapis.com Failed |
ing-servicio.com
|
11 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.web-stat.fr |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ing-servicio.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-23 - 2022-07-23 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-17 - 2022-06-16 |
a year | crt.sh |
ing.ingdirect.es DigiCert SHA2 Extended Validation Server CA |
2020-07-09 - 2022-07-10 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://ing-servicio.com/ing/ing/src/ing-app-login-sca-esd7a0.html?rev=1.18.0
Frame ID: BB8E7095E52F663CA6A773FB832275A8
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://ing-servicio.com/ing/ing/ Page URL
- https://ing-servicio.com/ing/ing/src/ing-app-login-sca-es.html?rev=1.18.0 Page URL
- https://ing-servicio.com/ing/ing/src/ing-app-login-sca-esd7a0.html?rev=1.18.0 Page URL
Detected technologies
LiteSpeed (Web Servers) ExpandDetected patterns
- headers server /^LiteSpeed$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ing-servicio.com/ing/ing/ Page URL
- https://ing-servicio.com/ing/ing/src/ing-app-login-sca-es.html?rev=1.18.0 Page URL
- https://ing-servicio.com/ing/ing/src/ing-app-login-sca-esd7a0.html?rev=1.18.0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://ing.ingdirect.es/app-login/assets/images/svg/logoING.svg HTTP 302
- https://ing.ingdirect.es/pfm/
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
ing-servicio.com/ing/ing/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ing-app-login-sca-es.html
ing-servicio.com/ing/ing/src/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
ing-app-login-sca-esd7a0.html
ing-servicio.com/ing/ing/src/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
ing-servicio.com/ing/ing/ |
80 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2050546.png
wts.one/7/1/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ |
274 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ing-lion-reversed.svg
ing-servicio.com/ing/ing/assets/images/svg/ |
27 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ing.ingdirect.es/pfm/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
INGMeWeb-Regular.woff
ing-servicio.com/ing/ing/fonts/ |
36 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
INGMeWeb-Bold.woff
ing-servicio.com/ing/ing/fonts/ |
37 KB 38 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ajax.googleapis.com
- URL
- http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| ModifyPlaceHolder0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
ing-servicio.com
ing.ingdirect.es
wts.one
ajax.googleapis.com
193.41.234.21
198.54.126.78
2606:4700:20::ac43:498e
2606:4700::6810:125e
4a0a7668aaa847d33f49023d0982c6331bc9705cad2586eccb8086a680ef534c
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
68a9a1a0c4d18802f90003de07c41b2814b2512ed72d7ec4b2000930c3670aa2
6b3c4d3e255d73ca9e57959f5860c8357dbfad51249a6ee5a969c0d75f38f462
78d19a5aa3687380ec6fd3520dc1bcbcd90a1a575f514ce049efffb0eb050f9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cb35bd410aba4b717a1cc46814a88b50ff311f9514630dffa3480cb43b92e0
e833fa483624aaf1dbe5886fec00df699894ed9a5561eef4ce0c842f512d1b54